package com.ibm.ws.wssecurity.saml.binding.saml20;

import com.ibm.websphere.management.NotificationConstants;
import com.ibm.ws.security.config.SecurityConfig;
import com.ibm.ws.wssecurity.util.Tr;
import com.ibm.ws.wssecurity.util.TraceComponent;
import java.util.ArrayList;
import java.util.List;
import java.util.Properties;
import org.apache.axis2.engine.DependencyManager;

/* loaded from: input_file:com/ibm/ws/wssecurity/saml/binding/saml20/PostBindingSPConfig.class */
public class PostBindingSPConfig implements PostBindingConfig {
    private static final TraceComponent tc = Tr.register(PostBindingSPConfig.class, "Web Services Security", "com.ibm.ws.wssecurity.resources.wssmessages");
    protected Properties configProps;
    protected String acsUrl = null;
    protected String EncryptionMethod = null;
    protected boolean WantAssertionsSigned = true;
    protected long allowedClockSkew = 0;
    protected String defaultTargetUrl = null;
    protected boolean useRelayStateAsTargetUrl = true;
    protected String errorPage = null;
    protected String acsErrorPage = null;
    protected boolean preserveState = true;
    protected String entityID = null;
    protected boolean adminApp = false;
    protected boolean taiCookie = true;
    protected String cookieGroup = null;
    protected List<String> X509Paths = new ArrayList();
    protected List<String> CRLPaths = new ArrayList();
    protected boolean preventReplay = true;
    protected String charEncoding = null;
    protected boolean disableDecodeUrl = false;
    protected boolean retryTrust = false;
    protected boolean serverSideRedirect = true;

    public PostBindingSPConfig(Properties properties) {
        this.configProps = null;
        this.configProps = properties;
        init(properties);
    }

    public Properties getProperties() {
        return this.configProps;
    }

    private void init(Properties properties) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, DependencyManager.SERVICE_INIT_METHOD);
        }
        if (properties != null) {
            this.acsUrl = PropertyConfigUtil.getPropertyString(properties, SAMLSpConstants.SP_ACS);
            this.EncryptionMethod = PropertyConfigUtil.getPropertyString(properties, SAMLSpConstants.ENCRYPTION_METHOD);
            this.WantAssertionsSigned = PropertyConfigUtil.getPropertyBoolean(properties, SAMLSpConstants.WANT_SAML_SIGNED, true);
            this.acsErrorPage = PropertyConfigUtil.getPropertyString(properties, SAMLSpConstants.ACS_VALIDATION_ERROR_PAGE);
            this.errorPage = PropertyConfigUtil.getPropertyString(properties, SAMLSpConstants.LOGIN_ERROR_PAGE);
            this.preserveState = PropertyConfigUtil.getPropertyBoolean(properties, SAMLSpConstants.PRESERVE_REQ_STATE, true);
            this.adminApp = PropertyConfigUtil.getPropertyBoolean(properties, SAMLSpConstants.INTERCEPT_ADMIN_APP, false);
            this.entityID = PropertyConfigUtil.getPropertyString(properties, SAMLSpConstants.SP_ENTITY_ID);
            if (this.entityID == null) {
                this.entityID = this.acsUrl;
            }
            sortX509orCRL(properties);
            buildValuesWithDefault(properties);
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, toString());
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, DependencyManager.SERVICE_INIT_METHOD);
        }
    }

    private void buildValuesWithDefault(Properties properties) {
        if (properties != null) {
            this.defaultTargetUrl = PropertyConfigUtil.getPropertyString(properties, SAMLSpConstants.TARGET_URL);
            if (this.defaultTargetUrl == null) {
                this.defaultTargetUrl = PropertyConfigUtil.getPropertyString(properties, SAMLSpConstants.DEFAULT_TARGET);
            }
            this.useRelayStateAsTargetUrl = PropertyConfigUtil.getPropertyBoolean(properties, SAMLSpConstants.USE_RELAY_STATE, true);
            if (properties.get(SAMLSpConstants.USE_RELAY_STATE) == null) {
                this.useRelayStateAsTargetUrl = PropertyConfigUtil.getPropertyBoolean(properties, SAMLSpConstants.DEFAULT_USE_RELAY_FOR_TARGET, true);
            }
            this.taiCookie = PropertyConfigUtil.getPropertyBoolean(properties, SAMLSpConstants.TAI_COOKIE, true);
            if (PropertyConfigUtil.getPropertyString(properties, SAMLSpConstants.TAI_COOKIE) == null) {
                this.taiCookie = PropertyConfigUtil.getPropertyBoolean(properties, SAMLSpConstants.DEFAULT_TAI_COOKIE, true);
            }
            this.cookieGroup = PropertyConfigUtil.getPropertyString(properties, SAMLSpConstants.COOKIE_GROUP_IDENTIFIER);
            if (this.cookieGroup == null) {
                this.cookieGroup = PropertyConfigUtil.getPropertyString(properties, SAMLSpConstants.DEFAULT_COOKIE_GROUP_IDENTIFIER);
            }
            if (this.cookieGroup != null) {
                this.cookieGroup = SAMLSpConstants.SSO_PREFIX_ + this.cookieGroup;
            } else {
                this.cookieGroup = SAMLSpConstants.SSO_COMMON_COOKIE_IDENTIFIER;
            }
            if (PropertyConfigUtil.getPropertyString(properties, SAMLSpConstants.PREVENT_REPLAY_ATTACK_SP) != null) {
                this.preventReplay = PropertyConfigUtil.getPropertyBoolean(properties, SAMLSpConstants.PREVENT_REPLAY_ATTACK_SP, true);
            } else {
                this.preventReplay = PropertyConfigUtil.getPropertyBoolean(properties, SAMLSpConstants.PREVENT_REPLAY_ATTACK, true);
            }
            String propertyString = PropertyConfigUtil.getPropertyString(properties, SAMLSpConstants.ALLOWED_CLOCK_SKEW);
            if (propertyString == null || propertyString.equals("0")) {
                propertyString = PropertyConfigUtil.getPropertyString(properties, SAMLSpConstants.DEFAULT_ALLOWED_CLOCK_SKEW);
            }
            try {
                long parseLong = Long.parseLong(propertyString);
                if (parseLong > 0) {
                    this.allowedClockSkew = parseLong * 60 * 1000;
                } else {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "The specified clock skew is invalid:" + parseLong);
                    }
                    this.allowedClockSkew = NotificationConstants.HANDLE_NOTIFICATION_TIMEOUT_DEFAULT;
                }
            } catch (Exception e) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "The specified clock skew is invalid:" + propertyString);
                }
                this.allowedClockSkew = NotificationConstants.HANDLE_NOTIFICATION_TIMEOUT_DEFAULT;
            }
            initDisableDecodeUrl(properties);
            this.charEncoding = PropertyConfigUtil.getPropertyString(properties, SAMLSpConstants.SP_CHAR_ENCODING);
            if (this.charEncoding == null) {
                this.charEncoding = PropertyConfigUtil.getPropertyString(properties, SAMLSpConstants.CHAR_ENCODING);
            }
            if (PropertyConfigUtil.getPropertyString(properties, SAMLSpConstants.SP_RETRY_TRUST) != null) {
                this.retryTrust = PropertyConfigUtil.getPropertyBoolean(properties, SAMLSpConstants.SP_RETRY_TRUST, false);
            } else {
                this.retryTrust = PropertyConfigUtil.getPropertyBoolean(properties, SAMLSpConstants.RETRY_TRUST, false);
            }
            if (PropertyConfigUtil.getPropertyString(properties, SAMLSpConstants.SP_SERVER_REDIRECT) != null) {
                this.serverSideRedirect = PropertyConfigUtil.getPropertyBoolean(properties, SAMLSpConstants.SP_SERVER_REDIRECT, true);
            } else {
                this.serverSideRedirect = PropertyConfigUtil.getPropertyBoolean(properties, SAMLSpConstants.SERVER_REDIRECT, true);
            }
        }
    }

    protected void sortX509orCRL(Properties properties) {
        int length = SAMLSpConstants.X509PATH.length();
        int length2 = SAMLSpConstants.CRLPATH.length();
        for (Object obj : properties.keySet()) {
            if ((obj instanceof String) && obj != null) {
                String str = (String) obj;
                if (str.equalsIgnoreCase(SAMLSpConstants.X509PATH)) {
                    this.X509Paths.add((String) properties.get(obj));
                }
                if (str.equalsIgnoreCase(SAMLSpConstants.CRLPATH)) {
                    this.CRLPaths.add((String) properties.get(obj));
                }
                if (str.length() > length + 1 && str.substring(0, length + 1).equalsIgnoreCase(SAMLSpConstants.X509PATH_PREFIX)) {
                    this.X509Paths.add((String) properties.get(obj));
                }
                if (str.length() > length2 + 1 && str.substring(0, length2 + 1).equalsIgnoreCase(SAMLSpConstants.CRLPATH_PREFIX)) {
                    this.CRLPaths.add((String) properties.get(obj));
                }
            }
        }
    }

    protected void initDisableDecodeUrl(Properties properties) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "initDisableDecodeUrl");
        }
        if (PropertyConfigUtil.getPropertyString(properties, SAMLSpConstants.SP_DISABLE_DECODE_URL) != null) {
            this.disableDecodeUrl = PropertyConfigUtil.getPropertyBoolean(properties, SAMLSpConstants.SP_DISABLE_DECODE_URL, false);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "sp.disableDecodeURL is [" + this.disableDecodeUrl + "] in TAI properties.");
            }
        } else if (PropertyConfigUtil.getPropertyString(properties, SAMLSpConstants.DISABLE_DECODE_URL) != null) {
            this.disableDecodeUrl = PropertyConfigUtil.getPropertyBoolean(properties, SAMLSpConstants.DISABLE_DECODE_URL, false);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "disableDecodeURL is [" + this.disableDecodeUrl + "] in TAI properties.");
            }
        } else if (PropertyConfigUtil.getPropertyString(properties, SecurityConfig.DISABLE_SAML_DECODE_REDIRECT_URL) != null) {
            this.disableDecodeUrl = PropertyConfigUtil.getPropertyBoolean(properties, SecurityConfig.DISABLE_SAML_DECODE_REDIRECT_URL, false);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, SecurityConfig.DISABLE_SAML_DECODE_REDIRECT_URL + " is [" + this.disableDecodeUrl + "]");
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "initDisableDecodeUrl disableDecodeUrl[" + this.disableDecodeUrl + "]");
        }
    }

    public String getCharEncoding() {
        return this.charEncoding;
    }

    public boolean getDisableDecodeUrl() {
        return this.disableDecodeUrl;
    }

    public boolean getRetryTrust() {
        return this.retryTrust;
    }

    public String getAssertionConsumerService() {
        return this.acsUrl;
    }

    public void setAssertionConsumerService(String str) {
        this.acsUrl = str;
    }

    public String getEncryptionMethod() {
        return this.EncryptionMethod;
    }

    public boolean wantAssertionsSigned() {
        return this.WantAssertionsSigned;
    }

    public String getDefaultTargetUrl() {
        return this.defaultTargetUrl;
    }

    public void setDefaultTargetUrl(String str) {
        this.defaultTargetUrl = str;
    }

    public boolean isUseRelayStateAsTargetUrl() {
        return this.useRelayStateAsTargetUrl;
    }

    public void setUseRelayStateAsTargetUrl(boolean z) {
        this.useRelayStateAsTargetUrl = z;
    }

    public String getLoginErrorPage() {
        return this.errorPage;
    }

    public void setLoginErrorPage(String str) {
        this.errorPage = str;
    }

    public long getAllowedClockSkew() {
        return this.allowedClockSkew;
    }

    public String getAcsErrorPage() {
        return this.acsErrorPage;
    }

    public boolean preserveRequestState() {
        return this.preserveState;
    }

    public String getEntityID() {
        return this.entityID;
    }

    public boolean interceptAdminApp() {
        return this.adminApp;
    }

    public boolean enforceTaiCookie() {
        return this.taiCookie;
    }

    public String getCookieGroupIdentifier() {
        return this.cookieGroup;
    }

    public boolean preventReplay() {
        return this.preventReplay;
    }

    public List<String> getCRLPaths() {
        return this.CRLPaths;
    }

    public List<String> getX509Paths() {
        return this.X509Paths;
    }

    public boolean doServerSideRedirect() {
        return this.serverSideRedirect;
    }

    public String toString() {
        StringBuffer append = new StringBuffer(getClass().getName()).append("(");
        append.append("acsUrl=[").append(this.acsUrl).append("], ");
        append.append("EncryptionMethod=[").append(this.EncryptionMethod).append("], ");
        append.append("WantAssertionsSigned=[").append(this.WantAssertionsSigned).append("], ");
        append.append("allowedClockSkew=[").append(this.allowedClockSkew).append("], ");
        append.append("defaultTargetUrl=[").append(this.defaultTargetUrl).append("], ");
        append.append("useRelayStateAsTargetUrl=[").append(this.useRelayStateAsTargetUrl).append("], ");
        append.append("errorPage=[").append(this.errorPage).append("], ");
        append.append("acsErrorPage=[").append(this.acsErrorPage).append("], ");
        append.append("preserveState=[").append(this.preserveState).append("], ");
        append.append("entityID=[").append(this.entityID).append("], ");
        append.append("adminApp=[").append(this.adminApp).append("], ");
        append.append("taiCookie=[").append(this.taiCookie).append("], ");
        append.append("cookieGroup=[").append(this.cookieGroup).append("], ");
        append.append("preventReplay=[").append(this.preventReplay).append("], ");
        append.append("disableDecodeUrl=[").append(this.disableDecodeUrl).append("], ");
        append.append("charEncoding=[").append(this.charEncoding).append("], ");
        append.append("retryTrust=[").append(this.retryTrust).append("], ");
        append.append("serverSideRedirect=[").append(this.serverSideRedirect).append("]");
        append.append(")");
        return append.toString();
    }
}
