package org.forgerock.openam.upgrade.helpers;

import com.iplanet.am.util.SystemProperties;
import com.sun.identity.sm.AbstractUpgradeHelper;
import com.sun.identity.sm.AttributeSchemaImpl;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.forgerock.openam.upgrade.UpgradeException;

/* loaded from: input_file:org/forgerock/openam/upgrade/helpers/SessionServiceHelper.class */
public class SessionServiceHelper extends AbstractUpgradeHelper {
    private static final String DENY_ACCESS = "DENY_ACCESS";
    private static final String DESTROY_OLD_SESSION = "DESTROY_OLD_SESSION";
    private static final String NEW_DENY_ACCESS = "org.forgerock.openam.session.service.DenyAccessAction";
    private static final String DESTROY_ALL_SESSIONS_CLASS = "org.forgerock.openam.session.service.DestroyAllAction";
    private static final String DESTROY_OLDEST_SESSION_CLASS = "org.forgerock.openam.session.service.DestroyOldestAction";
    private static final String DESTROY_ALL_SESSIONS = "openam.session.destroy_all_sessions";
    private static final String DESTROY_OLDEST_SESSION = "openam.session.destroy_oldest_session";
    private static final String SESSION_CONSTRAINT_HANDLER_ATTR = "iplanet-am-session-constraint-handler";
    private static final String SESSION_CONSTRAINT_HANDLER_OLD_ATTR = "iplanet-am-session-constraint-resulting-behavior";
    private static final String STATELESS_SIGNING_ALGORITHM = "openam-session-stateless-signing-type";
    private static final String STATELESS_ENCRYPTION_TYPE = "openam-session-stateless-encryption-type";
    private static final String STATELESS_ENCRYPTION_KEY = "openam-session-stateless-encryption-aes-key";
    private static final String STATELESS_COMPRESSION_TYPE = "openam-session-stateless-compression-type";
    private static final List<String> ECDSA_SIGNING_ALGORITHMS = Arrays.asList("ES256", "ES384", "ES512");
    private static final List<String> ENCRYPTION_TYPES = Arrays.asList("NONE", "RSA", "AES_KEYWRAP", "DIRECT");

    public SessionServiceHelper() {
        this.attributes.add(STATELESS_SIGNING_ALGORITHM);
        this.attributes.add(STATELESS_ENCRYPTION_TYPE);
        this.attributes.add(STATELESS_ENCRYPTION_KEY);
        this.attributes.add(STATELESS_COMPRESSION_TYPE);
    }

    @Override // com.sun.identity.sm.AbstractUpgradeHelper, org.forgerock.openam.upgrade.UpgradeHelper
    public AttributeSchemaImpl addNewAttribute(Set<AttributeSchemaImpl> set, AttributeSchemaImpl attributeSchemaImpl) throws UpgradeException {
        if (attributeSchemaImpl.getName().equals(SESSION_CONSTRAINT_HANDLER_ATTR)) {
            Iterator<AttributeSchemaImpl> it = set.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                AttributeSchemaImpl next = it.next();
                if (next.getName().equals(SESSION_CONSTRAINT_HANDLER_OLD_ATTR)) {
                    Set defaultValues = next.getDefaultValues();
                    HashSet hashSet = new HashSet();
                    if (destroyAllSessionsSet() && defaultValues.contains(DESTROY_OLD_SESSION)) {
                        hashSet.add(DESTROY_ALL_SESSIONS_CLASS);
                        attributeSchemaImpl = updateDefaultValues(attributeSchemaImpl, hashSet);
                    } else if (defaultValues.contains(DENY_ACCESS)) {
                        hashSet.add(NEW_DENY_ACCESS);
                        attributeSchemaImpl = updateDefaultValues(attributeSchemaImpl, hashSet);
                    } else if (destroyOldestSessionSet()) {
                        hashSet.add(DESTROY_OLDEST_SESSION_CLASS);
                        attributeSchemaImpl = updateDefaultValues(attributeSchemaImpl, hashSet);
                    }
                }
            }
        }
        return attributeSchemaImpl;
    }

    @Override // com.sun.identity.sm.AbstractUpgradeHelper, org.forgerock.openam.upgrade.UpgradeHelper
    public AttributeSchemaImpl upgradeAttribute(AttributeSchemaImpl attributeSchemaImpl, AttributeSchemaImpl attributeSchemaImpl2) throws UpgradeException {
        AttributeSchemaImpl attributeSchemaImpl3 = attributeSchemaImpl2;
        String i18NKey = attributeSchemaImpl.getI18NKey();
        if (i18NKey == null || i18NKey.isEmpty()) {
            return null;
        }
        if (STATELESS_SIGNING_ALGORITHM.equals(attributeSchemaImpl.getName())) {
            attributeSchemaImpl3 = checkAndUpdateChoiceValues(attributeSchemaImpl, attributeSchemaImpl2, ECDSA_SIGNING_ALGORITHMS);
        } else if (STATELESS_ENCRYPTION_TYPE.equals(attributeSchemaImpl.getName())) {
            attributeSchemaImpl3 = checkAndUpdateChoiceValues(attributeSchemaImpl, attributeSchemaImpl2, ENCRYPTION_TYPES);
        }
        return attributeSchemaImpl3;
    }

    private AttributeSchemaImpl checkAndUpdateChoiceValues(AttributeSchemaImpl attributeSchemaImpl, AttributeSchemaImpl attributeSchemaImpl2, List<String> list) throws UpgradeException {
        ArrayList arrayList = new ArrayList(Arrays.asList(attributeSchemaImpl.getChoiceValues()));
        if (arrayList.containsAll(list)) {
            return null;
        }
        arrayList.addAll(list);
        updateChoiceValues(attributeSchemaImpl2, arrayList);
        return attributeSchemaImpl2;
    }

    private boolean destroyAllSessionsSet() {
        return SystemProperties.getAsBoolean(DESTROY_ALL_SESSIONS);
    }

    private boolean destroyOldestSessionSet() {
        return SystemProperties.getAsBoolean(DESTROY_OLDEST_SESSION);
    }
}
