package com.ibm.ws.security.oidc.client;

import com.google.common.net.HttpHeaders;
import com.google.gson.JsonElement;
import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
import com.google.gson.JsonSyntaxException;
import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.security.WebTrustAssociationFailedException;
import com.ibm.websphere.ssl.JSSEHelper;
import com.ibm.websphere.ssl.SSLConfigChangeListener;
import com.ibm.websphere.ssl.SSLException;
import com.ibm.ws.security.config.SecurityConfig;
import com.ibm.ws.security.config.SecurityObjectLocator;
import com.ibm.ws.security.oidc.util.MessageHelper;
import com.ibm.ws.security.oidc.util.OidcUtil;
import com.ibm.ws.security.util.Base64Coder;
import com.ibm.ws.ssl.config.KeyStoreManager;
import com.ibm.ws.util.Base64;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.io.Writer;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLEncoder;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.StringTokenizer;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSocketFactory;
import javax.servlet.ServletRequest;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/ibm/ws/security/oidc/client/RelyingPartyUtils.class */
public class RelyingPartyUtils {
    private static final String STATEID_COOKIE_PREFIX = "OIDSTATEID_";
    static final String MANAGEMENT_SCOPE_P = " managementScope=";
    static final String KEYSTORE_P = "name=";
    private static final TraceComponent tc = Tr.register(RelyingPartyUtils.class, MessageHelper._TR_GROUP, MessageHelper._MSG_FILE);
    public static final String DEFAULT_MANAGED_TRUST_STORE = "DefaultTrustStore".intern();

    /* loaded from: input_file:com/ibm/ws/security/oidc/client/RelyingPartyUtils$privBase64.class */
    private static class privBase64 {
        private static final char S_BASE64PAD = '=';
        private static final String tab = "0123456789ABCDEF";
        private static final char[] S_BASE64CHAR = {'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '+', '/'};
        private static final byte[] S_DECODETABLE = new byte[128];

        private privBase64() {
        }

        private static final int decode0(char[] cArr, byte[] bArr, int i) {
            boolean z = 3;
            if (cArr[3] == S_BASE64PAD) {
                z = 2;
            }
            if (cArr[2] == S_BASE64PAD) {
                z = true;
            }
            byte b = S_DECODETABLE[cArr[0]];
            byte b2 = S_DECODETABLE[cArr[1]];
            byte b3 = S_DECODETABLE[cArr[2]];
            byte b4 = S_DECODETABLE[cArr[3]];
            switch (z) {
                case true:
                    bArr[i] = (byte) (((b << 2) & 252) | ((b2 >> 4) & 3));
                    return 1;
                case true:
                    bArr[i] = (byte) (((b << 2) & 252) | ((b2 >> 4) & 3));
                    bArr[i + 1] = (byte) (((b2 << 4) & 240) | ((b3 >> 2) & 15));
                    return 2;
                case true:
                    int i2 = i + 1;
                    bArr[i] = (byte) (((b << 2) & 252) | ((b2 >> 4) & 3));
                    bArr[i2] = (byte) (((b2 << 4) & 240) | ((b3 >> 2) & 15));
                    bArr[i2 + 1] = (byte) (((b3 << 6) & 192) | (b4 & 63));
                    return 3;
                default:
                    throw new RuntimeException("Internal Errror");
            }
        }

        public static final byte[] decode(char[] cArr, int i, int i2) {
            char[] cArr2 = new char[4];
            int i3 = 0;
            byte[] bArr = new byte[((i2 / 4) * 3) + 3];
            int i4 = 0;
            for (int i5 = i; i5 < i + i2; i5++) {
                char c = cArr[i5];
                if (c == S_BASE64PAD || (c < S_DECODETABLE.length && S_DECODETABLE[c] != Byte.MAX_VALUE)) {
                    int i6 = i3;
                    i3++;
                    cArr2[i6] = c;
                    if (i3 == cArr2.length) {
                        i3 = 0;
                        i4 += decode0(cArr2, bArr, i4);
                    }
                }
            }
            if (i4 == bArr.length) {
                return bArr;
            }
            byte[] bArr2 = new byte[i4];
            System.arraycopy(bArr, 0, bArr2, 0, i4);
            return bArr2;
        }

        public static final byte[] decode(String str) {
            char[] cArr = new char[4];
            int i = 0;
            byte[] bArr = new byte[((str.length() / 4) * 3) + 3];
            int i2 = 0;
            int length = str.length();
            for (int i3 = 0; i3 < length; i3++) {
                char charAt = str.charAt(i3);
                if (charAt == S_BASE64PAD || (charAt < S_DECODETABLE.length && S_DECODETABLE[charAt] != Byte.MAX_VALUE)) {
                    int i4 = i;
                    i++;
                    cArr[i4] = charAt;
                    if (i == cArr.length) {
                        i = 0;
                        i2 += decode0(cArr, bArr, i2);
                    }
                }
            }
            if (i2 == bArr.length) {
                return bArr;
            }
            byte[] bArr2 = new byte[i2];
            System.arraycopy(bArr, 0, bArr2, 0, i2);
            return bArr2;
        }

        public static final byte[] decode(byte[] bArr) {
            return decode(bArr, 0, bArr.length);
        }

        public static final byte[] decode(byte[] bArr, int i, int i2) {
            char[] cArr = new char[4];
            int i3 = 0;
            byte[] bArr2 = new byte[((i2 / 4) * 3) + 3];
            int i4 = 0;
            for (int i5 = i; i5 < i + i2; i5++) {
                char c = (char) bArr[i5];
                if (c == S_BASE64PAD || (c < S_DECODETABLE.length && S_DECODETABLE[c] != Byte.MAX_VALUE)) {
                    int i6 = i3;
                    i3++;
                    cArr[i6] = c;
                    if (i3 == cArr.length) {
                        i3 = 0;
                        i4 += decode0(cArr, bArr2, i4);
                    }
                }
            }
            if (i4 == bArr2.length) {
                return bArr2;
            }
            byte[] bArr3 = new byte[i4];
            System.arraycopy(bArr2, 0, bArr3, 0, i4);
            return bArr3;
        }

        public static void decode(char[] cArr, int i, int i2, OutputStream outputStream) throws IOException {
            char[] cArr2 = new char[4];
            int i3 = 0;
            byte[] bArr = new byte[3];
            for (int i4 = i; i4 < i + i2; i4++) {
                char c = cArr[i4];
                if (c == S_BASE64PAD || (c < S_DECODETABLE.length && S_DECODETABLE[c] != Byte.MAX_VALUE)) {
                    int i5 = i3;
                    i3++;
                    cArr2[i5] = c;
                    if (i3 == cArr2.length) {
                        i3 = 0;
                        outputStream.write(bArr, 0, decode0(cArr2, bArr, 0));
                    }
                }
            }
        }

        public static final void decode(String str, OutputStream outputStream) throws IOException {
            char[] cArr = new char[4];
            int i = 0;
            byte[] bArr = new byte[3];
            int length = str.length();
            for (int i2 = 0; i2 < length; i2++) {
                char charAt = str.charAt(i2);
                if (charAt == S_BASE64PAD || (charAt < S_DECODETABLE.length && S_DECODETABLE[charAt] != Byte.MAX_VALUE)) {
                    int i3 = i;
                    i++;
                    cArr[i3] = charAt;
                    if (i == cArr.length) {
                        i = 0;
                        outputStream.write(bArr, 0, decode0(cArr, bArr, 0));
                    }
                }
            }
        }

        public static final String encode(byte[] bArr) {
            return encode(bArr, 0, bArr.length);
        }

        public static final String encode(byte[] bArr, int i, int i2) {
            if (i2 <= 0) {
                return "";
            }
            char[] cArr = new char[((i2 / 3) * 4) + 4];
            int i3 = i;
            int i4 = 0;
            int i5 = i2;
            while (i5 >= 3) {
                int i6 = ((bArr[i3] & 255) << 16) + ((bArr[i3 + 1] & 255) << 8) + (bArr[i3 + 2] & 255);
                int i7 = i4;
                int i8 = i4 + 1;
                cArr[i7] = S_BASE64CHAR[i6 >> 18];
                int i9 = i8 + 1;
                cArr[i8] = S_BASE64CHAR[(i6 >> 12) & 63];
                int i10 = i9 + 1;
                cArr[i9] = S_BASE64CHAR[(i6 >> 6) & 63];
                i4 = i10 + 1;
                cArr[i10] = S_BASE64CHAR[i6 & 63];
                i3 += 3;
                i5 -= 3;
            }
            if (i5 == 1) {
                int i11 = bArr[i3] & 255;
                int i12 = i4;
                int i13 = i4 + 1;
                cArr[i12] = S_BASE64CHAR[i11 >> 2];
                int i14 = i13 + 1;
                cArr[i13] = S_BASE64CHAR[(i11 << 4) & 63];
                int i15 = i14 + 1;
                cArr[i14] = '=';
                i4 = i15 + 1;
                cArr[i15] = '=';
            } else if (i5 == 2) {
                int i16 = ((bArr[i3] & 255) << 8) + (bArr[i3 + 1] & 255);
                int i17 = i4;
                int i18 = i4 + 1;
                cArr[i17] = S_BASE64CHAR[i16 >> 10];
                int i19 = i18 + 1;
                cArr[i18] = S_BASE64CHAR[(i16 >> 4) & 63];
                int i20 = i19 + 1;
                cArr[i19] = S_BASE64CHAR[(i16 << 2) & 63];
                i4 = i20 + 1;
                cArr[i20] = '=';
            }
            return new String(cArr, 0, i4);
        }

        public static final void encode(byte[] bArr, int i, int i2, OutputStream outputStream) throws IOException {
            if (i2 <= 0) {
                return;
            }
            byte[] bArr2 = new byte[4];
            int i3 = i;
            int i4 = i2 - i;
            while (i4 >= 3) {
                int i5 = ((bArr[i3] & 255) << 16) + ((bArr[i3 + 1] & 255) << 8) + (bArr[i3 + 2] & 255);
                bArr2[0] = (byte) S_BASE64CHAR[i5 >> 18];
                bArr2[1] = (byte) S_BASE64CHAR[(i5 >> 12) & 63];
                bArr2[2] = (byte) S_BASE64CHAR[(i5 >> 6) & 63];
                bArr2[3] = (byte) S_BASE64CHAR[i5 & 63];
                outputStream.write(bArr2, 0, 4);
                i3 += 3;
                i4 -= 3;
            }
            if (i4 == 1) {
                int i6 = bArr[i3] & 255;
                bArr2[0] = (byte) S_BASE64CHAR[i6 >> 2];
                bArr2[1] = (byte) S_BASE64CHAR[(i6 << 4) & 63];
                bArr2[2] = S_BASE64PAD;
                bArr2[3] = S_BASE64PAD;
                outputStream.write(bArr2, 0, 4);
                return;
            }
            if (i4 == 2) {
                int i7 = ((bArr[i3] & 255) << 8) + (bArr[i3 + 1] & 255);
                bArr2[0] = (byte) S_BASE64CHAR[i7 >> 10];
                bArr2[1] = (byte) S_BASE64CHAR[(i7 >> 4) & 63];
                bArr2[2] = (byte) S_BASE64CHAR[(i7 << 2) & 63];
                bArr2[3] = S_BASE64PAD;
                outputStream.write(bArr2, 0, 4);
            }
        }

        public static void encode(byte[] bArr, int i, int i2, Writer writer) throws IOException {
            if (i2 <= 0) {
                return;
            }
            char[] cArr = new char[4];
            int i3 = i;
            int i4 = i2 - i;
            int i5 = 0;
            while (i4 >= 3) {
                int i6 = ((bArr[i3] & 255) << 16) + ((bArr[i3 + 1] & 255) << 8) + (bArr[i3 + 2] & 255);
                cArr[0] = S_BASE64CHAR[i6 >> 18];
                cArr[1] = S_BASE64CHAR[(i6 >> 12) & 63];
                cArr[2] = S_BASE64CHAR[(i6 >> 6) & 63];
                cArr[3] = S_BASE64CHAR[i6 & 63];
                writer.write(cArr, 0, 4);
                i3 += 3;
                i4 -= 3;
                i5 += 4;
                if (i5 % 76 == 0) {
                    writer.write("\n");
                }
            }
            if (i4 == 1) {
                int i7 = bArr[i3] & 255;
                cArr[0] = S_BASE64CHAR[i7 >> 2];
                cArr[1] = S_BASE64CHAR[(i7 << 4) & 63];
                cArr[2] = '=';
                cArr[3] = '=';
                writer.write(cArr, 0, 4);
                return;
            }
            if (i4 == 2) {
                int i8 = ((bArr[i3] & 255) << 8) + (bArr[i3 + 1] & 255);
                cArr[0] = S_BASE64CHAR[i8 >> 10];
                cArr[1] = S_BASE64CHAR[(i8 >> 4) & 63];
                cArr[2] = S_BASE64CHAR[(i8 << 2) & 63];
                cArr[3] = '=';
                writer.write(cArr, 0, 4);
            }
        }

        public static String format(String str, int i, String str2, String str3) {
            if (i >= 76) {
                i = 75;
            }
            int length = str.length();
            StringBuffer stringBuffer = new StringBuffer((((length / (76 - i)) + 1) * 77) + str2.length() + str3.length());
            stringBuffer.append(str2);
            int i2 = 0;
            while (i2 < length) {
                for (int i3 = 0; i3 < i; i3++) {
                    stringBuffer.append(' ');
                }
                int min = Math.min((i2 + 76) - i, str.length());
                stringBuffer.append(str.substring(i2, min));
                i2 = min;
                stringBuffer.append('\n');
            }
            stringBuffer.append(str3);
            return new String(stringBuffer);
        }

        public static String toHexString(byte[] bArr) {
            StringBuffer stringBuffer = new StringBuffer(bArr.length * 2);
            for (int i = 0; i < bArr.length; i++) {
                stringBuffer.append(tab.charAt((bArr[i] >> 4) & 15));
                stringBuffer.append(tab.charAt(bArr[i] & 15));
            }
            return new String(stringBuffer);
        }

        static {
            for (int i = 0; i < S_DECODETABLE.length; i++) {
                S_DECODETABLE[i] = Byte.MAX_VALUE;
            }
            for (int i2 = 0; i2 < S_BASE64CHAR.length; i2++) {
                S_DECODETABLE[S_BASE64CHAR[i2]] = (byte) i2;
            }
        }
    }

    public static ArrayList<String> getUris(Properties properties, String str, String str2) throws WebTrustAssociationFailedException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getUris(props[" + OidcUtil.getObjState(properties) + "],propertyName[" + str + "],defaultValue[" + str2 + "])");
        }
        ArrayList<String> parseUris = parseUris(OidcUtil.getProperty(properties, str, str2));
        if (parseUris == null) {
            String message = MessageHelper.getMessage("security.oidc.client.missingproperty", str);
            Tr.error(tc, message);
            throw new WebTrustAssociationFailedException(message);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getUris returns array with size [" + parseUris.size() + "]");
        }
        return parseUris;
    }

    public static ArrayList<String> getUris(Properties properties, String str) throws WebTrustAssociationFailedException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getUris(props[" + OidcUtil.getObjState(properties) + "],propertyName[" + str + "])");
        }
        ArrayList<String> parseUris = parseUris(OidcUtil.getOptionalProperty(properties, str, false));
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getUris returns array [" + OidcUtil.getObjState(parseUris) + "]");
        }
        return parseUris;
    }

    public static String getCookieValue(HttpServletRequest httpServletRequest, String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getCookieValue(req[" + OidcUtil.getObjState(httpServletRequest) + "],cookieName[" + str + "])");
        }
        String str2 = null;
        Cookie cookie = getCookie(httpServletRequest, str);
        if (cookie != null) {
            str2 = cookie.getValue();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Found [" + cookie.getName() + "] cookie with value [" + str2 + "] in the request");
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getCookieValue returns [" + str2 + "]");
        }
        return str2;
    }

    public static Cookie getCookie(HttpServletRequest httpServletRequest, String str) {
        return getCookie(httpServletRequest, str, false);
    }

    public static Cookie getCookie(HttpServletRequest httpServletRequest, String str, boolean z) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getCookie(req[" + OidcUtil.getObjState(httpServletRequest) + "],cookieName[" + str + "], startsWith[" + z + "])");
        }
        Cookie cookie = null;
        Cookie[] cookies = httpServletRequest.getCookies();
        String str2 = null;
        if (z) {
            str2 = "that starts with ";
        }
        if (cookies != null) {
            int length = cookies.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                Cookie cookie2 = cookies[i];
                String name = cookie2.getName();
                if (!z && name.equals(str)) {
                    cookie = cookie2;
                }
                if (z && name.startsWith(str)) {
                    cookie = cookie2;
                }
                if (cookie == null) {
                    i++;
                } else if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Found cookie " + str2 + "[" + str + "] in the request");
                }
            }
        }
        if (tc.isDebugEnabled() && cookie == null) {
            Tr.debug(tc, "Did not find cookie " + str2 + "[" + str + "] in the request");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getCookie returns [" + OidcUtil.getObjState(cookie) + "]");
        }
        return cookie;
    }

    public static Cookie getOidcCookie(HttpServletRequest httpServletRequest) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getOidcCookie(req[" + OidcUtil.getObjState(httpServletRequest) + "])");
        }
        Cookie cookie = getCookie(httpServletRequest, "OIDCSESSIONID_", true);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getOidcCookie returns [" + OidcUtil.getObjState(cookie) + "]");
        }
        return cookie;
    }

    private static ArrayList<String> parseUris(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "parseUris(uris[" + str + "])");
        }
        ArrayList<String> arrayList = new ArrayList<>();
        if (str != null) {
            if (str.indexOf(",") != -1) {
                StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
                while (stringTokenizer.hasMoreTokens()) {
                    arrayList.add(stringTokenizer.nextToken().replaceAll(" ", ""));
                }
            } else {
                arrayList.add(str.replaceAll(" ", ""));
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "parseUris returns array size = [" + arrayList.size() + "]");
        }
        return arrayList;
    }

    @Deprecated
    public static HashMap<String, String> invokeGetRequestWithBasicAuth(String str, String str2) throws RelyingPartyException {
        return invokeGetRequestWithBasicAuth(str, (RelyingPartyConfig) null);
    }

    public static HashMap<String, String> invokeGetRequestWithBasicAuth(String str, RelyingPartyConfig relyingPartyConfig) throws RelyingPartyException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "invokeGetRequestWithBasicAuth(url[" + str + "],rpConfig[" + relyingPartyConfig + "])");
        }
        HashMap<String, String> invokeRequest = invokeRequest("GET", str, null, relyingPartyConfig, null);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "invokeGetRequestWithBasicAuth");
        }
        return invokeRequest;
    }

    public static HashMap<String, String> invokeGetRequestWithLtpaCookie(String str, String str2) throws RelyingPartyException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "invokeGetRequestWithLtpaCookie(url[" + str + "],ltpaCookie[" + str2 + "])");
        }
        HashMap<String, String> invokeRequest = invokeRequest("GET", str, null, null, str2);
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "invokeGetRequestWithBasicAuth");
        }
        return invokeRequest;
    }

    @Deprecated
    public static HashMap<String, String> invokePostRequestWithBasicAuth(String str, String str2, String str3) throws RelyingPartyException {
        return invokePostRequestWithBasicAuth(str, str2, (RelyingPartyConfig) null);
    }

    public static HashMap<String, String> invokePostRequestWithBasicAuth(String str, String str2, RelyingPartyConfig relyingPartyConfig) throws RelyingPartyException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "invokePostRequestWithBasicAuth(url[" + str + "],contents[" + str2 + "],rpConfig[" + relyingPartyConfig + "])");
        }
        HashMap<String, String> invokeRequest = invokeRequest("POST", str, str2, relyingPartyConfig, null);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "invokeGetRequestWithBasicAuth");
        }
        return invokeRequest;
    }

    public static HashMap<String, String> invokeRequest(String str, String str2, String str3, RelyingPartyConfig relyingPartyConfig, String str4) throws RelyingPartyException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "invokeRequest(method[" + str + "],url[" + str2 + "],rpConfig[" + relyingPartyConfig + "],ltpaCookie[" + str4 + "])");
        }
        return invokeRequest(str, str2, str3, relyingPartyConfig, str4, true);
    }

    public static HashMap<String, String> invokeRequest(String str, String str2, String str3, RelyingPartyConfig relyingPartyConfig, String str4, boolean z) throws RelyingPartyException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "invokeRequest(method[" + str + "],url[" + str2 + "],rpConfig[" + relyingPartyConfig + "],ltpaCookie[" + str4 + "]+authnRequired+[" + z + "])");
        }
        String str5 = null;
        InputStream inputStream = null;
        InputStream inputStream2 = null;
        OutputStream outputStream = null;
        HashMap<String, String> hashMap = new HashMap<>();
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, str + " Request to URL: " + str2);
            Tr.debug(tc, "Content: " + str3);
        }
        try {
            try {
                HttpURLConnection securedConnection = str2.startsWith("https") ? getSecuredConnection(str, str2) : (HttpURLConnection) new URL(str2).openConnection();
                securedConnection.setDoOutput(true);
                if (str3 != null) {
                    securedConnection.setDoInput(true);
                }
                securedConnection.setInstanceFollowRedirects(false);
                securedConnection.setRequestMethod(str);
                securedConnection.setConnectTimeout(SessionCache.CACHE.getOpServerConnTimeout());
                securedConnection.setRequestProperty(HttpHeaders.CONTENT_TYPE, "application/x-www-form-urlencoded;charset=UTF-8");
                if (z) {
                    if (str4 != null) {
                        securedConnection.setRequestProperty(HttpHeaders.COOKIE, str4);
                    } else {
                        if (relyingPartyConfig == null) {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "One or more of the parameters passed to this method is null");
                            }
                            throw new RelyingPartyException("One or more of the parameters passed to this method is null");
                        }
                        if (!"POST".equals(str) || RelyingPartyConfig.BASIC.equalsIgnoreCase(relyingPartyConfig.getTokenEndpointAuthMethod())) {
                            securedConnection.setRequestProperty(HttpHeaders.AUTHORIZATION, relyingPartyConfig.getClientBasicAuth());
                        }
                    }
                }
                securedConnection.connect();
                if (str3 != null) {
                    outputStream = securedConnection.getOutputStream();
                    outputStream.write(str3.getBytes());
                    outputStream.flush();
                }
                int responseCode = securedConnection.getResponseCode();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Response code: " + responseCode);
                }
                if (responseCode < 400) {
                    inputStream = securedConnection.getInputStream();
                    if (inputStream != null) {
                        str5 = getData(inputStream);
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Response output: " + str5);
                        }
                    }
                } else {
                    inputStream2 = securedConnection.getErrorStream();
                    if (inputStream2 != null) {
                        str5 = getData(inputStream2);
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Response output: " + str5);
                        }
                    }
                }
                String headerField = securedConnection.getHeaderField(HttpHeaders.LOCATION);
                hashMap.put("responseCode", Integer.toString(responseCode));
                hashMap.put("responseMsg", str5);
                if (headerField != null) {
                    hashMap.put("location", headerField);
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Setting Location: " + headerField);
                    }
                }
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (Exception e) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Failed to close the streams opened during connection to OP server, exception:[" + e.getMessage() + "]");
                        }
                    }
                }
                if (outputStream != null) {
                    outputStream.close();
                }
                if (inputStream2 != null) {
                    inputStream2.close();
                }
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "invokeRequest");
                }
                return hashMap;
            } catch (IOException e2) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Failed to make a request to OP server, exception:[" + e2.getMessage() + "]");
                }
                throw new RelyingPartyException("Failed to make a request to OP server", e2);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    inputStream.close();
                } catch (Exception e3) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Failed to close the streams opened during connection to OP server, exception:[" + e3.getMessage() + "]");
                    }
                    throw th;
                }
            }
            if (0 != 0) {
                outputStream.close();
            }
            if (0 != 0) {
                inputStream2.close();
            }
            throw th;
        }
    }

    private String getPostDataString(HashMap<String, String> hashMap) throws UnsupportedEncodingException {
        if (hashMap.isEmpty()) {
            return null;
        }
        StringBuilder sb = new StringBuilder();
        for (Map.Entry<String, String> entry : hashMap.entrySet()) {
            sb.append(URLEncoder.encode(entry.getKey(), "UTF-8"));
            sb.append("=");
            sb.append(URLEncoder.encode(entry.getValue(), "UTF-8"));
            sb.append("&");
        }
        sb.deleteCharAt(sb.length() - 1);
        return sb.toString();
    }

    private static HttpsURLConnection getSecuredConnection(String str, String str2) throws IOException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSecuredConnection(method[" + str + "],url[" + str2 + "])");
        }
        try {
            SSLSocketFactory socketFactory = JSSEHelper.getInstance().getSSLContext((String) null, (Map) null, (SSLConfigChangeListener) null).getSocketFactory();
            HttpsURLConnection httpsURLConnection = (HttpsURLConnection) new URL(str2).openConnection();
            httpsURLConnection.setSSLSocketFactory(socketFactory);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getSecuredConnection returns [" + OidcUtil.getObjState(httpsURLConnection) + "]");
            }
            return httpsURLConnection;
        } catch (SSLException e) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Failed to get SSL socket factory for connection to OP server, exception [" + e.getMessage() + "]");
            }
            throw new IOException("Failed to get SSL socket factory for connection to OP server", e);
        }
    }

    public static String getData(InputStream inputStream) throws IOException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getData(inStream[" + OidcUtil.getObjState(inputStream) + "])");
        }
        if (inputStream == null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "One or more of the parameters passed to this method is null");
            }
            throw new IOException("parameter passed to this method is null");
        }
        BufferedReader bufferedReader = null;
        StringBuilder sb = new StringBuilder();
        try {
            try {
                bufferedReader = new BufferedReader(new InputStreamReader(inputStream, "UTF-8"));
                while (true) {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        break;
                    }
                    sb.append(readLine);
                }
                if (bufferedReader != null) {
                    bufferedReader.close();
                }
                String sb2 = sb.toString();
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "getData returns [" + sb2 + "]");
                }
                return sb2;
            } catch (IOException e) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Failed to read data from input stream, exception [" + e.getMessage() + "]");
                }
                throw new IOException("Failed to read data from input stream", e);
            }
        } catch (Throwable th) {
            if (bufferedReader != null) {
                bufferedReader.close();
            }
            throw th;
        }
    }

    public static JsonObject getJsonObject(String str) throws RelyingPartyException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getJsonObject(data[" + str + "])");
        }
        if (str == null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "One or more of the parameters passed to this method is null");
            }
            throw new RelyingPartyException("parameter passed to this method is null");
        }
        try {
            JsonObject asJsonObject = new JsonParser().parse(str).getAsJsonObject();
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getJsonObject returns [" + asJsonObject + "]");
            }
            return asJsonObject;
        } catch (JsonSyntaxException e) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Failed to parse the JSON string, exception [" + e.getMessage() + "]");
            }
            throw new RelyingPartyException("Failed to parse JSON string", e);
        }
    }

    public static JsonElement getJsonValue(JsonObject jsonObject, String str) throws RelyingPartyException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getJsonValue(jobj[" + OidcUtil.getObjState(jsonObject) + "],key[" + str + "])");
        }
        if (jsonObject == null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "One or more of the parameters passed to this method is null");
            }
            throw new RelyingPartyException("One or more of the parameters passed to this method is null");
        }
        JsonElement jsonElement = jsonObject.get(str);
        if (jsonElement == null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Did not find the value for the provided key [" + str + "] in json object");
            }
            throw new RelyingPartyException("Did not find the value for the provided key [" + str + "] in json object");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getJsonValue returns [" + jsonElement + "]");
        }
        return jsonElement;
    }

    public static String[] split(String str, String str2, int i) throws RelyingPartyException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "split(origStr[" + OidcUtil.getObjState(str) + "],delimiter[" + str2 + "],limit[" + i + "])");
        }
        String[] split = str.split(str2, i);
        if (split.length < (i == 0 ? 2 : i)) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Could not split the string [" + str + "] correctly");
            }
            throw new RelyingPartyException("Could not split the string [" + str + "] correctly");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "split returns array with length [" + split.length + "]");
        }
        return split;
    }

    public static String urlEncode(String str) throws WebTrustAssociationFailedException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "urlEncode(value[" + str + "])");
        }
        try {
            String encode = URLEncoder.encode(str, "UTF-8");
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "urlEncode returns [" + encode + "]");
            }
            return encode;
        } catch (UnsupportedEncodingException e) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Failed to URLEncode the value [" + str + "] correctly, exception [" + e.getMessage() + "]");
            }
            WebTrustAssociationFailedException webTrustAssociationFailedException = new WebTrustAssociationFailedException("Failed to URLEncode the value [" + str + "] correctly, exception [" + e.getMessage() + "]");
            webTrustAssociationFailedException.initCause(e);
            throw webTrustAssociationFailedException;
        }
    }

    public static String getBasicAuthHeader(String str, String str2) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getBasicAuthHeader(userid[" + str + "], password[" + OidcUtil.getObjState(str2) + "])");
        }
        String str3 = "Basic " + Base64.encode((str + ":" + str2).getBytes());
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getBasicAuthHeader returns [" + str3 + "]");
        }
        return str3;
    }

    public static boolean isRequestingClientABrowser(HttpServletRequest httpServletRequest) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isRequestingClientABrowser(req[" + httpServletRequest + "])");
        }
        boolean z = false;
        String header = httpServletRequest.getHeader(HttpHeaders.USER_AGENT);
        if (header != null && header.startsWith("Mozilla")) {
            z = true;
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "isRequestingClientABrowser returns [" + z + "]");
        }
        return z;
    }

    public static void validateIdtokenSigningAlg(String str) throws WebTrustAssociationFailedException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "validateIdtokenSigningAlg(alg[" + str + "])");
        }
        for (String str2 : RelyingPartyConstants.SUPPORTEDIDTOKENALG) {
            if (str.equals(str2)) {
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "Algorithm is value");
                    return;
                }
                return;
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "WebTrustAssociationFailedException thrown as unsupported algorithm");
        }
        String message = MessageHelper.getMessage("security.oidc.client.unsupportedalgorithm", new Object[]{str, RelyingPartyConstants.SUPPORTEDIDTOKENALGSTR});
        Tr.error(tc, message);
        throw new WebTrustAssociationFailedException(message);
    }

    public static URL validateHostAndPort(String str) throws WebTrustAssociationFailedException {
        try {
            return new URL(str);
        } catch (MalformedURLException e) {
            String message = MessageHelper.getMessage("security.oidc.client.rpcallbackhostandport", str);
            Tr.error(tc, message);
            throw new WebTrustAssociationFailedException(message);
        }
    }

    public static String getRedirectUrlFromServerToClient(HttpServletRequest httpServletRequest, String str) throws WebTrustAssociationFailedException {
        String redirectUrl;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getRedirectUrlFromServerToClient(req[" + httpServletRequest + "], reCallbackHostPort[" + str + "])");
        }
        if (str == null || str.length() <= 0) {
            redirectUrl = getRedirectUrl(httpServletRequest);
        } else {
            URL validateHostAndPort = validateHostAndPort(str);
            int port = validateHostAndPort.getPort();
            redirectUrl = validateHostAndPort.getProtocol() + "://" + validateHostAndPort.getHost() + (port > 0 ? ":" + port : "");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getRedirectUrlFromServerToClient returns redirectURL[" + redirectUrl + "]");
        }
        return redirectUrl;
    }

    private static String getRedirectUrl(HttpServletRequest httpServletRequest) throws WebTrustAssociationFailedException {
        int serverPort;
        String str;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getRedirectUrl(req[" + httpServletRequest + "])");
        }
        String serverName = httpServletRequest.getServerName();
        HttpServletRequest wrappedServletRequestObject = getWrappedServletRequestObject(httpServletRequest);
        if ("http".equals(wrappedServletRequestObject.getScheme())) {
            serverPort = getHTTPSPort(wrappedServletRequestObject.getServerPort());
        } else {
            if (!"https".equals(wrappedServletRequestObject.getScheme())) {
                Tr.error(tc, "Failed to get the https port the server.");
                throw new WebTrustAssociationFailedException("Failed to get the https port the server.");
            }
            serverPort = wrappedServletRequestObject.getServerPort();
        }
        if (serverPort == -1) {
            int serverPort2 = httpServletRequest.getServerPort();
            str = httpServletRequest.getScheme() + "://" + serverName + (serverPort2 > 0 ? ":" + serverPort2 : "");
        } else {
            str = "https://" + serverName + ":" + serverPort;
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getRedirectUrl returns redirectURL[" + str + "]");
        }
        return str;
    }

    private static HttpServletRequest getWrappedServletRequestObject(HttpServletRequest httpServletRequest) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getWrappedServletRequestObject(req[" + httpServletRequest + "])");
        }
        if (httpServletRequest instanceof HttpServletRequestWrapper) {
            ServletRequest request = ((HttpServletRequestWrapper) httpServletRequest).getRequest();
            while (true) {
                httpServletRequest = (HttpServletRequest) request;
                if (!(httpServletRequest instanceof HttpServletRequestWrapper)) {
                    break;
                }
                request = ((HttpServletRequestWrapper) httpServletRequest).getRequest();
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getWrappedServletRequestObject returns HttpServletRequest[" + httpServletRequest + "]");
        }
        return httpServletRequest;
    }

    public static void saveInitialUrl(String str, HttpServletRequest httpServletRequest) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "saveInitialUrl(stateId[" + str + "],HttpServletRequest[" + httpServletRequest + "])");
        }
        SessionCache.CACHE.saveInitialUrl(str, httpServletRequest.getMethod(), httpServletRequest.getRequestURL().toString(), httpServletRequest.getParameterMap());
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "saveInitialUrl");
        }
    }

    public static String replaceLocalhostWithHostnameOrIP(HttpServletRequest httpServletRequest, String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "replaceLocalhostWithHostnameOrIP(req[" + httpServletRequest + "],protectedUrl[" + str + "])");
        }
        String str2 = str;
        try {
            URL validateHostAndPort = validateHostAndPort(str);
            String serverName = httpServletRequest.getServerName();
            if ("localhost".equals(validateHostAndPort.getHost()) && !"localhost".equals(serverName)) {
                str2 = str.replaceFirst("localhost", serverName);
            }
        } catch (WebTrustAssociationFailedException e) {
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "replaceLocalhostWithHostnameOrIP [" + str2 + "]");
        }
        return str2;
    }

    public static void printtime(String str, long j) {
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, str + " : " + new SimpleDateFormat("yyyy.MM.dd G 'at' HH:mm:ss z").format(new Date(j)));
        }
    }

    public static int getHTTPSPort(int i) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getHTTPSPort: " + i);
        }
        SecurityConfig securityConfig = SecurityObjectLocator.getSecurityConfig("security");
        Map map = (Map) securityConfig.getObject("host.virtualhosts");
        List list = (List) securityConfig.getObject("webcontainer.transports");
        for (String str : map.keySet()) {
            ArrayList arrayList = (ArrayList) map.get(str);
            for (int i2 = 0; i2 < arrayList.size(); i2++) {
                String str2 = (String) arrayList.get(i2);
                if (tc.isDebugEnabled() && str2 != null) {
                    Tr.debug(tc, "Port " + str2 + " in virtual host " + str);
                }
                int i3 = -1;
                try {
                    i3 = Integer.parseInt(str2);
                } catch (NumberFormatException e) {
                }
                if (str2 != null && i3 == i) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Found HTTP port " + str2 + " in virtual host " + str);
                    }
                    for (int i4 = 0; i4 < list.size(); i4++) {
                        Integer num = (Integer) list.get(i4);
                        if (num != null) {
                            int intValue = num.intValue();
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "Checking if port " + intValue + " is in the same virtual host.");
                            }
                            for (int i5 = 0; i5 < arrayList.size(); i5++) {
                                String str3 = (String) arrayList.get(i5);
                                int i6 = -1;
                                try {
                                    i6 = Integer.parseInt(str3);
                                } catch (NumberFormatException e2) {
                                }
                                if (str3 != null && tc.isDebugEnabled()) {
                                    Tr.debug(tc, "Port " + i6 + " in virtual host " + str);
                                }
                                if (str3 != null && i6 == intValue) {
                                    if (tc.isEntryEnabled()) {
                                        Tr.exit(tc, "Found HTTPS port " + intValue + " in virtual host " + str);
                                    }
                                    return intValue;
                                }
                            }
                        }
                    }
                }
            }
        }
        if (!tc.isEntryEnabled()) {
            return -1;
        }
        Tr.exit(tc, "getHTTPSPort: SSL port not found");
        return -1;
    }

    public static void checkHttpsRequirement(boolean z, String str) throws WebTrustAssociationFailedException {
        if (!z || str == null || str.startsWith("https")) {
            return;
        }
        String str2 = "The URL scheme of the OP Endpoint URL [" + str + "] should be https as the sslOnly property is set to true.";
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, str2);
        }
        throw new WebTrustAssociationFailedException(str2);
    }

    public static Object getVerifyKey(RelyingPartyConfig relyingPartyConfig, String str, String str2, String str3) throws KeyStoreException, CertificateException, UnsupportedEncodingException, RelyingPartyException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getVerifyKey(rpConfig[" + OidcUtil.getObjState(relyingPartyConfig) + ", algorithm[" + OidcUtil.getObjState(str) + "], kid[" + OidcUtil.getObjState(str2) + "], x5t[" + OidcUtil.getObjState(str3) + "])");
        }
        if (relyingPartyConfig == null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "One or more of the parameters passed to this method is null");
            }
            throw new RelyingPartyException("One or more of the parameters passed to this method is null");
        }
        Object obj = null;
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "signatureAlgorithm[" + str + "]");
        }
        if ("HS256".equals(str)) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "using client secret");
            }
            obj = relyingPartyConfig.getClientSecret();
        } else if ("RS256".equals(str)) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "attempting to use jwk; kid[" + str2 + "], x5t[" + str3 + "]");
            }
            obj = relyingPartyConfig.getJwKRetriever().getPublicKeyFromJwk(str2, str3, relyingPartyConfig);
            if (obj == null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "attempting to get certificate from local trust store");
                }
                String verifyingAlias = relyingPartyConfig.getVerifyingAlias();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "verifyingAlias[" + verifyingAlias + "]");
                }
                if (OidcUtil.hasValue(verifyingAlias)) {
                    obj = getCertificate(getDefaultTrustStore(), verifyingAlias);
                }
            }
        } else if ("none".equals(str)) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "using client secret");
            }
            obj = relyingPartyConfig.getClientSecret();
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getVerifyKey returns [" + OidcUtil.getObjState(obj) + "]");
        }
        return obj;
    }

    public static PublicKey getCertificate(KeyStore keyStore, String str) throws RelyingPartyException {
        PublicKey publicKey = null;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getCertificate(keystore[" + OidcUtil.getObjState(keyStore) + "], alias[" + str + "])");
        }
        if (keyStore != null && OidcUtil.hasValue(str)) {
            try {
                Certificate certificate = keyStore.getCertificate(str);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "cert [" + certificate + "]");
                }
                if (certificate != null) {
                    publicKey = certificate.getPublicKey();
                }
            } catch (Exception e) {
                String message = MessageHelper.getMessage("security.oidc.client.cert.error", new Object[]{str, e.getMessage()});
                Tr.error(tc, message);
                throw new RelyingPartyException(message, e);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getCertificate returns [" + OidcUtil.getObjState(publicKey) + "]");
        }
        return publicKey;
    }

    public static KeyStore getDefaultTrustStore() throws RelyingPartyException {
        String substring;
        String trim;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getDefaultTrustStore");
        }
        String str = null;
        String defaultKeyStoreName = KeyStoreManager.getDefaultKeyStoreName(DEFAULT_MANAGED_TRUST_STORE);
        int indexOf = defaultKeyStoreName.indexOf(MANAGEMENT_SCOPE_P);
        int indexOf2 = defaultKeyStoreName.indexOf(KEYSTORE_P);
        if (indexOf >= 0 || indexOf2 >= 0) {
            if (indexOf < 0) {
                substring = defaultKeyStoreName.substring(indexOf2 + KEYSTORE_P.length());
            } else {
                substring = defaultKeyStoreName.substring(indexOf2 + KEYSTORE_P.length(), indexOf);
                str = defaultKeyStoreName.substring(indexOf + MANAGEMENT_SCOPE_P.length()).trim();
            }
            trim = substring.trim();
        } else {
            trim = defaultKeyStoreName.substring(0);
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "keyStoreNameString[" + trim + "], mgmtScopeString[" + str + "]");
        }
        try {
            KeyStore javaKeyStore = KeyStoreManager.getInstance().getJavaKeyStore(trim, str);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getDefaultTrustStore returns[" + OidcUtil.getObjState(javaKeyStore) + "]");
            }
            return javaKeyStore;
        } catch (Exception e) {
            throw new RelyingPartyException(e);
        }
    }

    public static void storeSessionDataInCookie(String str, SessionData sessionData, RelyingPartyConfig relyingPartyConfig, HttpServletResponse httpServletResponse) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "storeSessionDataInCookie(stateId[" + str + "], sessionData[" + OidcUtil.getObjState(sessionData) + "], rpConfig[" + OidcUtil.getObjState(relyingPartyConfig) + "], res[" + OidcUtil.getObjState(httpServletResponse) + "])");
        }
        Hashtable hashtable = new Hashtable();
        hashtable.put("method", sessionData.getProtectedUrlMethod());
        hashtable.put(RelyingPartyConstants.REQ_URL, sessionData.getProtectedUrl());
        if (sessionData.getParameterMap() != null && !sessionData.getParameterMap().isEmpty()) {
            hashtable.put(RelyingPartyConstants.HTTP_POST_MAP, sessionData.getParameterMap());
        }
        String encodeParameters = encodeParameters(hashtable, relyingPartyConfig.getPostParameterCookieSize());
        if (encodeParameters == null) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Request state is not stored in cookie. ");
                return;
            }
            return;
        }
        createStateCookie(httpServletResponse, str, relyingPartyConfig, encodeParameters);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "storeSessionDataInCookie");
        }
    }

    public static SessionData restoreSessionDataFromCookie(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "restoreSessionDataFromCookie(stateId[" + str + "], req[" + OidcUtil.getObjState(httpServletRequest) + "], res[" + OidcUtil.getObjState(httpServletResponse) + "])");
        }
        byte[] bArr = null;
        Cookie stateCookie = getStateCookie(httpServletRequest, str);
        if (stateCookie != null) {
            bArr = getBytes(stateCookie.getValue());
            deleteCookie(stateCookie, httpServletResponse);
        }
        if (bArr == null || bArr.length == 0) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Request state is not in cookie. ");
            }
            if (!tc.isEntryEnabled()) {
                return null;
            }
            Tr.exit(tc, "restoreSessionDataFromCookie returns [null]");
            return null;
        }
        try {
            SessionData createEntry = SessionCache.CACHE.createEntry(str);
            boolean z = false;
            Hashtable hashtable = null;
            try {
                hashtable = (Hashtable) new ObjectInputStream(new ByteArrayInputStream(Base64Coder.base64Decode(bArr))).readObject();
            } catch (IOException e) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "getAuthzCodeAndState encounted an un-expected exception: " + e);
                }
            } catch (ClassNotFoundException e2) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "getAuthzCodeAndState encounted an un-expected exception: " + e2);
                }
            }
            if (hashtable.get(RelyingPartyConstants.REQ_URL) != null) {
                createEntry.setProtectedUrl((String) hashtable.get(RelyingPartyConstants.REQ_URL));
                z = true;
            }
            if (hashtable.get("method") != null) {
                createEntry.setProtectedUrlMethod((String) hashtable.get("method"));
            }
            if (hashtable.get(RelyingPartyConstants.HTTP_POST_MAP) != null) {
                createEntry.setParameterMap((Map) hashtable.get(RelyingPartyConstants.HTTP_POST_MAP));
            }
            if (!z) {
                createEntry = null;
            } else if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Request state is restored from cookie. ");
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "restoreSessionDataFromCookie returns [" + OidcUtil.getObjState(createEntry) + "]");
            }
            return createEntry;
        } catch (Exception e3) {
            if (!tc.isEntryEnabled()) {
                return null;
            }
            Tr.exit(tc, "restoreSessionDataFromCookie returns [null]");
            return null;
        }
    }

    public static String encodeParameters(Hashtable hashtable, int i) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "encodeParameters(cookie[" + OidcUtil.getObjState(hashtable) + "], postParamSaveSize[" + i + "])");
        }
        String str = null;
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            new ObjectOutputStream(byteArrayOutputStream).writeObject(hashtable);
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            if (byteArray == null || byteArray.length >= i) {
                Tr.warning(tc, "SEC_FORM_POST_NULL_OR_TOO_LARGE");
            } else {
                byte[] base64Encode = Base64Coder.base64Encode(byteArray);
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "encoded length:" + base64Encode.length);
                }
                str = toString(base64Encode);
            }
        } catch (IOException e) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception storing POST parameters onto a cookie: ", new Object[]{e});
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "encodeParameters returns [" + OidcUtil.getObjState(str) + "]");
        }
        return str;
    }

    public static String toString(byte[] bArr) {
        StringBuffer stringBuffer = new StringBuffer();
        for (byte b : bArr) {
            stringBuffer.append((char) (b & 255));
        }
        return stringBuffer.toString();
    }

    public static byte[] getBytes(String str) {
        if (!OidcUtil.hasValue(str)) {
            return null;
        }
        StringBuffer stringBuffer = new StringBuffer(str);
        byte[] bArr = new byte[stringBuffer.length()];
        int length = stringBuffer.length();
        for (int i = 0; i < length; i++) {
            bArr[i] = (byte) stringBuffer.charAt(i);
        }
        return bArr;
    }

    public static void deleteCookie(Cookie cookie, HttpServletResponse httpServletResponse) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "deleteCookie(origCookie[" + OidcUtil.getObjState(cookie) + "], res[" + OidcUtil.getObjState(httpServletResponse) + "])");
        }
        if (cookie != null) {
            deleteCookie(cookie.getName(), cookie.getPath(), httpServletResponse);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "deleteCookie");
        }
    }

    public static void deleteCookie(String str, String str2, HttpServletResponse httpServletResponse) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "deleteCookie(cookieName[" + str + "], cookiePath[" + str2 + "], res[" + OidcUtil.getObjState(httpServletResponse) + "])");
        }
        if (httpServletResponse != null && OidcUtil.hasValue(str)) {
            Cookie cookie = new Cookie(str, "");
            if (OidcUtil.hasValue(str2)) {
                cookie.setPath(str2);
            } else {
                cookie.setPath("/");
            }
            cookie.setMaxAge(0);
            httpServletResponse.addCookie(cookie);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "deleteCookie");
        }
    }

    public static void createStateCookie(HttpServletResponse httpServletResponse, String str, RelyingPartyConfig relyingPartyConfig, String str2) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getStateCookie(res[" + OidcUtil.getObjState(httpServletResponse) + "], stateId[" + str + "], rpConfig[" + OidcUtil.getObjState(relyingPartyConfig) + "], encodedCookieValue[" + str2 + "]");
        }
        if (httpServletResponse != null && OidcUtil.hasValue(str) && relyingPartyConfig != null) {
            if (str2 != null) {
                Cookie cookie = new Cookie(STATEID_COOKIE_PREFIX + str, str2);
                cookie.setPath("/");
                cookie.setHttpOnly(relyingPartyConfig.getHttpOnly());
                cookie.setSecure(relyingPartyConfig.getSslOnly());
                cookie.setMaxAge(-1);
                httpServletResponse.addCookie(cookie);
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "No value was given for the cookie.  The cookie will not be created.");
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "createStateCookie");
        }
    }

    public static Cookie getStateCookie(HttpServletRequest httpServletRequest, String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getStateCookie(req[" + OidcUtil.getObjState(httpServletRequest) + "], stateId[" + str + "])");
        }
        Cookie cookie = null;
        if (httpServletRequest != null && OidcUtil.hasValue(str)) {
            cookie = getCookie(httpServletRequest, STATEID_COOKIE_PREFIX + str);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getStateCookie returns [" + OidcUtil.getObjState(cookie) + "]");
        }
        return cookie;
    }

    public static void deleteStateCookie(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getStateCookie(req[" + OidcUtil.getObjState(httpServletRequest) + "], res[" + OidcUtil.getObjState(httpServletResponse) + "], stateId[" + str + "])");
        }
        if (httpServletRequest != null && httpServletResponse != null && OidcUtil.hasValue(str)) {
            deleteCookie(getCookie(httpServletRequest, STATEID_COOKIE_PREFIX + str), httpServletResponse);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "deleteStateCookie");
        }
    }

    public static String beautifyJwt(String str) {
        byte[] decode;
        String str2 = "null";
        if (tc.isDebugEnabled()) {
            String str3 = null;
            String str4 = null;
            if (str != null) {
                try {
                    str2 = "NotJWTFormat";
                    if (str.indexOf(".") != -1) {
                        StringTokenizer stringTokenizer = new StringTokenizer(str, ".");
                        byte[] decode2 = privBase64.decode(stringTokenizer.nextToken());
                        if (decode2 != null) {
                            str3 = new String(decode2);
                            if (OidcUtil.hasValue(str3) && !str3.endsWith("}")) {
                                str3 = str3 + "\"}";
                            }
                        }
                        if (stringTokenizer.hasMoreTokens() && (decode = privBase64.decode(stringTokenizer.nextToken())) != null) {
                            str4 = new String(decode);
                            if (OidcUtil.hasValue(str4) && !str4.endsWith("}")) {
                                str4 = str4 + "\"}";
                            }
                        }
                        str2 = "header[" + str3 + "], claims[" + str4 + "]";
                    }
                } catch (Throwable th) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "caught exception during beautifyJwt [" + th + "]");
                    }
                }
            }
        }
        return str2;
    }

    public static String getJwtHeaderAsString(String str) {
        byte[] decode;
        String str2 = null;
        if (str != null) {
            try {
                str2 = "NotJWTFormat";
                if (str.indexOf(".") != -1 && (decode = privBase64.decode(new StringTokenizer(str, ".").nextToken())) != null) {
                    str2 = new String(decode);
                    if (OidcUtil.hasValue(str2) && !str2.endsWith("}")) {
                        str2 = str2 + "\"}";
                    }
                }
            } catch (Throwable th) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "caught exception during getJwtHeaderAsString [" + th + "]");
                }
            }
        }
        return str2;
    }

    public static String getJwtClaimsAsString(String str) {
        byte[] decode;
        String str2 = null;
        if (str != null) {
            try {
                str2 = "NotJWTFormat";
                if (str.indexOf(".") != -1) {
                    StringTokenizer stringTokenizer = new StringTokenizer(str, ".");
                    stringTokenizer.nextToken();
                    if (stringTokenizer.hasMoreTokens() && (decode = privBase64.decode(stringTokenizer.nextToken())) != null) {
                        str2 = new String(decode);
                        if (OidcUtil.hasValue(str2) && !str2.endsWith("}")) {
                            str2 = str2 + "\"}";
                        }
                    }
                }
            } catch (Throwable th) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "caught exception during getJwtClaimsAsString [" + th + "]");
                }
            }
        }
        return str2;
    }
}
