package com.bea.common.security.saml.manager;

import com.bea.common.security.saml.registry.SAMLAssertingPartyConfig;
import com.bea.common.security.saml.registry.SAMLAssertingPartyEntry;
import com.bea.common.security.saml.registry.SAMLAssertingPartyRegistry;
import com.bea.common.security.saml.registry.SAMLPartnerEntry;
import com.bea.common.security.saml.registry.SAMLPartnerLDAPSchema;
import com.bea.common.security.saml.registry.SAMLPartnerRegistry;
import com.bea.common.security.saml.registry.SAMLV1ConfigHelper;
import com.bea.common.security.saml.utils.SAMLUtil;
import com.bea.common.security.store.data.BEASAMLAssertingParty;
import com.bea.common.security.store.data.BEASAMLAssertingPartyId;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import org.eclipse.persistence.jpa.jpql.parser.Expression;
import weblogic.management.security.ProviderMBean;
import weblogic.security.spi.ProviderInitializationException;
import weblogic.security.spi.SecurityServices;

/* loaded from: input_file:com/bea/common/security/saml/manager/SAMLAPConfigManager.class */
public class SAMLAPConfigManager extends SAMLPartnerConfigManager {
    private Map redirectMap;
    private Map sourceSiteMap;
    private String defaultNameMapper;
    private static SecurityServices securityServices = null;

    private SAMLAPConfigManager(ProviderMBean providerMBean, SecurityServices securityServices2) {
        super(providerMBean, securityServices2);
        this.redirectMap = null;
        this.sourceSiteMap = null;
        this.defaultNameMapper = null;
    }

    public static SAMLAPConfigManager getManager() {
        return (SAMLAPConfigManager) getManagerInstance(0);
    }

    public static void setManager(SAMLAPConfigManager sAMLAPConfigManager) {
        setManagerInstance(0, sAMLAPConfigManager);
    }

    public static synchronized SAMLAPConfigManager getManager(ProviderMBean providerMBean, SecurityServices securityServices2) {
        SAMLAPConfigManager manager = getManager();
        if (manager != null && securityServices != null && securityServices != securityServices2) {
            manager = null;
        }
        if (manager == null) {
            securityServices = securityServices2;
            setManager(new SAMLAPConfigManager(providerMBean, securityServices2));
        }
        return getManager();
    }

    private void handleEntryChanged() {
        logDebug("handleEntryChanged", "Building maps ...");
        buildMaps();
        handleDefaultRegistryChange();
    }

    private void buildMaps() {
        buildPartnerMaps();
        buildRedirectMap();
        buildSourceSiteMap();
    }

    private synchronized void setDefaults(String str) {
        this.defaultNameMapper = str;
    }

    public synchronized void setConfig(String str) {
        setDefaults(str);
        buildMaps();
    }

    private void buildV1Maps(Properties properties, Properties properties2) {
        buildV1PartnerMaps(properties);
        buildV1RedirectMap(properties2);
        buildSourceSiteMap();
    }

    public synchronized void setV1Config(Properties properties, Properties properties2, String str) {
        setDefaults(str);
        buildV1Maps(properties, properties2);
    }

    public synchronized Map getRedirectMap() {
        return this.redirectMap;
    }

    public synchronized Map getSourceSiteMap() {
        return this.sourceSiteMap;
    }

    @Override // com.bea.common.security.saml.manager.SAMLPartnerConfigManager
    protected String getManagerName() {
        return "SAMLAPConfigManager";
    }

    @Override // com.bea.common.security.saml.manager.SAMLPartnerConfigManager
    protected String getDebugLoggerName() {
        return "SecuritySAMLAtn";
    }

    @Override // com.bea.common.security.saml.manager.SAMLPartnerConfigManager
    protected SAMLPartnerRegistry getRegistryInstance(ProviderMBean providerMBean, SecurityServices securityServices2) {
        return new SAMLAssertingPartyRegistry(providerMBean, securityServices2);
    }

    @Override // com.bea.common.security.saml.manager.SAMLPartnerConfigManager
    protected SAMLPartnerEntry getPartnerInstance() {
        return new SAMLAssertingPartyConfig(this.LOGGER, this.legacyEncryptor);
    }

    @Override // com.bea.common.security.saml.manager.SAMLPartnerConfigManager
    protected synchronized boolean applyPartnerDefaults(SAMLPartnerEntry sAMLPartnerEntry) {
        SAMLAssertingPartyConfig sAMLAssertingPartyConfig = (SAMLAssertingPartyConfig) sAMLPartnerEntry;
        String nameMapperClass = sAMLAssertingPartyConfig.getNameMapperClass();
        if (nameMapperClass == null || nameMapperClass.length() == 0) {
            nameMapperClass = this.defaultNameMapper;
        }
        sAMLAssertingPartyConfig.setNameMapperClass(nameMapperClass);
        return true;
    }

    @Override // com.bea.common.security.saml.manager.SAMLPartnerConfigManager
    protected String getPartnerTargetKey(SAMLPartnerEntry sAMLPartnerEntry) {
        SAMLAssertingPartyConfig sAMLAssertingPartyConfig = (SAMLAssertingPartyConfig) sAMLPartnerEntry;
        if (sAMLAssertingPartyConfig.getTargetURL() != null) {
            return (sAMLAssertingPartyConfig.isWildcardTarget() || sAMLAssertingPartyConfig.isDefaultTarget()) ? "wildcard" : makeTargetKey(sAMLAssertingPartyConfig.getProfileConfMethodName(), sAMLAssertingPartyConfig.getIssuerURI(), sAMLAssertingPartyConfig.getTargetURL());
        }
        return null;
    }

    private static String makeTargetKey(String str, String str2, String str3) {
        return str + ":" + str2 + "&" + str3;
    }

    @Override // com.bea.common.security.saml.manager.SAMLPartnerConfigManager
    protected int testPartnerWildcardMatch(String str, String str2, String str3, SAMLPartnerEntry sAMLPartnerEntry) {
        SAMLAssertingPartyConfig sAMLAssertingPartyConfig = (SAMLAssertingPartyConfig) sAMLPartnerEntry;
        if (sAMLAssertingPartyConfig.getTargetURL() == null || !str.equals(sAMLAssertingPartyConfig.getProfileConfMethodName()) || !str2.equals(sAMLAssertingPartyConfig.getIssuerURI())) {
            return -1;
        }
        if (sAMLAssertingPartyConfig.isDefaultTarget()) {
            return 0;
        }
        if (str3.startsWith(sAMLAssertingPartyConfig.getTargetURL())) {
            return sAMLAssertingPartyConfig.getTargetURL().length();
        }
        return -1;
    }

    public SAMLAssertingPartyConfig findAssertingParty(String str) {
        return (SAMLAssertingPartyConfig) findPartner(str);
    }

    public SAMLAssertingPartyConfig findAssertingPartyByRequestParams(String str, String str2, String str3) {
        SAMLAssertingPartyConfig sAMLAssertingPartyConfig = (SAMLAssertingPartyConfig) findPartnerInTargetMap(makeTargetKey(str, str2, str3));
        if (sAMLAssertingPartyConfig == null) {
            sAMLAssertingPartyConfig = (SAMLAssertingPartyConfig) findPartnerInWildcardList(str, str2, str3);
        }
        return sAMLAssertingPartyConfig;
    }

    public SAMLAssertingPartyConfig findAssertingPartyBySourceId(String str) {
        return (SAMLAssertingPartyConfig) this.sourceSiteMap.get(str);
    }

    private synchronized void buildRedirectMap() throws ProviderInitializationException {
        HashMap hashMap = new HashMap();
        for (SAMLAssertingPartyConfig sAMLAssertingPartyConfig : this.partnerMap.values()) {
            String intersiteTransferURL = sAMLAssertingPartyConfig.getIntersiteTransferURL();
            String[] redirectURIs = sAMLAssertingPartyConfig.getRedirectURIs();
            if (intersiteTransferURL == null || intersiteTransferURL.length() <= 0 || redirectURIs == null) {
                logDebug("buildRedirectMap", "Partner '" + sAMLAssertingPartyConfig.getPartnerId() + "' has no redirects configured");
            } else {
                logDebug("buildRedirectMap", "Redirects configured for partner '" + sAMLAssertingPartyConfig.getPartnerId() + Expression.QUOTE);
                String buildURLWithParams = SAMLUtil.buildURLWithParams(intersiteTransferURL, sAMLAssertingPartyConfig.getIntersiteTransferParams());
                logDebug("buildRedirectMap", "ITS URL with Params is '" + buildURLWithParams + Expression.QUOTE);
                for (int i = 0; redirectURIs != null && i < redirectURIs.length; i++) {
                    if (redirectURIs[i] != null) {
                        String str = (String) hashMap.get(redirectURIs[i]);
                        if (str != null && !str.equals(buildURLWithParams)) {
                            logDebug("buildRedirectMap", "Conflicting redirects for '" + redirectURIs[i] + Expression.QUOTE);
                        }
                        logDebug("buildRedirectMap", "Redirect URI " + i + " is '" + redirectURIs[i] + Expression.QUOTE);
                        hashMap.put(redirectURIs[i], buildURLWithParams);
                    }
                }
            }
        }
        this.redirectMap = hashMap;
    }

    private synchronized void buildV1RedirectMap(Properties properties) throws ProviderInitializationException {
        HashMap hashMap = new HashMap();
        if (properties != null) {
            SAMLV1ConfigHelper sAMLV1ConfigHelper = new SAMLV1ConfigHelper(this.LOGGER, properties, SAMLV1ConfigHelper.PROP_REDIRECT_NAMES);
            while (sAMLV1ConfigHelper.hasMoreEntries()) {
                Map nextEntry = sAMLV1ConfigHelper.getNextEntry();
                if (nextEntry != null) {
                    String str = ((String) nextEntry.get(SAMLPartnerLDAPSchema.ATTR_ITS_URL)) + "?";
                    String str2 = (String) nextEntry.get(SAMLPartnerLDAPSchema.ATTR_REDIRECT_URIS);
                    if (str != null && str2 != null) {
                        String str3 = (String) hashMap.get(str2);
                        if (str3 != null && !str3.equals(str)) {
                            logDebug("buildV1RedirectMap", "Conflicting redirects for '" + str2 + Expression.QUOTE);
                        }
                        hashMap.put(str2, str);
                    }
                }
            }
        }
        this.redirectMap = hashMap;
    }

    private synchronized void buildSourceSiteMap() {
        HashMap hashMap = new HashMap();
        logDebug("buildSourceSiteMap", "Building map of configured source sites for artifact profile");
        for (SAMLAssertingPartyConfig sAMLAssertingPartyConfig : this.partnerMap.values()) {
            if (sAMLAssertingPartyConfig.getProfileId() == 2) {
                hashMap.put(sAMLAssertingPartyConfig.getSourceIdHex(), sAMLAssertingPartyConfig);
            }
        }
        this.sourceSiteMap = hashMap;
    }

    @Override // com.bea.common.security.saml.manager.SAMLPartnerConfigManager
    protected void handleStoreChanges(List list) {
        if (areChangesInScope(list)) {
            handleEntryChanged();
        }
    }

    @Override // com.bea.common.security.saml.registry.PartnerChangeListener
    public void firePartnerChange(SAMLPartnerEntry sAMLPartnerEntry) {
        if (sAMLPartnerEntry == null || !(sAMLPartnerEntry instanceof SAMLAssertingPartyEntry) || isEmbeddedLDAP()) {
            return;
        }
        handleEntryChanged();
    }

    @Override // com.bea.common.security.saml.manager.SAMLPartnerConfigManager
    protected Class getStoreClass() {
        return BEASAMLAssertingParty.class;
    }

    private boolean areChangesInScope(List list) {
        for (int i = 0; i < list.size(); i++) {
            if (list.get(i) instanceof BEASAMLAssertingPartyId) {
                return true;
            }
        }
        return false;
    }
}
