package com.ibm.ws.security.oidc.client;

import com.google.gson.JsonObject;
import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.cache.DistributedMap;
import com.ibm.websphere.security.WebTrustAssociationFailedException;
import com.ibm.ws.security.oidc.util.DynaCacheUtils;
import com.ibm.ws.security.oidc.util.MessageHelper;
import com.ibm.ws.security.oidc.util.OidcUtil;
import com.ibm.ws.security.openidconnect.token.IDToken;
import java.io.Serializable;
import java.math.BigInteger;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Map;
import java.util.concurrent.CopyOnWriteArrayList;
import javax.security.auth.Subject;

/* loaded from: input_file:com/ibm/ws/security/oidc/client/SessionData.class */
public class SessionData implements Serializable {
    private String tokenType = null;
    private String accessToken = null;
    private String refreshToken = null;
    private long accessTokenExpiresIn = 0;
    private String scope = null;
    private IDToken.Payload idToken = null;
    private String idTokenEnc = null;
    private String stateId = null;
    private String sessionCookieId = null;
    private String basicAuthHeader = null;
    private IntrospectedAccessToken iAccessToken = null;
    private String protectedUrlMethod = null;
    private String protectedUrl = null;
    private Map<String, String[]> parameterMap = null;
    private String cacheIndex = null;
    private static final long serialVersionUID = -2853948032589854528L;
    private static final TraceComponent tc = Tr.register(SessionData.class, MessageHelper._TR_GROUP, MessageHelper._MSG_FILE);
    private static SecureRandom srandom = new SecureRandom();
    private static boolean dynamicCacheEnabled = false;
    private static int TIME_TO_LIVE = 7200;

    public SessionData(boolean z) throws RelyingPartyException, WebTrustAssociationFailedException {
        createData(z, null);
    }

    public SessionData(boolean z, String str) throws RelyingPartyException, WebTrustAssociationFailedException {
        createData(z, str);
    }

    public void createData(boolean z, String str) throws RelyingPartyException, WebTrustAssociationFailedException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "SessionData(dynamicCacheEnabled[" + z + "])");
        }
        dynamicCacheEnabled = z;
        if (str == null || str.isEmpty()) {
            this.stateId = new BigInteger(130, srandom).toString(32);
        } else {
            this.stateId = str;
        }
        this.sessionCookieId = new BigInteger(130, srandom).toString(32);
        if (z) {
            this.cacheIndex = this.stateId;
            DistributedMap cache = DynaCacheUtils.getCache();
            cache.put(this.cacheIndex, this, 1, TIME_TO_LIVE, 2, (Object[]) null);
            cache.addAlias(this.cacheIndex, new Object[]{this.sessionCookieId});
        } else {
            CopyOnWriteArrayList<SessionData> localCache = DynaCacheUtils.getLocalCache();
            if (localCache.size() >= DynaCacheUtils.getMaxLocalCacheSize()) {
                String message = MessageHelper.getMessage("security.oidc.client.maxcachesizereached");
                Tr.error(tc, message);
                throw new RelyingPartyException(message);
            }
            localCache.add(this);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "SessionData() stateId=[" + this.stateId + "] sessionCookieId=[" + this.sessionCookieId + "]");
        }
    }

    @Deprecated
    public void update(String str) throws RelyingPartyException {
        update(str, null);
    }

    public void update(String str, RelyingPartyConfig relyingPartyConfig) throws RelyingPartyException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "update(JSONString[" + str + "],rpConfig[" + OidcUtil.getObjState(relyingPartyConfig) + "])");
        }
        long j = 0;
        JsonObject jsonObject = RelyingPartyUtils.getJsonObject(str);
        if (jsonObject.get(RelyingPartyConstants.TOKEN_TYPE) != null) {
            this.tokenType = RelyingPartyUtils.getJsonValue(jsonObject, RelyingPartyConstants.TOKEN_TYPE).getAsString();
        }
        if (jsonObject.get("refresh_token") != null) {
            this.refreshToken = RelyingPartyUtils.getJsonValue(jsonObject, "refresh_token").getAsString();
        }
        setAccessToken(RelyingPartyUtils.getJsonValue(jsonObject, "access_token").getAsString());
        if (jsonObject.get(RelyingPartyConstants.EXPIRES_IN) != null) {
            j = RelyingPartyUtils.getJsonValue(jsonObject, RelyingPartyConstants.EXPIRES_IN).getAsLong();
        }
        this.accessTokenExpiresIn = System.currentTimeMillis() + (j * 1000);
        if (jsonObject.get("id_token") != null) {
            setIdToken(RelyingPartyUtils.getJsonValue(jsonObject, "id_token").getAsString(), this.accessToken, relyingPartyConfig);
        }
        if (dynamicCacheEnabled && this.idToken != null && this.idToken.getExpirationTimeSeconds() != null) {
            DynaCacheUtils.getCache().put(this.cacheIndex, this, 1, this.idToken.getExpirationTimeSeconds().intValue(), 2, (Object[]) null);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "update");
        }
    }

    @Deprecated
    public void updateUsingLocationQueryString(String str, String str2) throws RelyingPartyException {
        updateUsingLocationQueryString(str, str2, null);
    }

    public void updateUsingLocationQueryString(String str, String str2, RelyingPartyConfig relyingPartyConfig) throws RelyingPartyException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "updateUsingLocationQueryString(authHeader[" + str + "], queryString[" + str2 + "],rpConfig" + OidcUtil.getObjState(relyingPartyConfig) + "])");
        }
        if (str == null || str2 == null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "One or more of the parameters passed to this method is null");
            }
            throw new RelyingPartyException("One or more of the parameters passed to this method is null");
        }
        String str3 = null;
        for (String str4 : RelyingPartyUtils.split(str2, "&", 5)) {
            String[] split = RelyingPartyUtils.split(str4, "=", 2);
            if (split[0].equals("access_token")) {
                setAccessToken(split[1]);
            } else if (split[0].equals("id_token")) {
                str3 = split[1];
            } else if (split[0].equals(RelyingPartyConstants.EXPIRES_IN)) {
                this.accessTokenExpiresIn = System.currentTimeMillis() + (Long.parseLong(split[1]) * 1000);
            } else if (split[0].equals(RelyingPartyConstants.TOKEN_TYPE)) {
                this.tokenType = split[1];
            } else if (split[0].equals("scope")) {
                this.scope = split[1];
            }
        }
        setIdToken(str3, this.accessToken, relyingPartyConfig);
        setBasicAuthHeader(str);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "updateUsingLocationQueryString");
        }
    }

    @Deprecated
    public void updateUsingAccessToken(String str, JsonObject jsonObject) throws RelyingPartyException {
        updateUsingAccessToken(str, jsonObject, null);
    }

    public void updateUsingAccessToken(String str, JsonObject jsonObject, RelyingPartyConfig relyingPartyConfig) throws RelyingPartyException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "updateUsingAccessToken(aToken[" + str + "],jobj[" + OidcUtil.getObjState(jsonObject) + "],rpConfig[" + OidcUtil.getObjState(relyingPartyConfig) + "])");
        }
        if (str == null || jsonObject == null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "One or more of the parameters passed to this method is null");
            }
            throw new RelyingPartyException("One or more of the parameters passed to this method is null");
        }
        setAccessToken(str);
        this.iAccessToken = new IntrospectedAccessToken(str, jsonObject, relyingPartyConfig);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "updateUsingAccessToken");
        }
    }

    public void saveInitialUrl(String str, String str2, Map<String, String[]> map) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "saveInitialUrl(method[" + str + "],protectedUrl[" + str2 + "],parameterMap[" + map + "])");
        }
        this.protectedUrlMethod = str;
        this.protectedUrl = str2;
        this.parameterMap = map;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "saveInitialUrl");
        }
    }

    public String getStateId() {
        return this.stateId;
    }

    public String getSessionCookieId() {
        return this.sessionCookieId;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void clearStateId() {
        this.stateId = null;
    }

    void clearSessionCookieId() {
        if (dynamicCacheEnabled && this.sessionCookieId != null) {
            DynaCacheUtils.getCache().removeAlias(this.sessionCookieId);
        }
        this.sessionCookieId = null;
    }

    public String getTokenType() {
        return this.tokenType == null ? "" : this.tokenType;
    }

    public String getAccessToken() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getAccessToken");
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "access token[" + RelyingPartyUtils.beautifyJwt(this.accessToken) + "]");
        }
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getAccessToken returns [" + this.accessToken + "]");
        }
        return this.accessToken;
    }

    public String getRefreshToken() {
        return this.refreshToken == null ? "" : this.refreshToken;
    }

    public String getScope() {
        return this.iAccessToken != null ? this.iAccessToken.getScope() : this.scope;
    }

    @Deprecated
    private void setIdToken(String str, String str2) throws RelyingPartyException {
        setIdToken(str, str2, null);
    }

    private void setIdToken(String str, String str2, RelyingPartyConfig relyingPartyConfig) throws RelyingPartyException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setIdToken(idToken[" + str + "],accessToken[" + str2 + "],rpConfig[" + OidcUtil.getObjState(relyingPartyConfig) + "])");
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "id token[" + RelyingPartyUtils.beautifyJwt(str) + "]");
            Tr.debug(tc, "access token[" + RelyingPartyUtils.beautifyJwt(str2) + "]");
        }
        if (relyingPartyConfig == null || str == null || str2 == null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "One or more of the parameters passed to this method is null");
            }
            throw new RelyingPartyException("One or more of the parameters passed to this method is null");
        }
        this.idTokenEnc = str;
        IDToken iDToken = new IDToken(str, null, relyingPartyConfig.getClientId(), relyingPartyConfig.getIssuerIdentifier(), relyingPartyConfig.getSignatureAlgorithm(), str2);
        Object obj = null;
        try {
            obj = RelyingPartyUtils.getVerifyKey(relyingPartyConfig, relyingPartyConfig.getSignatureAlgorithm(), iDToken.getHeader().getKeyId(), iDToken.getHeader().getX509Thumbprint());
        } catch (Exception e) {
        }
        try {
            if (!iDToken.verify(relyingPartyConfig.getClockSkew(), obj)) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Failed to validate id token, call to verify returned false");
                }
                throw new RelyingPartyException("Failed to validate id token, call to verify returned false");
            }
            this.idToken = iDToken.getPayload();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "ID TOKEN:" + this.idToken.toString());
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "setIdToken");
            }
        } catch (Exception e2) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Failed to validate id token, exception thrown during verify [" + e2.getMessage() + "]");
            }
            throw new RelyingPartyException("Failed to validate id token, exception thrown during verify [" + e2.getMessage() + "]", e2);
        }
    }

    public String getIdToken() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getIdToken");
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "id token[" + RelyingPartyUtils.beautifyJwt(this.idTokenEnc) + "]");
        }
        String str = this.idTokenEnc == null ? "" : this.idTokenEnc;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getIdToken returns [" + str + "]");
        }
        return str;
    }

    @Deprecated
    public ArrayList<String> getGroupIds(String str) throws RelyingPartyException {
        return getGroupIds(str, null);
    }

    public ArrayList<String> getGroupIds(String str, RelyingPartyConfig relyingPartyConfig) throws RelyingPartyException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getGroupIds(realmN[" + OidcUtil.getObjState(str) + "],rpConfig[" + OidcUtil.getObjState(relyingPartyConfig) + "])");
        }
        ArrayList<String> arrayList = new ArrayList<>();
        if (this.iAccessToken != null) {
            arrayList = this.iAccessToken.getGroupIds();
        } else {
            if (relyingPartyConfig == null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "One or more of the parameters passed to this method is null");
                }
                throw new RelyingPartyException("One or more of the parameters passed to this method is null");
            }
            ArrayList<String> arrayList2 = (ArrayList) this.idToken.get(relyingPartyConfig.getGroupIdentifier());
            if (arrayList2 != null) {
                if (str != null) {
                    Iterator<String> it = arrayList2.iterator();
                    while (it.hasNext()) {
                        arrayList.add(new StringBuffer("group:").append(str).append("/").append(it.next()).toString());
                    }
                } else {
                    arrayList = arrayList2;
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getGroupIds returns [" + OidcUtil.getObjState(arrayList) + "]");
        }
        return arrayList;
    }

    @Deprecated
    public String getSubject() {
        return null;
    }

    @Deprecated
    public String getUniqueSecurityName() throws RelyingPartyException {
        return getUniqueSecurityName(null);
    }

    public String getUniqueSecurityName(RelyingPartyConfig relyingPartyConfig) throws RelyingPartyException {
        String str;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getUniqueSecurityName(" + OidcUtil.getObjState(relyingPartyConfig) + "])");
        }
        if (this.iAccessToken != null) {
            str = this.iAccessToken.getUniqueSecurityName();
        } else {
            if (relyingPartyConfig == null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "One or more of the parameters passed to this method is null");
                }
                throw new RelyingPartyException("One or more of the parameters passed to this method is null");
            }
            str = (String) this.idToken.get(relyingPartyConfig.getUniqueUserIdentifier());
            if (str == null) {
                str = getUserName(relyingPartyConfig);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getUniqueSecurityName returns [" + str + "]");
        }
        return str;
    }

    @Deprecated
    public String getRealmName() throws RelyingPartyException {
        return getRealmName(null);
    }

    public String getRealmName(RelyingPartyConfig relyingPartyConfig) throws RelyingPartyException {
        String str;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getRealmName(rpConfig[" + OidcUtil.getObjState(relyingPartyConfig) + "])");
        }
        if (this.iAccessToken != null) {
            str = this.iAccessToken.getRealmName();
        } else {
            if (relyingPartyConfig == null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "One or more of the parameters passed to this method is null");
                }
                throw new RelyingPartyException("One or more of the parameters passed to this method is null");
            }
            str = (String) this.idToken.get(relyingPartyConfig.getRealmIdentifier());
        }
        if (str == null) {
            str = (String) this.idToken.get("iss");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getRealmName returns [" + str + "]");
        }
        return str;
    }

    public String getUserName(RelyingPartyConfig relyingPartyConfig) throws RelyingPartyException {
        String str;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getUserName(rpConfig[" + OidcUtil.getObjState(relyingPartyConfig) + "])");
        }
        if (this.iAccessToken != null) {
            str = this.iAccessToken.getUser();
        } else {
            if (relyingPartyConfig == null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "One or more of the parameters passed to this method is null");
                }
                throw new RelyingPartyException("One or more of the parameters passed to this method is null");
            }
            str = (String) this.idToken.get(relyingPartyConfig.getUserIdentifier());
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getUserName returns [" + str + "]");
        }
        return str;
    }

    @Deprecated
    public Subject getJaasSubject() throws RelyingPartyException {
        return getJaasSubject(null);
    }

    public Subject getJaasSubject(RelyingPartyConfig relyingPartyConfig) throws RelyingPartyException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getJaasSubject(rpConfig[" + OidcUtil.getObjState(relyingPartyConfig) + "])");
        }
        if (relyingPartyConfig == null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "One or more of the parameters passed to this method is null");
            }
            throw new RelyingPartyException("One or more of the parameters passed to this method is null");
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Populating jaasSubject");
        }
        String idToken = getIdToken();
        String accessToken = getAccessToken();
        String refreshToken = getRefreshToken();
        String tokenType = getTokenType();
        String realmName = getRealmName(relyingPartyConfig);
        String userName = getUserName(relyingPartyConfig);
        ArrayList<String> groupIds = getGroupIds(realmName, relyingPartyConfig);
        String scope = getScope();
        if (idToken == null || accessToken == null || realmName == null || userName == null) {
            Tr.debug(tc, "Some of the attributes needed to create the subject are missing.. returning null");
            Tr.debug(tc, "IdToken: [" + idToken + "]");
            Tr.debug(tc, "AccessToken: [" + accessToken + "]");
            Tr.debug(tc, "RealmName: [" + realmName + "]");
            Tr.debug(tc, "user: [" + userName + "]");
            throw new RelyingPartyException("Some of the attributes needed to create the subject are missing.. returning null");
        }
        Subject subject = new Subject();
        Hashtable hashtable = new Hashtable();
        hashtable.put("com.ibm.wsspi.security.cred.securityName", userName);
        hashtable.put("id_token", idToken);
        hashtable.put("access_token", accessToken);
        if (refreshToken != null) {
            hashtable.put("refresh_token", refreshToken);
        }
        if (tokenType != null) {
            hashtable.put(RelyingPartyConstants.TOKEN_TYPE, tokenType);
        }
        if (scope != null) {
            hashtable.put("scope", scope);
        }
        if (!relyingPartyConfig.getMapIdentityToRegistry()) {
            if (groupIds != null) {
                hashtable.put("com.ibm.wsspi.security.cred.groups", groupIds);
            }
            hashtable.put("com.ibm.wsspi.security.cred.uniqueId", "user:" + realmName + "/" + getUniqueSecurityName(relyingPartyConfig));
            hashtable.put("com.ibm.wsspi.security.cred.realm", realmName);
            if (SessionCache.CACHE.isIncludeCustomCacheKeyInSubject()) {
                hashtable.put("com.ibm.wsspi.security.cred.cacheKey", userName + this.sessionCookieId);
            }
        }
        addToSubjectAsPrivateCredentials(subject, hashtable);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getJaasSubject returns [" + subject + "]");
        }
        return subject;
    }

    private static void addToSubjectAsPrivateCredentials(final Subject subject, final Object obj) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "addToSubjectAsPrivateCredentials");
        }
        if (subject != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Adding private cred");
            }
            AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: com.ibm.ws.security.oidc.client.SessionData.1
                @Override // java.security.PrivilegedAction
                public Object run() {
                    subject.getPrivateCredentials().add(obj);
                    return null;
                }
            });
        } else if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Subject is null");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "addToSubjectAsPrivateCredentials");
        }
    }

    public boolean hasAccessTokenExpired() {
        return hasAccessTokenExpired(null);
    }

    public boolean hasAccessTokenExpired(RelyingPartyConfig relyingPartyConfig) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "hasAccessTokenExpired(rpConfig[" + OidcUtil.getObjState(relyingPartyConfig) + "]");
        }
        boolean z = true;
        long j = this.accessTokenExpiresIn;
        if (this.iAccessToken != null) {
            j = this.iAccessToken.getExpiresIn();
        }
        if (relyingPartyConfig != null) {
            j -= relyingPartyConfig.getTimeBeforeExpires() * 1000;
        }
        if (tc.isDebugEnabled()) {
            RelyingPartyUtils.printtime("Access Token expiry", j);
            RelyingPartyUtils.printtime("Current Time", System.currentTimeMillis());
        }
        if (j >= System.currentTimeMillis()) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Access token has not expired");
            }
            z = false;
        } else if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Access token has expired");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "hasAccessTokenExpired returns [" + z + "]");
        }
        return z;
    }

    private void setBasicAuthHeader(String str) {
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "setBasicAuthHeader(authHeader[" + str + "])");
        }
        if (dynamicCacheEnabled && this.basicAuthHeader != null) {
            DynaCacheUtils.getCache().removeAlias(this.basicAuthHeader);
        }
        this.basicAuthHeader = str;
        if (!dynamicCacheEnabled || this.basicAuthHeader == null) {
            return;
        }
        DynaCacheUtils.getCache().addAlias(this.cacheIndex, new Object[]{this.basicAuthHeader});
    }

    public String getBasicAuthHeader() {
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "getBasicAuthHeader returns [" + this.basicAuthHeader + "])");
        }
        return this.basicAuthHeader;
    }

    public boolean hasExpired() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "hasExpired");
        }
        boolean z = true;
        Long l = 0L;
        if (this.idToken != null) {
            l = Long.valueOf(this.idToken.getExpirationTimeSeconds().longValue() * 1000);
        }
        if (tc.isDebugEnabled()) {
            RelyingPartyUtils.printtime("Id token expiry", l.longValue());
            RelyingPartyUtils.printtime("Current Time", System.currentTimeMillis());
        }
        if (l.longValue() > System.currentTimeMillis()) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Id token has not expired");
            }
            z = false;
        } else if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Id token has expired");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "hasExpired returns [" + z + "]");
        }
        return z;
    }

    public static String getNewNonce() {
        String bigInteger = new BigInteger(130, srandom).toString(32);
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "getNewNonce returns [" + bigInteger + "]");
        }
        return bigInteger;
    }

    void purge() {
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "purge");
        }
        clearStateId();
        clearSessionCookieId();
        this.idToken = null;
        setBasicAuthHeader(null);
        setAccessToken(null);
    }

    public String getProtectedUrlMethod() {
        if (tc.isEntryEnabled()) {
            Tr.debug(tc, "getProtectedUrlMethod returns [" + this.protectedUrlMethod + "]");
        }
        return this.protectedUrlMethod;
    }

    public void setProtectedUrlMethod(String str) {
        if (tc.isEntryEnabled()) {
            Tr.debug(tc, "setProtectedUrlMethod to [" + str + "]");
        }
        this.protectedUrlMethod = str;
    }

    public String getProtectedUrl() {
        if (tc.isEntryEnabled()) {
            Tr.debug(tc, "getProtectedUrl returns [" + this.protectedUrl + "]");
        }
        return this.protectedUrl;
    }

    public void setProtectedUrl(String str) {
        if (tc.isEntryEnabled()) {
            Tr.debug(tc, "setProtectedUrl to [" + str + "]");
        }
        this.protectedUrl = str;
    }

    public Map<String, String[]> getParameterMap() {
        if (tc.isEntryEnabled()) {
            Tr.debug(tc, "getParameterMap returns [" + this.parameterMap + "]");
        }
        return this.parameterMap;
    }

    public void setParameterMap(Map<String, String[]> map) {
        if (tc.isEntryEnabled()) {
            Tr.debug(tc, "setParameterMap to [" + map + "]");
        }
        this.parameterMap = map;
    }

    public void setDynamicCacheEnabled(boolean z) {
        if (tc.isEntryEnabled()) {
            Tr.debug(tc, "setDynamicCacheEnabled(setting [" + z + "])");
        }
        dynamicCacheEnabled = z;
    }

    public void setAccessToken(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setAccessToken(token [" + str + "])");
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "access token[" + RelyingPartyUtils.beautifyJwt(str) + "]");
        }
        if (dynamicCacheEnabled && this.accessToken != null) {
            DynaCacheUtils.getCache().removeAlias(this.accessToken);
        }
        this.accessToken = str;
        if (dynamicCacheEnabled && this.accessToken != null) {
            DynaCacheUtils.getCache().addAlias(this.cacheIndex, new Object[]{this.accessToken});
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setAccessToken");
        }
    }

    public void uncache() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "uncache");
        }
        purge();
        if (dynamicCacheEnabled) {
            DynaCacheUtils.getCache().remove(this.cacheIndex);
        } else {
            DynaCacheUtils.getLocalCache().remove(this);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "uncache");
        }
    }

    public String toString() {
        StringBuffer append = new StringBuffer(getClass().getName()).append("(");
        append.append("tokenType=[").append(this.tokenType).append("], ");
        append.append("accessToken=[").append(this.accessToken).append("], ");
        append.append("refreshToken=[").append(this.refreshToken).append("], ");
        append.append("accessTokenExpiresIn=[").append(this.accessTokenExpiresIn).append("], ");
        append.append("scope=[").append(this.scope).append("], ");
        append.append("idToken=[").append(OidcUtil.getObjState(this.idToken)).append("], ");
        append.append("idTokenEnc=[").append(OidcUtil.getObjState(this.idTokenEnc)).append("], ");
        append.append("stateId=[").append(this.stateId).append("], ");
        append.append("sessionCookieId=[").append(this.sessionCookieId).append("], ");
        append.append("basicAuthHeader=[").append(this.basicAuthHeader).append("], ");
        append.append("iAccessToken=[").append(OidcUtil.getObjState(this.iAccessToken)).append("], ");
        append.append("protectedUrlMethod=[").append(this.protectedUrlMethod).append("], ");
        append.append("protectedUrl=[").append(this.protectedUrl).append("], ");
        append.append("parameterMap=[").append(this.parameterMap).append("], ");
        append.append("dynamicCacheEnabled=[").append(dynamicCacheEnabled).append("], ");
        append.append("cacheIndex=[").append(this.cacheIndex).append("]");
        append.append(")");
        return append.toString();
    }
}
