package com.sun.identity.federation.services;

import com.sun.identity.common.SystemConfigurationException;
import com.sun.identity.common.SystemConfigurationUtil;
import com.sun.identity.federation.common.FSException;
import com.sun.identity.federation.common.FSUtils;
import com.sun.identity.federation.common.IFSConstants;
import com.sun.identity.federation.common.LogUtil;
import com.sun.identity.federation.jaxb.entityconfig.BaseConfigType;
import com.sun.identity.federation.jaxb.entityconfig.IDPDescriptorConfigElement;
import com.sun.identity.federation.key.KeyUtil;
import com.sun.identity.federation.message.FSAssertion;
import com.sun.identity.federation.message.FSAuthnRequest;
import com.sun.identity.federation.message.FSFederationTerminationNotification;
import com.sun.identity.federation.message.FSLogoutNotification;
import com.sun.identity.federation.message.FSLogoutResponse;
import com.sun.identity.federation.message.FSNameIdentifierMappingRequest;
import com.sun.identity.federation.message.FSNameIdentifierMappingResponse;
import com.sun.identity.federation.message.FSNameRegistrationRequest;
import com.sun.identity.federation.message.FSNameRegistrationResponse;
import com.sun.identity.federation.message.FSResponse;
import com.sun.identity.federation.message.FSSAMLRequest;
import com.sun.identity.federation.message.common.EncryptedNameIdentifier;
import com.sun.identity.federation.message.common.FSMsgException;
import com.sun.identity.federation.meta.IDFFMetaException;
import com.sun.identity.federation.meta.IDFFMetaManager;
import com.sun.identity.federation.meta.IDFFMetaUtils;
import com.sun.identity.federation.plugins.FederationSPAdapter;
import com.sun.identity.federation.services.fednsso.FSSSOBrowserArtifactProfileHandler;
import com.sun.identity.federation.services.fednsso.FSSSOLECPProfileHandler;
import com.sun.identity.federation.services.logout.FSLogoutStatus;
import com.sun.identity.federation.services.logout.FSLogoutUtil;
import com.sun.identity.federation.services.logout.FSPreLogoutHandler;
import com.sun.identity.federation.services.namemapping.FSNameMappingHandler;
import com.sun.identity.federation.services.registration.FSNameRegistrationHandler;
import com.sun.identity.federation.services.termination.FSFedTerminationHandler;
import com.sun.identity.federation.services.util.FSServiceUtils;
import com.sun.identity.liberty.ws.meta.jaxb.IDPDescriptorType;
import com.sun.identity.liberty.ws.meta.jaxb.ProviderDescriptorType;
import com.sun.identity.liberty.ws.meta.jaxb.SPDescriptorType;
import com.sun.identity.liberty.ws.paos.PAOSConstants;
import com.sun.identity.saml.assertion.NameIdentifier;
import com.sun.identity.saml.common.SAMLConstants;
import com.sun.identity.saml.common.SAMLException;
import com.sun.identity.saml.common.SAMLResponderException;
import com.sun.identity.saml.common.SAMLUtils;
import com.sun.identity.saml.protocol.Status;
import com.sun.identity.saml.protocol.StatusCode;
import com.sun.identity.saml.xmlsig.XMLSignatureManager;
import com.sun.identity.saml2.common.SAML2Constants;
import com.sun.identity.shared.xml.XMLUtils;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.PrintStream;
import java.net.URL;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.logging.Level;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.soap.MessageFactory;
import javax.xml.soap.SOAPException;
import javax.xml.soap.SOAPMessage;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:com/sun/identity/federation/services/FSSOAPReceiver.class */
public class FSSOAPReceiver extends HttpServlet {
    private static MessageFactory msgFactory = null;
    private static FSSOAPService soapService;
    private static final String MESSAGE = "message";
    private static final String USERID = "userID";

    public void init(ServletConfig servletConfig) throws ServletException {
        super.init(servletConfig);
        soapService = FSSOAPService.getInstance();
        try {
            msgFactory = MessageFactory.newInstance();
        } catch (SOAPException e) {
            FSUtils.debug.error("FSSOAPReceiver:Unable to get message factory", e);
            throw new ServletException(e.getMessage());
        }
    }

    public void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        FSUtils.debug.message("FSSOAPReceiver.doPost: Called");
        FSUtils.checkHTTPRequestLength(httpServletRequest);
        try {
            onMessage(httpServletRequest, httpServletResponse, msgFactory.createMessage(SAMLUtils.getMimeHeaders(httpServletRequest), httpServletRequest.getInputStream()));
        } catch (SOAPException e) {
            throw new ServletException(e);
        }
    }

    public void onMessage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SOAPMessage sOAPMessage) {
        Element parseSOAPMessage;
        FSLogoutResponse fSLogoutResponse;
        FederationSPAdapter sPAdapter;
        SOAPMessage bind;
        FSUtils.debug.message("FSSOAPReceiver.onMessage: Called");
        try {
            parseSOAPMessage = soapService.parseSOAPMessage(sOAPMessage);
        } catch (Exception e) {
            FSUtils.debug.error("FSSOAPReceiver.onMessage: Error in processing Request: Exception occured: ", e);
            httpServletResponse.setStatus(IFSConstants.MAX_CACHING_TIME);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            e.printStackTrace(new PrintStream(byteArrayOutputStream));
            FSUtils.debug.error(byteArrayOutputStream.toString());
            returnSOAPMessage(soapService.formSOAPError(SAML2Constants.SERVER_FAULT, "cannotProcessRequest", null), httpServletResponse);
        }
        if (parseSOAPMessage == null) {
            FSUtils.debug.error("FSSOAPReceiver.onMessage: Error in processing saml:Request. Invalid SOAPMessage");
            httpServletResponse.setStatus(IFSConstants.MAX_CACHING_TIME);
            returnSOAPMessage(soapService.formSOAPError(SAML2Constants.SERVER_FAULT, "cannotProcessRequest", null), httpServletResponse);
            return;
        }
        String trim = parseSOAPMessage.getTagName().trim();
        String trim2 = parseSOAPMessage.getNamespaceURI().trim();
        String trim3 = parseSOAPMessage.getLocalName().trim();
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("FSSOAPReceiver.onMessage: tagName: " + trim + " namespaceUri: " + trim2 + " localName: " + trim3);
        }
        if (trim3.equalsIgnoreCase(PAOSConstants.REQUEST) && trim2.equalsIgnoreCase("urn:oasis:names:tc:SAML:1.0:protocol")) {
            try {
                FSSAMLRequest fSSAMLRequest = new FSSAMLRequest(parseSOAPMessage);
                IDFFMetaManager iDFFMetaManager = FSUtils.getIDFFMetaManager();
                if (iDFFMetaManager == null) {
                    FSUtils.debug.error("FSSOAPReceiver.onMessage: could not create meta instance");
                    httpServletResponse.setStatus(IFSConstants.MAX_CACHING_TIME);
                    returnSOAPMessage(soapService.formSOAPError(SAML2Constants.SERVER_FAULT, "cannotProcessRequest", null), httpServletResponse);
                    return;
                }
                String metaAlias = FSServiceUtils.getMetaAlias(httpServletRequest);
                String realmByMetaAlias = IDFFMetaUtils.getRealmByMetaAlias(metaAlias);
                String entityIDByMetaAlias = iDFFMetaManager.getEntityIDByMetaAlias(metaAlias);
                IDPDescriptorType iDPDescriptor = iDFFMetaManager.getIDPDescriptor(realmByMetaAlias, entityIDByMetaAlias);
                BaseConfigType iDPDescriptorConfig = iDFFMetaManager.getIDPDescriptorConfig(realmByMetaAlias, entityIDByMetaAlias);
                FSSSOBrowserArtifactProfileHandler fSSSOBrowserArtifactProfileHandler = (FSSSOBrowserArtifactProfileHandler) FSServiceManager.getInstance().getBrowserArtifactSSOAndFedHandler(httpServletRequest, httpServletResponse, fSSAMLRequest);
                fSSSOBrowserArtifactProfileHandler.setSOAPMessage(sOAPMessage);
                fSSSOBrowserArtifactProfileHandler.setSAMLRequestElement(parseSOAPMessage);
                fSSSOBrowserArtifactProfileHandler.setHostedEntityId(entityIDByMetaAlias);
                fSSSOBrowserArtifactProfileHandler.setHostedDescriptor(iDPDescriptor);
                fSSSOBrowserArtifactProfileHandler.setHostedDescriptorConfig(iDPDescriptorConfig);
                fSSSOBrowserArtifactProfileHandler.setMetaAlias(metaAlias);
                fSSSOBrowserArtifactProfileHandler.setRealm(realmByMetaAlias);
                FSResponse processSAMLRequest = fSSSOBrowserArtifactProfileHandler.processSAMLRequest(fSSAMLRequest);
                if (processSAMLRequest == null) {
                    FSUtils.debug.error("FSSOAPReceiver.onMessage: SAML Response is null");
                    httpServletResponse.setStatus(IFSConstants.MAX_CACHING_TIME);
                    returnSOAPMessage(soapService.formSOAPError(SAML2Constants.SERVER_FAULT, "cannotProcessRequest", null), httpServletResponse);
                    return;
                }
                if (FSUtils.debug.messageEnabled()) {
                    FSUtils.debug.message("FSSOAPReceiver.onMessage: SAML Response created: " + processSAMLRequest.toXMLString());
                }
                SOAPMessage bind2 = soapService.bind(processSAMLRequest.toXMLString(true, true));
                if (FSServiceUtils.isSigningOn()) {
                    for (FSAssertion fSAssertion : processSAMLRequest.getAssertion()) {
                        String id = fSAssertion.getID();
                        Document document = (Document) FSServiceUtils.createSOAPDOM(bind2);
                        String firstAttributeValueFromConfig = IDFFMetaUtils.getFirstAttributeValueFromConfig(iDPDescriptorConfig, "signingCertAlias");
                        if (firstAttributeValueFromConfig == null) {
                            if (FSUtils.debug.messageEnabled()) {
                                FSUtils.debug.message("SOAPReceiver.onMessage: couldn't obtain this site's cert alias.");
                            }
                            throw new SAMLResponderException(FSUtils.bundle.getString("cannotFindCertAlias"));
                        }
                        XMLSignatureManager xMLSignatureManager = XMLSignatureManager.getInstance();
                        int minorVersion = fSAssertion.getMinorVersion();
                        if (minorVersion == 0) {
                            xMLSignatureManager.signXML(document, firstAttributeValueFromConfig, SystemConfigurationUtil.getProperty("com.sun.identity.saml.xmlsig.xmlSigAlgorithm"), "id", id, false);
                        } else if (minorVersion == 2 || minorVersion == 2) {
                            xMLSignatureManager.signXML(document, firstAttributeValueFromConfig, SystemConfigurationUtil.getProperty("com.sun.identity.saml.xmlsig.xmlSigAlgorithm"), "AssertionID", fSAssertion.getAssertionID(), false);
                        } else {
                            FSUtils.debug.error("invalid minor version.");
                        }
                        bind2 = FSServiceUtils.convertDOMToSOAP(document);
                    }
                }
                if (bind2 != null) {
                    returnSOAPMessage(bind2, httpServletResponse);
                    return;
                }
                FSUtils.debug.error("FSSOAPReceiver.onMessage: Error in processing saml:Request");
                httpServletResponse.setStatus(IFSConstants.MAX_CACHING_TIME);
                returnSOAPMessage(soapService.formSOAPError(SAML2Constants.SERVER_FAULT, "cannotProcessRequest", null), httpServletResponse);
                return;
            } catch (IDFFMetaException e2) {
                FSUtils.debug.error("FSSOAPReceiver.onMessage: Error in processing saml:Request:", e2);
                httpServletResponse.setStatus(IFSConstants.MAX_CACHING_TIME);
                returnSOAPMessage(soapService.formSOAPError(SAML2Constants.SERVER_FAULT, "cannotProcessRequest", null), httpServletResponse);
                return;
            } catch (SAMLException e3) {
                FSUtils.debug.error("FSSOAPReceiver.onMessage: Error in processing saml:Request:", e3);
                httpServletResponse.setStatus(IFSConstants.MAX_CACHING_TIME);
                returnSOAPMessage(soapService.formSOAPError(SAML2Constants.SERVER_FAULT, "cannotProcessRequest", null), httpServletResponse);
                return;
            }
        }
        if (trim3.equalsIgnoreCase("AuthnRequest") && (trim2.equalsIgnoreCase("http://projectliberty.org/schemas/core/2002/12") || trim2.equalsIgnoreCase("urn:liberty:iff:2003-08"))) {
            try {
                handleLECPRequest(httpServletRequest, httpServletResponse, new FSAuthnRequest(parseSOAPMessage));
                returnSOAPMessage(null, httpServletResponse);
                return;
            } catch (FSException e4) {
                FSUtils.debug.error("FSSOAPReceiver.onMessage: Error in processing lecp AuthnRequest:", e4);
                httpServletResponse.setStatus(IFSConstants.MAX_CACHING_TIME);
                returnSOAPMessage(soapService.formSOAPError(SAML2Constants.SERVER_FAULT, "cannotProcessRequest", null), httpServletResponse);
                return;
            }
        }
        if (!trim3.equalsIgnoreCase(IFSConstants.NAME_REGISTRATION_REQUEST) || (!trim2.equalsIgnoreCase("http://projectliberty.org/schemas/core/2002/12") && !trim2.equalsIgnoreCase("urn:liberty:iff:2003-08"))) {
            if (trim3.equalsIgnoreCase(IFSConstants.NAMEID_MAPPING_REQUEST) && (trim2.equalsIgnoreCase("http://projectliberty.org/schemas/core/2002/12") || trim2.equalsIgnoreCase("urn:liberty:iff:2003-08"))) {
                FSUtils.debug.message("FSSOAPReceiver:handling Name Identifier Mapping Request");
                IDFFMetaManager iDFFMetaManager2 = FSUtils.getIDFFMetaManager();
                String metaAlias2 = FSServiceUtils.getMetaAlias(httpServletRequest);
                String realmByMetaAlias2 = IDFFMetaUtils.getRealmByMetaAlias(metaAlias2);
                String entityIDByMetaAlias2 = iDFFMetaManager2.getEntityIDByMetaAlias(metaAlias2);
                IDPDescriptorType iDPDescriptor2 = iDFFMetaManager2.getIDPDescriptor(realmByMetaAlias2, entityIDByMetaAlias2);
                IDPDescriptorConfigElement iDPDescriptorConfig2 = iDFFMetaManager2.getIDPDescriptorConfig(realmByMetaAlias2, entityIDByMetaAlias2);
                FSNameIdentifierMappingRequest fSNameIdentifierMappingRequest = new FSNameIdentifierMappingRequest(parseSOAPMessage);
                if (FSServiceUtils.isSigningOn()) {
                    String providerID = fSNameIdentifierMappingRequest.getProviderID();
                    ProviderDescriptorType remoteProviderDescriptor = getRemoteProviderDescriptor("IDP", providerID, realmByMetaAlias2);
                    if (remoteProviderDescriptor == null) {
                        return;
                    }
                    if (!verifyRequestSignature(parseSOAPMessage, sOAPMessage, KeyUtil.getVerificationCert(remoteProviderDescriptor, providerID, true))) {
                        FSUtils.debug.error("Failed verifying Name Identifier Mapping Request");
                        returnSOAPMessage(soapService.formSOAPError(SAML2Constants.SERVER_FAULT, "cannotProcessRequest", null), httpServletResponse);
                        return;
                    } else if (FSUtils.debug.messageEnabled()) {
                        FSUtils.debug.message("FSSOAPReceiver: Success in verifying Name Identifier Mapping Request");
                    }
                }
                String targetNamespace = fSNameIdentifierMappingRequest.getTargetNamespace();
                String requestID = fSNameIdentifierMappingRequest.getRequestID();
                Status status = new Status(new StatusCode("samlp:Success"));
                NameIdentifier nameIdentifier = new FSNameMappingHandler(entityIDByMetaAlias2, iDPDescriptor2, iDPDescriptorConfig2, metaAlias2).getNameIdentifier(fSNameIdentifierMappingRequest, targetNamespace, false);
                String firstAttributeValueFromConfig2 = IDFFMetaUtils.getFirstAttributeValueFromConfig(iDPDescriptorConfig2, IFSConstants.ENABLE_NAMEID_ENCRYPTION);
                if (firstAttributeValueFromConfig2 != null && firstAttributeValueFromConfig2.equalsIgnoreCase("true")) {
                    nameIdentifier = EncryptedNameIdentifier.getEncryptedNameIdentifier(nameIdentifier, realmByMetaAlias2, targetNamespace);
                }
                FSNameIdentifierMappingResponse fSNameIdentifierMappingResponse = new FSNameIdentifierMappingResponse(entityIDByMetaAlias2, requestID, status, nameIdentifier);
                if (FSServiceUtils.isSigningOn()) {
                    fSNameIdentifierMappingResponse.signXML(IDFFMetaUtils.getFirstAttributeValueFromConfig(iDPDescriptorConfig2, "signingCertAlias"));
                }
                returnSOAPMessage(soapService.bind(fSNameIdentifierMappingResponse.toXMLString(true, true)), httpServletResponse);
                return;
            }
            if (trim3.equalsIgnoreCase(IFSConstants.FEDERATION_TERMINATION_NOTICFICATION) && (trim2.equalsIgnoreCase("http://projectliberty.org/schemas/core/2002/12") || trim2.equalsIgnoreCase("urn:liberty:iff:2003-08"))) {
                try {
                    FSUtils.debug.message("calling FSSOAPReceiver::handleTerminationRequest");
                    if (handleTerminationRequest(parseSOAPMessage, sOAPMessage, httpServletRequest, httpServletResponse)) {
                        FSUtils.debug.message("Completed processing terminationRequest");
                        returnTerminationStatus(httpServletResponse);
                        return;
                    } else {
                        FSUtils.debug.message("Failed processing terminationRequest");
                        returnSOAPMessage(soapService.formSOAPError(SAML2Constants.SERVER_FAULT, "cannotProcessRequest", null), httpServletResponse);
                        return;
                    }
                } catch (Exception e5) {
                    FSUtils.debug.error("Error in processing Federation Termination Request", e5);
                    LogUtil.error(Level.INFO, LogUtil.TERMINATION_REQUEST_PROCESSING_FAILED, new String[]{IFSConstants.TERMINATION_REQUEST_PROCESSING_FAILED});
                    returnSOAPMessage(soapService.formSOAPError(SAML2Constants.SERVER_FAULT, "cannotProcessRequest", null), httpServletResponse);
                    return;
                }
            }
            if (trim3.equalsIgnoreCase("LogoutRequest") && (trim2.equalsIgnoreCase("http://projectliberty.org/schemas/core/2002/12") || trim2.equalsIgnoreCase("urn:liberty:iff:2003-08"))) {
                try {
                    FSUtils.debug.message("calling FSSOAPReceiver::handleLogoutRequest");
                    IDPDescriptorType iDPDescriptorType = null;
                    IDPDescriptorConfigElement iDPDescriptorConfigElement = null;
                    String str = null;
                    String str2 = null;
                    String str3 = null;
                    String str4 = null;
                    try {
                        str = FSServiceUtils.getMetaAlias(httpServletRequest);
                        str2 = IDFFMetaUtils.getRealmByMetaAlias(str);
                        IDFFMetaManager iDFFMetaManager3 = FSUtils.getIDFFMetaManager();
                        str4 = iDFFMetaManager3.getProviderRoleByMetaAlias(str);
                        str3 = iDFFMetaManager3.getEntityIDByMetaAlias(str);
                        if (str4 != null) {
                            if (str4.equalsIgnoreCase("IDP")) {
                                iDPDescriptorType = iDFFMetaManager3.getIDPDescriptor(str2, str3);
                                iDPDescriptorConfigElement = iDFFMetaManager3.getIDPDescriptorConfig(str2, str3);
                            } else if (str4.equalsIgnoreCase(IFSConstants.SP)) {
                                iDPDescriptorType = iDFFMetaManager3.getSPDescriptor(str2, str3);
                                iDPDescriptorConfigElement = iDFFMetaManager3.getSPDescriptorConfig(str2, str3);
                            }
                        }
                    } catch (Exception e6) {
                        FSUtils.debug.error("FSSOAPReceiver, provider", e6);
                    }
                    FSLogoutNotification fSLogoutNotification = new FSLogoutNotification(parseSOAPMessage);
                    Map handleLogoutRequest = handleLogoutRequest(parseSOAPMessage, fSLogoutNotification, sOAPMessage, httpServletRequest, httpServletResponse, iDPDescriptorType, iDPDescriptorConfigElement, str, str2, str3, str4);
                    String generateID = SAMLUtils.generateID();
                    String requestID2 = fSLogoutNotification.getRequestID();
                    String relayState = fSLogoutNotification.getRelayState();
                    boolean z = false;
                    if (handleLogoutRequest == null) {
                        fSLogoutResponse = new FSLogoutResponse(generateID, requestID2, new Status(new StatusCode(IFSConstants.SAML_RESPONDER)), str3, relayState);
                    } else if (((SOAPMessage) handleLogoutRequest.get("message")).getSOAPPart().getEnvelope().getBody().hasFault()) {
                        fSLogoutResponse = new FSLogoutResponse(generateID, requestID2, new Status(new StatusCode(IFSConstants.SAML_RESPONDER, new StatusCode(IFSConstants.SAML_UNSUPPORTED))), str3, relayState);
                    } else {
                        fSLogoutResponse = new FSLogoutResponse(generateID, requestID2, new Status(new StatusCode("samlp:Success")), str3, relayState);
                        z = true;
                    }
                    fSLogoutResponse.setID(IFSConstants.LOGOUTID);
                    fSLogoutResponse.setMinorVersion(fSLogoutNotification.getMinorVersion());
                    SOAPMessage bind3 = soapService.bind(fSLogoutResponse.toXMLString(true, true));
                    if (str4 != null && str4.equalsIgnoreCase(IFSConstants.SP) && z && (sPAdapter = FSServiceUtils.getSPAdapter(str3, iDPDescriptorConfigElement)) != null) {
                        if (FSUtils.debug.messageEnabled()) {
                            FSUtils.debug.message("FSSOAPReceiver, call postSingleLogoutSuccess, IDP/SOAP");
                        }
                        try {
                            sPAdapter.postSingleLogoutSuccess(str3, httpServletRequest, httpServletResponse, (String) handleLogoutRequest.get("userID"), fSLogoutNotification, fSLogoutResponse, IFSConstants.LOGOUT_IDP_SOAP_PROFILE);
                        } catch (Exception e7) {
                            FSUtils.debug.error("postSingleLogoutSuccess.IDP/SOAP", e7);
                        }
                    }
                    if (FSServiceUtils.isSigningOn()) {
                        try {
                            int minorVersion2 = fSLogoutResponse.getMinorVersion();
                            if (minorVersion2 == 0) {
                                bind3 = signResponse(bind3, "id", fSLogoutResponse.getID(), iDPDescriptorConfigElement);
                            } else if (minorVersion2 == 2) {
                                bind3 = signResponse(bind3, IFSConstants.RESPONSE_ID, fSLogoutResponse.getResponseID(), iDPDescriptorConfigElement);
                            } else {
                                FSUtils.debug.error("invalid minor version.");
                            }
                        } catch (FSMsgException e8) {
                            if (FSUtils.debug.messageEnabled()) {
                                FSUtils.debug.message("LogoutResponse failed", e8);
                            }
                            returnSOAPMessage(soapService.formSOAPError(SAML2Constants.SERVER_FAULT, "cannotProcessRequest", null), httpServletResponse);
                            return;
                        } catch (SAMLException e9) {
                            if (FSUtils.debug.messageEnabled()) {
                                FSUtils.debug.message("LogoutResponse failed", e9);
                            }
                            returnSOAPMessage(soapService.formSOAPError(SAML2Constants.SERVER_FAULT, "cannotProcessRequest", null), httpServletResponse);
                            return;
                        } catch (Exception e10) {
                            if (FSUtils.debug.messageEnabled()) {
                                FSUtils.debug.message("Logout exception:", e10);
                            }
                        }
                    }
                    returnSOAPMessage(bind3, httpServletResponse);
                    return;
                } catch (Exception e11) {
                    FSUtils.debug.error("Error in processing logout Request", e11);
                    LogUtil.error(Level.INFO, LogUtil.LOGOUT_REQUEST_PROCESSING_FAILED, new String[]{FSUtils.bundle.getString(IFSConstants.LOGOUT_REQUEST_PROCESSING_FAILED)});
                    returnSOAPMessage(soapService.formSOAPError(SAML2Constants.SERVER_FAULT, "cannotProcessRequest", null), httpServletResponse);
                    return;
                }
            }
            returnSOAPMessage(soapService.formSOAPError(SAML2Constants.SERVER_FAULT, "cannotProcessRequest", null), httpServletResponse);
            return;
        }
        boolean z2 = false;
        String str5 = null;
        ProviderDescriptorType providerDescriptorType = null;
        BaseConfigType baseConfigType = null;
        String str6 = null;
        String str7 = null;
        String str8 = null;
        try {
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("FSSOAPReceiver.onMessage: Handling NameRegistrationRequest");
            }
            IDFFMetaManager iDFFMetaManager4 = FSUtils.getIDFFMetaManager();
            if (iDFFMetaManager4 == null) {
                FSUtils.debug.message("Unable to get meta manager");
                z2 = true;
            } else {
                str5 = FSServiceUtils.getMetaAlias(httpServletRequest);
                if (str5 == null || str5.length() < 1) {
                    if (FSUtils.debug.messageEnabled()) {
                        FSUtils.debug.message("Unable to retrieve aliasHosted Provider. Cannot process request");
                    }
                    z2 = true;
                }
                str6 = IDFFMetaUtils.getRealmByMetaAlias(str5);
                try {
                    str8 = iDFFMetaManager4.getProviderRoleByMetaAlias(str5);
                    str7 = iDFFMetaManager4.getEntityIDByMetaAlias(str5);
                    if (str8 != null && str8.equals("IDP")) {
                        providerDescriptorType = iDFFMetaManager4.getIDPDescriptor(str6, str7);
                        baseConfigType = iDFFMetaManager4.getIDPDescriptorConfig(str6, str7);
                    } else if (str8 != null && str8.equals(IFSConstants.SP)) {
                        providerDescriptorType = iDFFMetaManager4.getSPDescriptor(str6, str7);
                        baseConfigType = iDFFMetaManager4.getSPDescriptorConfig(str6, str7);
                    }
                    if (providerDescriptorType == null) {
                        throw new IDFFMetaException((String) null);
                    }
                } catch (IDFFMetaException e12) {
                    FSUtils.debug.error("Unable to find Hosted Provider. Cannot process request");
                    z2 = true;
                }
            }
            if (z2 || providerDescriptorType == null) {
                returnSOAPMessage(null, httpServletResponse);
                return;
            }
            FSNameRegistrationResponse handleRegistrationRequest = handleRegistrationRequest(parseSOAPMessage, sOAPMessage, providerDescriptorType, baseConfigType, str8, str6, str7, str5, httpServletRequest, httpServletResponse);
            if (handleRegistrationRequest == null) {
                FSUtils.debug.error("Error in creating NameRegistration Response");
                httpServletResponse.setStatus(IFSConstants.MAX_CACHING_TIME);
                bind = soapService.formSOAPError(SAML2Constants.SERVER_FAULT, "cannotProcessRequest", null);
            } else {
                if (FSUtils.debug.messageEnabled()) {
                    FSUtils.debug.message("FSSOAPReceiver.onMessage: Completed creating response");
                }
                bind = soapService.bind(handleRegistrationRequest.toXMLString(true, true));
                FSUtils.debug.message("Completed bind message");
                if (bind == null) {
                    FSUtils.debug.error("Error in processing NameRegistration Response");
                    httpServletResponse.setStatus(IFSConstants.MAX_CACHING_TIME);
                    bind = soapService.formSOAPError(SAML2Constants.SERVER_FAULT, "cannotProcessRequest", null);
                } else if (FSServiceUtils.isSigningOn()) {
                    try {
                        int minorVersion3 = handleRegistrationRequest.getMinorVersion();
                        if (minorVersion3 == 0) {
                            bind = signResponse(bind, "id", handleRegistrationRequest.getID(), baseConfigType);
                        } else if (minorVersion3 == 2) {
                            bind = signResponse(bind, IFSConstants.RESPONSE_ID, handleRegistrationRequest.getResponseID(), baseConfigType);
                        } else if (FSUtils.debug.messageEnabled()) {
                            FSUtils.debug.message("invalid minor version.");
                        }
                    } catch (FSMsgException e13) {
                        FSUtils.debug.error("FSNameRegistrationHandler::signRegistrationResponse failed", e13);
                        returnSOAPMessage(soapService.formSOAPError(SAML2Constants.SERVER_FAULT, "cannotProcessRequest", null), httpServletResponse);
                        return;
                    } catch (SAMLException e14) {
                        FSUtils.debug.error("FSNameRegistrationHandler:sign soap Response failed", e14);
                        returnSOAPMessage(soapService.formSOAPError(SAML2Constants.SERVER_FAULT, "cannotProcessRequest", null), httpServletResponse);
                        return;
                    }
                }
            }
            if (FSUtils.debug.messageEnabled()) {
                ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
                bind.writeTo(byteArrayOutputStream2);
                String byteArrayOutputStream3 = byteArrayOutputStream2.toString("UTF-8");
                if (FSUtils.debug.messageEnabled()) {
                    FSUtils.debug.message("return SOAP message:" + byteArrayOutputStream3);
                }
            }
            returnSOAPMessage(bind, httpServletResponse);
            return;
        } catch (Exception e15) {
            FSUtils.debug.error("Error in processing Name Registration request" + e15.getMessage());
            httpServletResponse.setStatus(IFSConstants.MAX_CACHING_TIME);
            returnSOAPMessage(soapService.formSOAPError(SAML2Constants.SERVER_FAULT, "cannotProcessRequest", null), httpServletResponse);
        }
        FSUtils.debug.error("FSSOAPReceiver.onMessage: Error in processing Request: Exception occured: ", e);
        httpServletResponse.setStatus(IFSConstants.MAX_CACHING_TIME);
        ByteArrayOutputStream byteArrayOutputStream4 = new ByteArrayOutputStream();
        e.printStackTrace(new PrintStream(byteArrayOutputStream4));
        FSUtils.debug.error(byteArrayOutputStream4.toString());
        returnSOAPMessage(soapService.formSOAPError(SAML2Constants.SERVER_FAULT, "cannotProcessRequest", null), httpServletResponse);
    }

    private ProviderDescriptorType getRemoteProviderDescriptor(String str, String str2, String str3) {
        try {
            IDFFMetaManager iDFFMetaManager = FSUtils.getIDFFMetaManager();
            if (iDFFMetaManager != null) {
                return str.equalsIgnoreCase(IFSConstants.SP) ? iDFFMetaManager.getIDPDescriptor(str3, str2) : iDFFMetaManager.getSPDescriptor(str3, str2);
            }
            FSUtils.debug.message("Unable to get meta manager");
            return null;
        } catch (IDFFMetaException e) {
            FSUtils.debug.error("Unable to find Hosted Provider.Cannot process request:", e);
            return null;
        }
    }

    private FSNameRegistrationResponse handleRegistrationRequest(Element element, SOAPMessage sOAPMessage, ProviderDescriptorType providerDescriptorType, BaseConfigType baseConfigType, String str, String str2, String str3, String str4, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            FSNameRegistrationRequest fSNameRegistrationRequest = new FSNameRegistrationRequest(element);
            String providerId = fSNameRegistrationRequest.getProviderId();
            boolean z = false;
            if (str.equalsIgnoreCase(IFSConstants.SP)) {
                z = true;
            }
            ProviderDescriptorType remoteProviderDescriptor = getRemoteProviderDescriptor(str, providerId, str2);
            if (remoteProviderDescriptor == null) {
                return null;
            }
            X509Certificate verificationCert = KeyUtil.getVerificationCert(remoteProviderDescriptor, providerId, z);
            if (FSServiceUtils.isSigningOn() && !verifyRequestSignature(element, sOAPMessage, verificationCert)) {
                FSUtils.debug.message("Registration Signature failed verification");
                return null;
            }
            FSUtils.debug.message("Registration Signature successfully passed");
            if (!FSUtils.getIDFFMetaManager().isTrustedProvider(str2, str3, providerId)) {
                FSUtils.debug.error("Remote provider not in trusted list");
                return null;
            }
            if (FSServiceManager.getInstance() == null) {
                if (!FSUtils.debug.messageEnabled()) {
                    return null;
                }
                FSUtils.debug.message("FSServiceManager instance is null. Cannot process registration request");
                return null;
            }
            FSNameRegistrationHandler fSNameRegistrationHandler = new FSNameRegistrationHandler();
            fSNameRegistrationHandler.setHostedDescriptor(providerDescriptorType);
            fSNameRegistrationHandler.setHostedDescriptorConfig(baseConfigType);
            fSNameRegistrationHandler.setHostedEntityId(str3);
            fSNameRegistrationHandler.setHostedProviderRole(str);
            fSNameRegistrationHandler.setMetaAlias(str4);
            fSNameRegistrationHandler.setRealm(str2);
            fSNameRegistrationHandler.setRemoteDescriptor(remoteProviderDescriptor);
            fSNameRegistrationHandler.setRemoteEntityId(providerId);
            return fSNameRegistrationHandler.processSOAPRegistrationRequest(httpServletRequest, httpServletResponse, fSNameRegistrationRequest);
        } catch (Exception e) {
            FSUtils.debug.error("FSNameRegistrationHandler.doPost.doGet:Exception occured ", e);
            return null;
        }
    }

    private boolean handleTerminationRequest(Element element, SOAPMessage sOAPMessage, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            String metaAlias = FSServiceUtils.getMetaAlias(httpServletRequest);
            if (metaAlias == null || metaAlias.length() < 1) {
                FSUtils.debug.error("Unable to retrieve alias, Hosted Provider.Cannot process  the termination request");
                return false;
            }
            IDFFMetaManager iDFFMetaManager = FSUtils.getIDFFMetaManager();
            if (iDFFMetaManager == null) {
                FSUtils.debug.error("Unable to get meta manager");
                return false;
            }
            String realmByMetaAlias = IDFFMetaUtils.getRealmByMetaAlias(metaAlias);
            FSFederationTerminationNotification fSFederationTerminationNotification = new FSFederationTerminationNotification(element);
            IDPDescriptorType iDPDescriptorType = null;
            String providerId = fSFederationTerminationNotification.getProviderId();
            SPDescriptorType sPDescriptorType = null;
            IDPDescriptorConfigElement iDPDescriptorConfigElement = null;
            try {
                String providerRoleByMetaAlias = iDFFMetaManager.getProviderRoleByMetaAlias(metaAlias);
                String entityIDByMetaAlias = iDFFMetaManager.getEntityIDByMetaAlias(metaAlias);
                if (providerRoleByMetaAlias == null) {
                    return false;
                }
                if (providerRoleByMetaAlias.equalsIgnoreCase("IDP")) {
                    iDPDescriptorType = iDFFMetaManager.getIDPDescriptor(realmByMetaAlias, entityIDByMetaAlias);
                    iDPDescriptorConfigElement = iDFFMetaManager.getIDPDescriptorConfig(realmByMetaAlias, entityIDByMetaAlias);
                    sPDescriptorType = iDFFMetaManager.getSPDescriptor(realmByMetaAlias, providerId);
                } else if (providerRoleByMetaAlias.equalsIgnoreCase(IFSConstants.SP)) {
                    iDPDescriptorType = iDFFMetaManager.getSPDescriptor(realmByMetaAlias, entityIDByMetaAlias);
                    iDPDescriptorConfigElement = iDFFMetaManager.getSPDescriptorConfig(realmByMetaAlias, entityIDByMetaAlias);
                    sPDescriptorType = iDFFMetaManager.getIDPDescriptor(realmByMetaAlias, providerId);
                }
                if (iDPDescriptorType == null || sPDescriptorType == null) {
                    return false;
                }
                X509Certificate verificationCert = KeyUtil.getVerificationCert(sPDescriptorType, providerId, true);
                if (FSServiceUtils.isSigningOn() && !verifyRequestSignature(element, sOAPMessage, verificationCert)) {
                    FSUtils.debug.message("Termination Signature failed verification");
                    return false;
                }
                FSUtils.debug.message("Termination Signature successfully verified");
                if (!iDFFMetaManager.isTrustedProvider(realmByMetaAlias, entityIDByMetaAlias, providerId)) {
                    FSUtils.debug.message("Remote provider not in trusted list");
                    return false;
                }
                FSServiceManager fSServiceManager = FSServiceManager.getInstance();
                if (fSServiceManager == null) {
                    if (!FSUtils.debug.messageEnabled()) {
                        return false;
                    }
                    FSUtils.debug.message("FSServiceManager instance is null. Cannot process termination request");
                    return false;
                }
                FSFedTerminationHandler fedTerminationHandler = fSServiceManager.getFedTerminationHandler(fSFederationTerminationNotification, iDPDescriptorConfigElement, realmByMetaAlias, entityIDByMetaAlias, providerRoleByMetaAlias, metaAlias, providerId);
                if (fedTerminationHandler == null) {
                    FSUtils.debug.error("Unable to get Termination Handler");
                    return false;
                }
                fedTerminationHandler.setHostedDescriptor(iDPDescriptorType);
                fedTerminationHandler.setHostedDescriptorConfig(iDPDescriptorConfigElement);
                fedTerminationHandler.setRealm(realmByMetaAlias);
                fedTerminationHandler.setHostedEntityId(entityIDByMetaAlias);
                fedTerminationHandler.setMetaAlias(metaAlias);
                fedTerminationHandler.setHostedProviderRole(providerRoleByMetaAlias);
                fedTerminationHandler.setRemoteEntityId(providerId);
                fedTerminationHandler.setRemoteDescriptor(sPDescriptorType);
                return fedTerminationHandler.processSOAPTerminationRequest(httpServletRequest, httpServletResponse, fSFederationTerminationNotification);
            } catch (IDFFMetaException e) {
                FSUtils.debug.error("Unable to find Hosted Provider. Cannot process request:", e);
                return false;
            }
        } catch (Exception e2) {
            FSUtils.debug.error("FSSOAPService::handleTerminationRequest failed ", e2);
            return false;
        }
    }

    private Map handleLogoutRequest(Element element, FSLogoutNotification fSLogoutNotification, SOAPMessage sOAPMessage, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ProviderDescriptorType providerDescriptorType, BaseConfigType baseConfigType, String str, String str2, String str3, String str4) {
        SOAPMessage formSOAPError;
        FederationSPAdapter sPAdapter;
        try {
            String providerId = fSLogoutNotification.getProviderId();
            ProviderDescriptorType remoteProviderDescriptor = getRemoteProviderDescriptor(str4, providerId, str2);
            if (remoteProviderDescriptor == null) {
                return null;
            }
            X509Certificate verificationCert = KeyUtil.getVerificationCert(remoteProviderDescriptor, providerId, str4.equalsIgnoreCase(IFSConstants.SP));
            if (FSServiceUtils.isSigningOn() && !verifyRequestSignature(element, sOAPMessage, verificationCert)) {
                FSUtils.debug.error("Logout Signature failed verification");
                return null;
            }
            FSUtils.debug.message("Logout Signature successfully verified");
            if (str == null || str.length() < 1) {
                FSUtils.debug.message("Unable to retrieve alias, Hosted Provider Cannot process logout request");
                return null;
            }
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("FSSOAPReceiver:handleLogoutRequest: Completed forming request FSLogoutNotification");
            }
            if (!FSUtils.getIDFFMetaManager().isTrustedProvider(str2, str3, providerId)) {
                FSUtils.debug.message("Remote provider not in trusted list");
                return null;
            }
            String userFromRequest = FSLogoutUtil.getUserFromRequest(fSLogoutNotification, str2, str3, str4, baseConfigType, str);
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("FSSOAPReceiver:handleLogoutRequest found user Id = " + userFromRequest);
            }
            if (str4 != null && str4.equalsIgnoreCase(IFSConstants.SP) && (sPAdapter = FSServiceUtils.getSPAdapter(str3, baseConfigType)) != null) {
                if (FSUtils.debug.messageEnabled()) {
                    FSUtils.debug.message("FSSOAPReceiver, call preSingleLogoutProcess, IDP/SOAP");
                }
                try {
                    sPAdapter.preSingleLogoutProcess(str3, httpServletRequest, httpServletResponse, userFromRequest, fSLogoutNotification, null, IFSConstants.LOGOUT_IDP_SOAP_PROFILE);
                } catch (Exception e) {
                    FSUtils.debug.error("preSingleLogoutProcess.IDP/SOAP", e);
                }
            }
            if (!isUserExists(userFromRequest, str)) {
                if (FSUtils.debug.messageEnabled()) {
                    FSUtils.debug.message("FSSOAPReceiver:handleLogoutRequest: User does not exist locally. Finding remotely");
                }
                List<String> list = null;
                try {
                    list = SystemConfigurationUtil.getServerList();
                } catch (SystemConfigurationException e2) {
                    if (FSUtils.debug.messageEnabled()) {
                        FSUtils.debug.message("FSSOAPReceiver:handleLogoutRequest: Couldn't find remote server:", e2);
                    }
                }
                if (list == null) {
                    if (!FSUtils.debug.messageEnabled()) {
                        return null;
                    }
                    FSUtils.debug.message("FSSOAPReceiver:handleLogoutRequestplatformList is null");
                    return null;
                }
                for (String str5 : list) {
                    new StringBuffer(str5).append(SystemConfigurationUtil.getProperty(SAMLConstants.SERVER_URI));
                    if (FSUtils.debug.messageEnabled()) {
                        FSUtils.debug.message("FSSOAPReceiver:handleLogoutRequestremoteServerURL = " + str5 + " and self serverUrl =" + FSServiceUtils.getBaseURL());
                    }
                    if (!FSServiceUtils.getBaseURL().equalsIgnoreCase(str5.toString()) && new FSAssertionManagerClient(str, getFullServiceURL(str5)).isUserExists(userFromRequest)) {
                        if (FSUtils.debug.messageEnabled()) {
                            FSUtils.debug.message("FSSOAPReceiver:handleLogoutRequestuser found here =" + str5);
                        }
                        StringBuffer stringBuffer = new StringBuffer();
                        stringBuffer.append(str5.toString()).append(SystemConfigurationUtil.getProperty(SAMLConstants.SERVER_URI)).append(IFSConstants.SOAP_END_POINT_VALUE).append("/").append("metaAlias").append(str);
                        FSSOAPService fSSOAPService = FSSOAPService.getInstance();
                        if (fSSOAPService == null) {
                            return null;
                        }
                        try {
                            if (FSUtils.debug.messageEnabled()) {
                                FSUtils.debug.message("Forward logout request to " + stringBuffer.toString());
                            }
                            SOAPMessage sendMessage = fSSOAPService.sendMessage(sOAPMessage, stringBuffer.toString());
                            if (sendMessage == null) {
                                return null;
                            }
                            HashMap hashMap = new HashMap();
                            hashMap.put("message", sendMessage);
                            if (userFromRequest != null) {
                                hashMap.put("userID", userFromRequest);
                            }
                            return hashMap;
                        } catch (SOAPException e3) {
                            FSUtils.debug.error("FSSOAPException in doSOAPProfile Cannot send request", e3);
                            return null;
                        }
                    }
                }
            }
            FSServiceManager fSServiceManager = FSServiceManager.getInstance();
            if (fSServiceManager == null) {
                FSUtils.debug.message("FSServiceManager instance isnull. Cannot process logout request");
                return null;
            }
            FSPreLogoutHandler preLogoutHandler = fSServiceManager.getPreLogoutHandler();
            if (preLogoutHandler == null) {
                FSUtils.debug.error("Unable to get PreLogoutHandler");
                FSUtils.debug.error("Cannot process request");
                return null;
            }
            preLogoutHandler.setHostedDescriptor(providerDescriptorType);
            preLogoutHandler.setHostedDescriptorConfig(baseConfigType);
            preLogoutHandler.setHostedEntityId(str3);
            preLogoutHandler.setHostedProviderRole(str4);
            preLogoutHandler.setMetaAlias(str);
            preLogoutHandler.setRealm(str2);
            preLogoutHandler.setRemoteDescriptor(remoteProviderDescriptor);
            preLogoutHandler.setRemoteEntityId(providerId);
            preLogoutHandler.setLogoutRequest(fSLogoutNotification);
            FSLogoutStatus processSingleLogoutRequest = preLogoutHandler.processSingleLogoutRequest(fSLogoutNotification);
            if (processSingleLogoutRequest.getStatus().equalsIgnoreCase("samlp:Success")) {
                SOAPMessage createMessage = MessageFactory.newInstance().createMessage();
                if (createMessage == null) {
                    return null;
                }
                HashMap hashMap2 = new HashMap();
                hashMap2.put("message", createMessage);
                if (userFromRequest != null) {
                    hashMap2.put("userID", userFromRequest);
                }
                return hashMap2;
            }
            if (!processSingleLogoutRequest.getStatus().equalsIgnoreCase(IFSConstants.SAML_UNSUPPORTED) || (formSOAPError = soapService.formSOAPError(SAML2Constants.SERVER_FAULT, "cannotProcessRequest", null)) == null) {
                return null;
            }
            HashMap hashMap3 = new HashMap();
            hashMap3.put("message", formSOAPError);
            if (userFromRequest != null) {
                hashMap3.put("userID", userFromRequest);
            }
            return hashMap3;
        } catch (Exception e4) {
            FSUtils.debug.error("FSSOAPService::handleLogoutRequest failed", e4);
            return null;
        }
    }

    private void handleLECPRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FSAuthnRequest fSAuthnRequest) {
        FSUtils.debug.message("FSSOAPReceiver.handleLECPRequest: Called");
        try {
            String metaAlias = FSServiceUtils.getMetaAlias(httpServletRequest);
            String realmByMetaAlias = IDFFMetaUtils.getRealmByMetaAlias(metaAlias);
            IDFFMetaManager iDFFMetaManager = FSUtils.getIDFFMetaManager();
            String entityIDByMetaAlias = iDFFMetaManager.getEntityIDByMetaAlias(metaAlias);
            FSSessionManager.getInstance(metaAlias).setAuthnRequest(fSAuthnRequest.getRequestID(), fSAuthnRequest);
            FSSSOLECPProfileHandler lECPProfileHandler = FSServiceManager.getInstance().getLECPProfileHandler(httpServletRequest, httpServletResponse, fSAuthnRequest, realmByMetaAlias);
            lECPProfileHandler.setMetaAlias(metaAlias);
            lECPProfileHandler.setHostedEntityId(entityIDByMetaAlias);
            lECPProfileHandler.setHostedDescriptor(iDFFMetaManager.getIDPDescriptor(realmByMetaAlias, entityIDByMetaAlias));
            lECPProfileHandler.setHostedDescriptorConfig(iDFFMetaManager.getIDPDescriptorConfig(realmByMetaAlias, entityIDByMetaAlias));
            lECPProfileHandler.setRealm(realmByMetaAlias);
            lECPProfileHandler.processLECPAuthnRequest(fSAuthnRequest);
        } catch (Exception e) {
            FSUtils.debug.error("FSSSOAndFedService.onMessage: Exception occured ", e);
        }
    }

    protected boolean verifyRequestSignature(Element element, SOAPMessage sOAPMessage, X509Certificate x509Certificate) {
        FSUtils.debug.message("FSSOAPReceiver::verifyRequestSignature: Called");
        try {
            if (x509Certificate == null) {
                FSUtils.debug.error("FSSOAPReceiver.verifyRequestSignature: couldn't obtain this site's cert.");
                throw new SAMLResponderException(FSUtils.bundle.getString(IFSConstants.NO_CERT));
            }
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("FSSOAPReceiver::verifyRequestSignature: Provider's cert is found. \nxmlString to be verified: " + XMLUtils.print(element));
            }
            return XMLSignatureManager.getInstance().verifyXMLSignature((Document) FSServiceUtils.createSOAPDOM(sOAPMessage), x509Certificate);
        } catch (Exception e) {
            FSUtils.debug.error("FSSOPAReceiver::verifyRequestSignature  Exception occured while verifying signature:", e);
            return false;
        }
    }

    protected SOAPMessage signResponse(SOAPMessage sOAPMessage, String str, String str2, BaseConfigType baseConfigType) throws SAMLException, FSMsgException {
        FSUtils.debug.message("FSSOAPReceiver::Entered signResponse::");
        String firstAttributeValueFromConfig = IDFFMetaUtils.getFirstAttributeValueFromConfig(baseConfigType, "signingCertAlias");
        if (firstAttributeValueFromConfig == null || firstAttributeValueFromConfig.length() == 0) {
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("FSSOAPReceiver.signResponse: couldn't obtain this site's cert alias.");
            }
            throw new SAMLResponderException(FSUtils.bundle.getString(IFSConstants.NO_CERT_ALIAS));
        }
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("signResponse::Provider's certAlias is found: " + firstAttributeValueFromConfig);
        }
        XMLSignatureManager xMLSignatureManager = XMLSignatureManager.getInstance();
        Document document = (Document) FSServiceUtils.createSOAPDOM(sOAPMessage);
        xMLSignatureManager.signXML(document, firstAttributeValueFromConfig, SystemConfigurationUtil.getProperty("com.sun.identity.saml.xmlsig.xmlSigAlgorithm"), str, str2, false, "//*[local-name()='ProviderID']");
        return FSServiceUtils.convertDOMToSOAP(document);
    }

    private void returnSOAPMessage(SOAPMessage sOAPMessage, HttpServletResponse httpServletResponse) {
        try {
            if (sOAPMessage == null) {
                httpServletResponse.flushBuffer();
                return;
            }
            SAMLUtils.setMimeHeaders(sOAPMessage.getMimeHeaders(), httpServletResponse);
            ServletOutputStream outputStream = httpServletResponse.getOutputStream();
            sOAPMessage.writeTo(outputStream);
            outputStream.flush();
        } catch (Exception e) {
            FSUtils.debug.error("FSSOAPReceiver.returnSOAPMessage: Exception::", e);
        }
    }

    private void returnTerminationStatus(HttpServletResponse httpServletResponse) {
        try {
            httpServletResponse.setStatus(204);
            httpServletResponse.flushBuffer();
        } catch (Exception e) {
            FSUtils.debug.error("FSSOAPReceiver.returnFedTerminationStatus: Exception::", e);
        }
    }

    private boolean isUserExists(String str, String str2) {
        try {
            FSSessionManager fSSessionManager = FSSessionManager.getInstance(str2);
            synchronized (fSSessionManager) {
                FSUtils.debug.message("About to call getSessionList");
                if (fSSessionManager.getSessionList(str) == null) {
                    FSUtils.debug.message("SOAPReceiver:isUserExists:List is empty");
                    return false;
                }
                if (FSUtils.debug.messageEnabled()) {
                    FSUtils.debug.message("SOAPReceiver:isUserExists: List is not empty. User found: " + str);
                }
                return true;
            }
        } catch (Exception e) {
            if (!FSUtils.debug.messageEnabled()) {
                return false;
            }
            FSUtils.debug.message("SOAPReceiver.isUserExists:", e);
            return false;
        }
    }

    private String getFullServiceURL(String str) {
        String str2 = null;
        try {
            URL url = new URL(str);
            str2 = SystemConfigurationUtil.getServiceURL("fsassertionmanager", url.getProtocol(), url.getHost(), url.getPort(), url.getPath()).toString();
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("AssertionManager.getFullServiceURL:full remote URL is: " + str2);
            }
        } catch (Exception e) {
            if (FSUtils.debug.warningEnabled()) {
                FSUtils.debug.warning("AssertionManager.getFullServiceURL:Exception:", e);
            }
        }
        return str2;
    }
}
