package weblogic.wsee.security.wss.sps;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import weblogic.wsee.policy.framework.PolicyAlternative;
import weblogic.wsee.policy.util.PolicySelectionPreference;
import weblogic.wsee.security.policy.SecurityToken;
import weblogic.wsee.security.policy12.assertions.Trust13;
import weblogic.wsee.security.policy12.assertions.Wss11;
import weblogic.wsee.security.saml.SAML2Constants;
import weblogic.wsee.security.wss.plan.SecurityPolicyBlueprint;
import weblogic.wsee.security.wss.plan.SecurityPolicyOutline;
import weblogic.wsee.security.wss.plan.SecurityPolicyPlan;
import weblogic.wsee.security.wss.plan.fact.SecurityTokenFactory;
import weblogic.wsee.security.wss.plan.helper.TokenReferenceTypeHelper;
import weblogic.wsee.security.wss.policy.SecurityInspectionErrorCode;
import weblogic.xml.crypto.wss.WSSConstants;
import weblogic.xml.crypto.wss11.internal.STRType;
import weblogic.xml.crypto.wss11.internal.WSS11Context;

/* loaded from: input_file:weblogic/wsee/security/wss/sps/SmartSecurityPolicyBlueprint.class */
public class SmartSecurityPolicyBlueprint {
    private static final boolean debug = false;
    private SecurityPolicyPlan blueprint;
    private static final int SC_TRANS_SECURITY = 100;
    private static final int SC_USER_NAME_TOKEN = 200;
    private long outlook;
    private long outlookMask;
    private long optionalOutlookMask;
    private boolean isFromActualMessage;
    private List tokenList;
    private Map signatureMap;
    private Map encryptionMap;
    public static final long SIGNATURE = 1;
    public static final long ENCRYPTION = 2;
    public static final long SIGNATURE_CONFIRMATION = 4;
    public static final long ENCRYTED_KEY = 8;
    public static final long REQUIRED_ELEMENT = 16;
    public static final long ENDORSE_TOKEN = 32;
    public static final long AUTHENTICATION = 64;
    public static final long USERNAME_TOKEN = 192;
    public static final long SAML_TOKEN = 256;
    public static final long X509_TOKEN_AUTH = 576;
    public static final long TIME_STAMP = 1024;
    public static final long BODY_SIGNATURE = 2049;
    public static final long BODY_ENCRYPTION = 4098;
    public static final long THUMBPRINT = 8192;
    public static final long ENCRYPTED_HEADER = 16386;
    public static final long ENCRYPTED_USERNAME_TOKEN = 32962;
    public static final long ENCRYPTED_SIGNATURE = 65539;
    public static final long SAML11_TOKEN = 131072;
    public static final long SAML20_TOKEN = 262144;
    public static final long KERBEROS_TOKEN = 524288;
    public static final long ELEMENT_SIGN_ENCRPT = 1048576;
    public static final long WSS11 = 2097152;
    public static final long OPTIONAL = 4194304;
    public static final long BODY_SIGNATURE_OPTIONAL = 4196353;
    public static final long BODY_ENCRYPTION_OPTIONAL = 4198402;
    public static final long SECURE_CONVERSATION = 8388608;
    public static final long WSSC13 = 16777216;
    public static final long TRUST13 = 33554432;
    public static final long ISSUED_TOKEN = 67108864;
    private boolean usernameTokenAuth;
    private boolean x509TokenAuth;
    private boolean kerberosAuth;
    private boolean saml11TokenAuth;
    private boolean saml20TokenAuth;
    private boolean spnegoToken;
    private boolean relToken;
    private boolean issuedToken;
    WSS11Context securityContext;
    private int policyLocationIdx;
    private static final Logger LOGGER = Logger.getLogger(SmartSecurityPolicyBlueprint.class.getName());
    private static final int[][] POSITIVE_SCORING = {new int[]{3, 1, 0}, new int[]{3, 1, 0}, new int[]{2, 0, 0}, new int[]{4, 0, 2}, new int[]{4, 0, 0}, new int[]{2, 0, 0}, new int[]{5, 0, 0}, new int[]{3, 2, 1}, new int[]{4, 0, 0}, new int[]{2, 1, 2}, new int[]{1, 4, 0}, new int[]{3, 1, 0}, new int[]{3, 1, 0}, new int[]{1, 2, 0}, new int[]{4, 0, 1}, new int[]{1, 0, 0}, new int[]{1, 0, 0}, new int[]{1, 4, 2}, new int[]{2, 3, 3}, new int[]{1, 0, 0}, new int[]{4, 1, 4}, new int[]{2, 0, 0}, new int[]{0, 0, 5}, new int[]{4, 1, 4}, new int[]{5, 0, 5}, new int[]{5, 0, 4}};
    private static final int[][] NEGATIVE_SCORING = {new int[]{0, 2, 5}, new int[]{0, 2, 5}, new int[]{0, 4, 3}, new int[]{0, 1, 0}, new int[]{0, 3, 1}, new int[]{0, 3, 3}, new int[]{0, 3, 3}, new int[]{0, 0, 1}, new int[]{0, 3, 3}, new int[]{0, 0, 1}, new int[]{0, 0, 1}, new int[]{0, 1, 2}, new int[]{0, 0, 3}, new int[]{0, 0, 0}, new int[]{0, 1, 1}, new int[]{0, 1, 2}, new int[]{0, 1, 2}, new int[]{0, 2, 2}, new int[]{0, 3, 2}, new int[]{0, 5, 2}, new int[]{0, 3, 1}, new int[]{0, 4, 3}, new int[]{2, 1, 0}, new int[]{0, 5, 1}, new int[]{0, 5, 0}, new int[]{0, 5, 0}};
    private static final int[] MISSING_CODE = {SecurityInspectionErrorCode.MISSING_SIGNATURE, SecurityInspectionErrorCode.MISSING_ENCRYPTION, SecurityInspectionErrorCode.MISSING_SIGNATURE_CONFIRMATION, SecurityInspectionErrorCode.MISSING_ENCRYPTED_KEY, SecurityInspectionErrorCode.MISSING_REQUIRED_ELEMENT, SecurityInspectionErrorCode.MISSING_ENDORSING, SecurityInspectionErrorCode.MISSING_AUTHENTICATION, SecurityInspectionErrorCode.MISSING_USERNAME_TOKEN, SecurityInspectionErrorCode.MISSING_SAML_TOKEN, SecurityInspectionErrorCode.MISSING_X509_TOKEN, SecurityInspectionErrorCode.MISSING_TIME_STAMP, SecurityInspectionErrorCode.MISSING_BODY_SIGNATURE, SecurityInspectionErrorCode.MISSING_BODY_ENCRYPTION, SecurityInspectionErrorCode.MISSING_THUMBPRINT_KEY, 4301, 4621, SecurityInspectionErrorCode.MISSING_SIGNATURE_ENCRYPTION, SecurityInspectionErrorCode.MISSING_SAML11_TOKEN, SecurityInspectionErrorCode.MISSING_SAML20_TOKEN, SecurityInspectionErrorCode.MISSING_KERBEROS_TOKEN, SecurityInspectionErrorCode.MISSING_ELEMENT_SIGNATURE, SecurityInspectionErrorCode.MISSING_WSS11};
    private static final int[] NOT_REQUIRED_CODE = {SecurityInspectionErrorCode.SIGNATURE_NOT_REQUIRED, SecurityInspectionErrorCode.ENCRYPTION_NOT_REQUIRED, SecurityInspectionErrorCode.SIGNATURE_CONFIRMATION_NOT_REQUIRED, SecurityInspectionErrorCode.ENCRYPTED_KEY_ERROR, SecurityInspectionErrorCode.ELEMENT_SIGNATURE_NOT_REQUIRED, SecurityInspectionErrorCode.ENDORSING_NOT_REQUIRED, SecurityInspectionErrorCode.AUTHENTICATION_NOT_REQUIRED, 1028, 1068, 1048, SecurityInspectionErrorCode.TIME_STAMP_NOT_REQUIRED, SecurityInspectionErrorCode.BODY_SIGNATURE_NOT_REQUIRED, SecurityInspectionErrorCode.BODY_ENCRYPTION_NOT_REQUIRED, SecurityInspectionErrorCode.THUMBPRINT_KEY_NOT_REQIRED, SecurityInspectionErrorCode.HEADER_ENCRYPTION_NOT_REQUIRED, SecurityInspectionErrorCode.UNSERNAME_TOKEN_ENCRYPTION_NOT_REQUIRED, SecurityInspectionErrorCode.SIGNATURE_ENCRYPTION_NOT_REQUIRED, SecurityInspectionErrorCode.UNKNOWN_SAML11_TOKEN, SecurityInspectionErrorCode.UNKNOWN_SAML20_TOKEN, SecurityInspectionErrorCode.UNKNOWN_KERBEROS_TOKEN, SecurityInspectionErrorCode.ELEMENT_ENCRYPTION_NOT_REQUIRED, SecurityInspectionErrorCode.WSS11_NOT_REQUIRED};
    private static final String[] FEATURES = {"Signature", "Encryption", "Signature confirmation", "Encryted key", "Required element", "Endorse token", "Authentication", "Username token", "Saml token SV", "X509 token auth", "Time stamp", "Body signature", "Body encryption", "Thumbprint", "Encrypted header", "Encrypted username token", "Encrypted signature", "Saml11 token", "Saml20 token", "Kerberos token", "Element sign encrpt", Wss11.WSS_11, "Optional", "Secure conversation", "Wssc13", Trust13.TRUST_13};

    public SmartSecurityPolicyBlueprint(SecurityPolicyBlueprint securityPolicyBlueprint, int i, PolicyAlternative policyAlternative, WSS11Context wSS11Context) {
        this.isFromActualMessage = false;
        this.usernameTokenAuth = false;
        this.x509TokenAuth = false;
        this.kerberosAuth = false;
        this.saml11TokenAuth = false;
        this.saml20TokenAuth = false;
        this.spnegoToken = false;
        this.relToken = false;
        this.issuedToken = false;
        this.securityContext = null;
        this.policyLocationIdx = 0;
        this.blueprint = securityPolicyBlueprint;
        this.policyLocationIdx = i;
        this.isFromActualMessage = false;
        this.securityContext = wSS11Context;
        setPolicyAlternative(policyAlternative);
        init();
    }

    public SmartSecurityPolicyBlueprint(SecurityPolicyOutline securityPolicyOutline) {
        this.isFromActualMessage = false;
        this.usernameTokenAuth = false;
        this.x509TokenAuth = false;
        this.kerberosAuth = false;
        this.saml11TokenAuth = false;
        this.saml20TokenAuth = false;
        this.spnegoToken = false;
        this.relToken = false;
        this.issuedToken = false;
        this.securityContext = null;
        this.policyLocationIdx = 0;
        this.blueprint = securityPolicyOutline;
        this.isFromActualMessage = true;
        init();
    }

    public PolicyAlternative getPolicyAlternative() {
        return this.blueprint.getPolicyAlternative();
    }

    public void setPolicyAlternative(PolicyAlternative policyAlternative) {
        this.blueprint.setPolicyAlternative(policyAlternative);
    }

    public int getPolicyLocationIdx() {
        return this.policyLocationIdx;
    }

    public long getMessageOutlook() {
        return this.outlook;
    }

    public long getActualPolicyOutlook() {
        return this.outlook & (this.outlookMask ^ (-1));
    }

    public long getPolicyOutlookWithMask(long j) {
        return this.outlook & (this.outlookMask ^ (-1)) & (j ^ (-1));
    }

    public long getMessageOutlookMask() {
        return this.outlookMask;
    }

    public boolean hasUnsupportedFeature(long j) {
        return (this.outlook & j) != 0;
    }

    private void addOutlook(long j) {
        if (this.blueprint.hasTransportSecuirity() && !this.isFromActualMessage) {
            if (j == 1 || j == 2 || j == BODY_SIGNATURE || j == BODY_ENCRYPTION || j == ENCRYPTED_HEADER || j == ENCRYPTED_USERNAME_TOKEN || j == ENCRYPTED_SIGNATURE || j == ELEMENT_SIGN_ENCRPT || j == BODY_SIGNATURE_OPTIONAL || j == BODY_ENCRYPTION_OPTIONAL) {
                j = 0;
            } else if (j == 32) {
                j = 1;
            }
        }
        this.outlook |= j;
    }

    private void addPolicyOutlookMask(long j) {
        this.outlookMask |= j;
    }

    private void init() {
        this.outlook = 0L;
        this.tokenList = new ArrayList();
        if (isAuthenticationRequired()) {
            this.tokenList.addAll(this.blueprint.getIdentityPolicy().getValidIdentityTokens());
            addOutlook(64L);
            setAuthToken();
        }
        if (isEncryptionRequired()) {
            this.tokenList.addAll(this.blueprint.getEncryptionPolicy().getValidEncryptionTokens());
            this.encryptionMap = this.blueprint.getEncryptionPolicy().getNodeMap();
            setSamlToken(this.blueprint.getEncryptionPolicy().getValidEncryptionTokens());
            if (!this.isFromActualMessage) {
                addOutlook(2L);
                if (isElementEncryption()) {
                    addOutlook(ELEMENT_SIGN_ENCRPT);
                    addPolicyOutlookMask(ELEMENT_SIGN_ENCRPT);
                    if (getActualSize(this.encryptionMap) == 1) {
                        addPolicyOutlookMask(2L);
                    }
                }
            } else if (this.blueprint.isBodyEmpty()) {
                addPolicyOutlookMask(BODY_ENCRYPTION);
            } else {
                addOutlook(2L);
            }
        } else if (this.isFromActualMessage && this.blueprint.isBodyEmpty()) {
            addPolicyOutlookMask(BODY_ENCRYPTION);
            addPolicyOutlookMask(2L);
            addPolicyOutlookMask(WSS11);
        }
        if (isSignatureRequired()) {
            if (!isSignatureEncryptionRequired()) {
                this.tokenList.addAll(this.blueprint.getSigningPolicy().getValidSignatureTokens());
                addOutlook(1L);
                this.signatureMap = this.blueprint.getSigningPolicy().getSigningNodeMap();
            }
            setSamlToken(this.blueprint.getSigningPolicy().getValidSignatureTokens());
        }
        if (isEndorsingRequired()) {
            this.tokenList.addAll(this.blueprint.getEndorsingPolicy().getValidSignatureTokens());
            addOutlook(32L);
        }
        if (isWss11()) {
            addOutlook(WSS11);
            if (!this.isFromActualMessage) {
                addPolicyOutlookMask(WSS11);
            }
        }
        if (isSignatureConfirmationRequired()) {
            addOutlook(4L);
        }
        if (isTimestampRequired()) {
            addOutlook(TIME_STAMP);
        }
        if (isBodyEncrypted()) {
            addOutlook(BODY_ENCRYPTION);
        }
        if (isBodySigned()) {
            addOutlook(BODY_SIGNATURE);
        }
        if (isSignatureEncryptionRequired()) {
            addOutlook(ENCRYPTED_SIGNATURE);
            if (!this.isFromActualMessage) {
                addPolicyOutlookMask(ENCRYPTED_SIGNATURE);
                addPolicyOutlookMask(1L);
                if (isSignatureConfirmationRequired()) {
                    addPolicyOutlookMask(4L);
                }
                if (isWss11()) {
                    addPolicyOutlookMask(WSS11);
                }
                Map signingNodeMap = this.blueprint.getSigningPolicy().getSigningNodeMap();
                if (signingNodeMap.containsKey("Body")) {
                    addPolicyOutlookMask(BODY_SIGNATURE);
                }
                if (isElementSignature()) {
                    addOutlook(ELEMENT_SIGN_ENCRPT);
                    addPolicyOutlookMask(ELEMENT_SIGN_ENCRPT);
                    if (getActualSize(signingNodeMap) == 1) {
                        addPolicyOutlookMask(1L);
                    }
                }
                if (isEndorsedTokenRequired()) {
                    addPolicyOutlookMask(32L);
                }
            }
        }
        if (!this.isFromActualMessage && isUsernameTokenEncryptionRequired()) {
            addPolicyOutlookMask(192L);
        }
        if (!this.isFromActualMessage && isX509TokenAuth() && isSignatureRequired()) {
            addPolicyOutlookMask(576L);
        }
        if (isSecureConversation()) {
            addOutlook(SECURE_CONVERSATION);
            addPolicyOutlookMask(SECURE_CONVERSATION);
        }
        if (isWssc13()) {
            addOutlook(WSSC13);
            addPolicyOutlookMask(WSSC13);
        }
        if (this.isFromActualMessage || !isSamlTokenEncryptionRequired()) {
            return;
        }
        addPolicyOutlookMask(256L);
        addPolicyOutlookMask(64L);
        if (isSaml11TokenAuth()) {
            addPolicyOutlookMask(SAML11_TOKEN);
        }
        if (isSaml20TokenAuth()) {
            addPolicyOutlookMask(SAML20_TOKEN);
        }
        if (isWss11()) {
            addPolicyOutlookMask(WSS11);
        }
    }

    private int getActualSize(Map map) {
        ArrayList arrayList = new ArrayList(map.values());
        arrayList.remove((Object) null);
        return arrayList.size();
    }

    public int getErrorCode(long j) {
        if (getActualPolicyOutlook() == j) {
            return 0;
        }
        long actualPolicyOutlook = getActualPolicyOutlook() & (j ^ (-1));
        if (actualPolicyOutlook != 0) {
            return getMissingRc(actualPolicyOutlook);
        }
        long j2 = (this.outlook ^ (-1)) & j;
        return j2 != 0 ? getNotRequiredRc(j2) : SecurityInspectionErrorCode.UNKNOWNS;
    }

    public String tellMeWhy(long j) {
        if (getActualPolicyOutlook() == j) {
            return "0";
        }
        StringBuffer stringBuffer = new StringBuffer(" Error codes:");
        long actualPolicyOutlook = getActualPolicyOutlook() & (j ^ (-1));
        if (actualPolicyOutlook != 0) {
            StringBuffer findMissingCodes = findMissingCodes(actualPolicyOutlook);
            if (LOGGER.isLoggable(Level.FINE)) {
                LOGGER.log(Level.FINE, "Incoming message missing code =" + ((Object) findMissingCodes));
            }
            stringBuffer.append(findMissingCodes);
        }
        long actualPolicyOutlook2 = (getActualPolicyOutlook() ^ (-1)) & j;
        if (actualPolicyOutlook2 != 0) {
            StringBuffer findNotRequiredCodes = findNotRequiredCodes(actualPolicyOutlook2);
            if (LOGGER.isLoggable(Level.FINE)) {
                LOGGER.log(Level.FINE, "Incoming message error code =" + ((Object) findNotRequiredCodes));
            }
            stringBuffer.append(findNotRequiredCodes);
        }
        return stringBuffer.toString();
    }

    public String tellMeWhyNotSupported(long j) {
        StringBuffer stringBuffer = new StringBuffer("Unsupported codes:");
        long j2 = this.outlook & j;
        if (j2 != 0) {
            StringBuffer findNotRequiredCodes = findNotRequiredCodes(j2);
            if (LOGGER.isLoggable(Level.FINE)) {
                LOGGER.log(Level.FINE, "Incoming message error code =" + ((Object) findNotRequiredCodes));
            }
            stringBuffer.append(findNotRequiredCodes);
        }
        return stringBuffer.toString();
    }

    private static int getMissingRc(long j) {
        for (int i = 0; i < MISSING_CODE.length; i++) {
            if ((j & 1) == 1) {
                return MISSING_CODE[i];
            }
            j >>= 1;
        }
        return SecurityInspectionErrorCode.UNKNOWNS;
    }

    private static int getNotRequiredRc(long j) {
        for (int i = 0; i < NOT_REQUIRED_CODE.length; i++) {
            if ((j & 1) == 1) {
                return NOT_REQUIRED_CODE[i];
            }
            j >>= 1;
        }
        return SecurityInspectionErrorCode.UNKNOWNS;
    }

    private static StringBuffer findMissingCodes(long j) {
        StringBuffer stringBuffer = new StringBuffer();
        for (int i = 0; i < MISSING_CODE.length; i++) {
            if ((j & 1) == 1) {
                stringBuffer.append(" " + MISSING_CODE[i]);
            }
            j >>= 1;
        }
        return stringBuffer;
    }

    private static StringBuffer findNotRequiredCodes(long j) {
        StringBuffer stringBuffer = new StringBuffer();
        for (int i = 0; i < NOT_REQUIRED_CODE.length; i++) {
            if ((j & 1) == 1) {
                stringBuffer.append(" " + NOT_REQUIRED_CODE[i]);
            }
            j >>= 1;
        }
        return stringBuffer;
    }

    public int getScore(PolicySelectionPreference policySelectionPreference) {
        if (null == policySelectionPreference || policySelectionPreference.isDefaut()) {
            return 1;
        }
        return policySelectionPreference.calculateScore(securityInteropPerformanceScoring());
    }

    public SecurityPolicyBlueprint getSecurityPolicyBlueprint() {
        if (this.blueprint instanceof SecurityPolicyBlueprint) {
            return (SecurityPolicyBlueprint) this.blueprint;
        }
        throw new UnsupportedOperationException("Unable to get blueprint from outline");
    }

    public boolean hasDescribed() {
        return (this.blueprint == null || this.blueprint.getGeneralPolicy() == null || this.blueprint.getBuildingPlan() == 0) ? false : true;
    }

    public boolean isSignatureRequired() {
        return this.blueprint.getSigningPolicy().isSignatureRequired();
    }

    public boolean isEncryptionRequired() {
        return this.blueprint.getEncryptionPolicy().isEncryptionRequired();
    }

    public boolean isAuthenticationRequired() {
        return this.blueprint.getIdentityPolicy().isAuthenticationRequired();
    }

    private void setAuthToken() {
        List validIdentityTokens = this.blueprint.getIdentityPolicy().getValidIdentityTokens();
        for (int i = 0; i < validIdentityTokens.size(); i++) {
            String tokenTypeUri = ((SecurityToken) validIdentityTokens.get(i)).getTokenTypeUri();
            if (WSSConstants.VALUE_TYPE_UNT.equals(tokenTypeUri)) {
                this.usernameTokenAuth = true;
                addOutlook(192L);
            } else if (WSSConstants.VALUE_TYPE_X509V3.equals(tokenTypeUri) || WSSConstants.VALUE_TYPE_X509V1.equals(tokenTypeUri) || WSSConstants.VALUE_TYPE_PKCS7.equals(tokenTypeUri) || WSSConstants.VALUE_TYPE_X509PKI.equals(tokenTypeUri)) {
                this.x509TokenAuth = true;
                addOutlook(576L);
            } else if ("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID".equals(tokenTypeUri) || SAML2Constants.SAML11_VALUE_TYPE.equals(tokenTypeUri) || SAML2Constants.SAML11_TOKEN_TYPE.equals(tokenTypeUri)) {
                this.saml11TokenAuth = true;
                addOutlook(256L);
                addOutlook(SAML11_TOKEN);
            } else if (SAML2Constants.SAML20_TOKEN_TYPE.equals(tokenTypeUri)) {
                this.saml20TokenAuth = true;
                addOutlook(256L);
                addOutlook(SAML20_TOKEN);
            } else if (SecurityTokenFactory.KERBEROS_TOKEN_PROFILE_VALUE_TYPE.equals(tokenTypeUri)) {
                this.kerberosAuth = true;
                addOutlook(524288L);
            }
        }
    }

    private void setSamlToken(List list) {
        for (int i = 0; i < list.size(); i++) {
            String tokenTypeUri = ((SecurityToken) list.get(i)).getTokenTypeUri();
            if ("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID".equals(tokenTypeUri) || SAML2Constants.SAML11_VALUE_TYPE.equals(tokenTypeUri) || SAML2Constants.SAML11_TOKEN_TYPE.equals(tokenTypeUri)) {
                this.saml11TokenAuth = true;
                addOutlook(SAML11_TOKEN);
            } else if (SAML2Constants.SAML20_TOKEN_TYPE.equals(tokenTypeUri)) {
                this.saml20TokenAuth = true;
                addOutlook(SAML20_TOKEN);
            }
        }
    }

    public boolean isSaml11TokenAuth() {
        return this.saml11TokenAuth;
    }

    public boolean isSaml20TokenAuth() {
        return this.saml20TokenAuth;
    }

    public boolean isSamlTokenAuth() {
        return this.saml11TokenAuth || this.saml20TokenAuth;
    }

    public boolean isIssuedToken() {
        return this.issuedToken;
    }

    public boolean isRelToken() {
        return this.relToken;
    }

    public boolean isSpnegoToken() {
        return this.spnegoToken;
    }

    public boolean isKerberosAuth() {
        return this.kerberosAuth;
    }

    public boolean isUsernameTokenAuth() {
        return this.usernameTokenAuth;
    }

    public boolean isX509TokenAuth() {
        return this.x509TokenAuth;
    }

    public boolean isEndorsingRequired() {
        return this.blueprint.getEndorsingPolicy().isSignatureRequired();
    }

    public boolean isSignatureConfirmationRequired() {
        return this.blueprint.getGeneralPolicy().isRequireSignatureConfirmation();
    }

    public boolean isTimestampRequired() {
        return this.blueprint.getTimestampPolicy().isSignTimestampRequired();
    }

    public boolean isEndorsedTokenRequired() {
        return this.blueprint.getEndorsingPolicy().isSignatureRequired();
    }

    public boolean isBodySigned() {
        if (!isSignatureRequired() || null == this.signatureMap) {
            return false;
        }
        return this.signatureMap.containsKey("Body");
    }

    public boolean isBodyEncrypted() {
        if (!isEncryptionRequired() || null == this.encryptionMap) {
            return false;
        }
        return this.encryptionMap.containsKey("Body");
    }

    public boolean isElementEncryption() {
        if (!isEncryptionRequired() || null == this.encryptionMap) {
            return false;
        }
        return this.encryptionMap.containsKey(SecurityPolicyPlan.ELEMENT);
    }

    public boolean isWssc13() {
        return this.blueprint.getGeneralPolicy().isWssc13();
    }

    public boolean isElementSignature() {
        if (!isSignatureRequired() || null == this.signatureMap) {
            return false;
        }
        return this.signatureMap.containsKey(SecurityPolicyPlan.ELEMENT);
    }

    public String[] getTokenTypes() {
        if (this.tokenList == null || this.tokenList.size() == 0) {
            return null;
        }
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < this.tokenList.size(); i++) {
            SecurityToken securityToken = (SecurityToken) this.tokenList.get(i);
            if (!securityToken.isOptional()) {
                arrayList.add(securityToken.getTokenTypeUri());
            }
        }
        if (arrayList.size() == 0) {
            return null;
        }
        String[] strArr = new String[arrayList.size()];
        for (int i2 = 0; i2 < arrayList.size(); i2++) {
            strArr[i2] = (String) arrayList.get(i2);
        }
        return strArr;
    }

    protected boolean isThumbprintRequired() {
        if (this.tokenList == null || this.tokenList.size() == 0) {
            return false;
        }
        for (int i = 0; i < this.tokenList.size(); i++) {
            List strTypes = ((SecurityToken) this.tokenList.get(i)).getStrTypes();
            if (null != strTypes && !strTypes.isEmpty()) {
                Iterator it = strTypes.iterator();
                while (it.hasNext()) {
                    if (TokenReferenceTypeHelper.isThrumbprintSTRType((STRType) it.next())) {
                        return true;
                    }
                }
            }
        }
        return false;
    }

    protected boolean isUsernameTokenEncryptionRequired() {
        if (!isEncryptionRequired() || null == this.encryptionMap) {
            return false;
        }
        return this.encryptionMap.containsKey(SecurityPolicyPlan.USERNAME_TOKEN);
    }

    protected boolean isSamlTokenEncryptionRequired() {
        if (!isEncryptionRequired() || null == this.encryptionMap) {
            return false;
        }
        return this.encryptionMap.containsKey("SamlToken");
    }

    protected boolean isSignatureEncryptionRequired() {
        if (!isEncryptionRequired() || null == this.encryptionMap) {
            return false;
        }
        return this.encryptionMap.containsKey("EncryptSignature");
    }

    public boolean isCertRequired() {
        if (this.tokenList == null || this.tokenList.size() == 0) {
            return false;
        }
        for (int i = 0; i < this.tokenList.size(); i++) {
            String tokenTypeUri = ((SecurityToken) this.tokenList.get(i)).getTokenTypeUri();
            if (WSSConstants.VALUE_TYPE_X509V3.equals(tokenTypeUri) || WSSConstants.VALUE_TYPE_X509V1.equals(tokenTypeUri) || WSSConstants.VALUE_TYPE_X509PKI.equals(tokenTypeUri) || WSSConstants.VALUE_TYPE_PKCS7.equals(tokenTypeUri)) {
                return true;
            }
        }
        return false;
    }

    public boolean isSecureConversation() {
        if (this.tokenList == null || this.tokenList.size() == 0) {
            return false;
        }
        for (int i = 0; i < this.tokenList.size(); i++) {
            String tokenTypeUri = ((SecurityToken) this.tokenList.get(i)).getTokenTypeUri();
            if ("http://schemas.xmlsoap.org/ws/2005/02/sc/dk".equals(tokenTypeUri) || "http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512/dk".equals(tokenTypeUri)) {
                return true;
            }
        }
        return false;
    }

    public boolean isWss11() {
        return this.blueprint.getGeneralPolicy().isWss11();
    }

    private int[] securityInteropPerformanceScoring() {
        StringBuffer stringBuffer = new StringBuffer();
        int[] iArr = new int[3];
        for (int i = 0; i < iArr.length; i++) {
            iArr[i] = 0;
        }
        long j = this.outlook;
        for (int i2 = 0; i2 < POSITIVE_SCORING.length; i2++) {
            if ((j & 1) == 1) {
                for (int i3 = 0; i3 < iArr.length; i3++) {
                    int i4 = i3;
                    iArr[i4] = iArr[i4] + POSITIVE_SCORING[i2][i3];
                }
                if (LOGGER.isLoggable(Level.FINE)) {
                    stringBuffer.append(FEATURES[i2] + " ");
                }
            } else {
                for (int i5 = 0; i5 < iArr.length; i5++) {
                    int i6 = i5;
                    iArr[i6] = iArr[i6] + NEGATIVE_SCORING[i2][i5];
                }
            }
            j >>= 1;
        }
        if (LOGGER.isLoggable(Level.FINE)) {
            LOGGER.log(Level.FINE, stringBuffer.toString() + " are considered for scoring");
        }
        return iArr;
    }

    private void checkTransportSecurity() {
    }

    private void checkAuthentication() {
    }

    public String getPolicyScoringKey() {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("Policy Key =" + this.outlook + " --");
        long j = this.outlook;
        for (int i = 0; i < POSITIVE_SCORING.length; i++) {
            if ((j & 1) == 1) {
                stringBuffer.append(FEATURES[i] + " ");
            }
            j >>= 1;
        }
        return stringBuffer.toString();
    }
}
