package com.ibm.websphere.wssecurity.callbackhandler;

import com.ibm.websphere.wssecurity.wssapi.WSSConsumingContext;
import com.ibm.websphere.wssecurity.wssapi.WSSGenerationContext;
import com.ibm.ws.wssecurity.saml.common.SAMLCommonConstants;
import com.ibm.ws.wssecurity.util.ConfigurationUtil;
import com.ibm.ws.wssecurity.util.Tr;
import com.ibm.ws.wssecurity.util.TraceComponent;
import com.ibm.wsspi.wssecurity.core.Constants;
import com.ibm.wsspi.wssecurity.core.config.CallbackHandlerConfig;
import com.ibm.wsspi.wssecurity.core.config.KeyInformationConfig;
import com.ibm.wsspi.wssecurity.core.config.KeyStoreConfig;
import com.ibm.wsspi.wssecurity.core.token.config.WSSConstants;
import com.ibm.wsspi.wssecurity.saml.config.RequesterConfig;
import com.ibm.wsspi.wssecurity.saml.config.SamlConstants;
import com.ibm.wsspi.wssecurity.saml.data.SAMLAttribute;
import java.io.IOException;
import java.io.Serializable;
import java.security.cert.CertStore;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;

/* loaded from: input_file:com/ibm/websphere/wssecurity/callbackhandler/SAMLGenerateCallbackHandler.class */
public class SAMLGenerateCallbackHandler implements CallbackHandler, Serializable {
    private static final TraceComponent tc = Tr.register(SAMLGenerateCallbackHandler.class, "Web Services Security", "com.ibm.ws.wssecurity.resources.wssmessages");
    private static final long serialVersionUID = -2223655857588374454L;
    private static final int TYPE_NONE = 0;
    private static final int TYPE_KEYSTORE = 1;
    private static final int TYPE_SPECIAL = 2;
    private int type;
    private String storeRef;
    private String storePath;
    private String storeType;
    private char[] storePassword;
    private String alias;
    private char[] keyPassword;
    private String keyName;
    private List<CertStore> certStores;
    private boolean requestorCertificate;
    private boolean identityAssertion;
    private String stsURI;
    private String keySize;
    private boolean isWSSAPI;
    private String keyType = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer";
    private String confirmationMethod = SAMLCommonConstants.BEARER_KEY;
    private String authenticationMethod = null;
    private String stsPolicy = null;
    private String stsBinding = null;
    private String stsBindingScope = null;
    private String stsSoapVersion = null;
    private String tokenRequest = "issue";
    private String wstNamespace = "http://docs.oasis-open.org/ws-sx/ws-trust/200512";
    private boolean collectionRequest = false;
    private boolean failOverToTokenRequest = true;
    private boolean signatureRequired = true;
    private boolean cacheToken = true;
    private long cacheCushion = 300000;
    private String targetAlias = null;
    private String usekeyType = null;
    private long clockSkew = 0;
    private String tokenType = WSSConstants.SAML.SAML20_VALUE_TYPE;
    private String userid = null;
    private boolean audienceRestriction = true;
    private WSSGenerationContext gencont = null;
    private WSSConsumingContext concont = null;
    private String sslConfigUrl = null;
    private String appliesTo = null;
    private ArrayList<SAMLAttribute> attributes = null;
    Map<String, String> rstt = new HashMap();
    private int dktKeylength = 0;
    private int nonceLength = 0;
    private boolean requiredDKT = false;
    private String clientLabel = null;
    private String serviceLabel = null;
    private boolean useImpliedDkt = false;
    private boolean includeRealmName = false;
    private boolean includeSecurityName = false;
    private boolean includeUniqueSecurityName = true;
    private boolean includeCredentialToken = false;
    private boolean includeOID = false;
    private boolean includeExpiration = false;
    private boolean includePrimaryGroupId = false;
    private boolean includeGroupIds = true;
    private boolean includeHostName = false;
    private boolean useUniqueSecurityName = false;
    private RequesterConfig.requestMode issueMode = RequesterConfig.requestMode.NULL;
    private boolean onBehalfOfRequired = false;
    private String onBehalfOfTokenType = null;
    private boolean onBehalfOfReIssue = false;
    private boolean actAsRequired = false;
    private String actAsTokenType = null;
    private boolean actAsReIssue = false;

    public SAMLGenerateCallbackHandler(Map<Object, Object> map) {
        this.isWSSAPI = false;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "SAMLGenerateCallbackHandler()");
        }
        this.type = 0;
        CallbackHandlerConfig callbackHandlerConfig = (CallbackHandlerConfig) map.get(CallbackHandlerConfig.CONFIG_KEY);
        if (callbackHandlerConfig != null) {
            KeyStoreConfig resolvingKeyStore = callbackHandlerConfig.getResolvingKeyStore();
            if (resolvingKeyStore != null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "SAMLGenerateCallbackHandler() Obtaining keystore properties from KeystoreConfig");
                }
                this.storeRef = resolvingKeyStore.getKsRef();
                this.storePath = resolvingKeyStore.getPath();
                this.storeType = resolvingKeyStore.getType();
                String password = resolvingKeyStore.getPassword();
                this.storePassword = password == null ? null : password.toCharArray();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "SAMLGenerateCallbackHandler() storeRef [" + this.storeRef + "]");
                    Tr.debug(tc, "SAMLGenerateCallbackHandler() storePath [" + this.storePath + "]");
                    Tr.debug(tc, "SAMLGenerateCallbackHandler() storeType [" + this.storeType + "]");
                    Tr.debug(tc, "SAMLGenerateCallbackHandler() storePassword [" + (this.storePassword == null ? "null" : "not null") + "]");
                }
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "SAMLGenerateCallbackHandler() No keystore information provided.");
            }
            KeyInformationConfig keyInformation = callbackHandlerConfig.getKeyInformation();
            if (keyInformation != null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "SAMLGenerateCallbackHandler() Obtaining key properties from KeyInformationConfig");
                }
                this.alias = keyInformation.getAlias();
                String keyPass = keyInformation.getKeyPass();
                this.keyPassword = keyPass == null ? null : keyPass.toCharArray();
                this.keyName = keyInformation.getName();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "SAMLGenerateCallbackHandler() alias [" + this.alias + "]");
                    Tr.debug(tc, "SAMLGenerateCallbackHandler() keyName [" + this.keyName + "]");
                    Tr.debug(tc, "SAMLGenerateCallbackHandler() keyPassword [" + (this.keyPassword == null ? "null" : "not null") + "]");
                }
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "SAMLGenerateCallbackHandler() No key information provided.");
            }
            this.certStores = callbackHandlerConfig.getCertStores();
            ProcessCallbackProperties(callbackHandlerConfig.getProperties());
        } else {
            this.isWSSAPI = true;
            ProcessCallbackProperties(map);
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "SAMLGenerateCallbackHandler() isWSSAPI [" + this.isWSSAPI + "]");
        }
    }

    @Override // javax.security.auth.callback.CallbackHandler
    public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "handle()");
        }
        if (callbackArr == null || callbackArr.length == 0) {
            throw new UnsupportedCallbackException(null, "There is no callback.");
        }
        for (Callback callback : callbackArr) {
            if (callback instanceof SAMLGenerateCallback) {
                SAMLGenerateCallback sAMLGenerateCallback = (SAMLGenerateCallback) callback;
                if (this.type == 0) {
                    sAMLGenerateCallback.setKeyStoreReference(this.storeRef);
                    sAMLGenerateCallback.setKeyStorePath(this.storePath);
                    sAMLGenerateCallback.setKeyStoreType(this.storeType);
                    sAMLGenerateCallback.setKeyStorePassword(this.storePassword);
                    sAMLGenerateCallback.setAlias(this.alias);
                    sAMLGenerateCallback.setKeyPassword(this.keyPassword);
                    sAMLGenerateCallback.setKeyName(this.keyName);
                    sAMLGenerateCallback.setCertStores(this.certStores);
                } else if (this.type == 1) {
                    sAMLGenerateCallback.setKeyStoreReference(this.storeRef);
                    sAMLGenerateCallback.setKeyStorePath(this.storePath);
                    sAMLGenerateCallback.setKeyStoreType(this.storeType);
                    sAMLGenerateCallback.setKeyStorePassword(this.storePassword);
                    sAMLGenerateCallback.setAlias(this.alias);
                    sAMLGenerateCallback.setKeyPassword(this.keyPassword);
                    sAMLGenerateCallback.setKeyName(this.keyName);
                    sAMLGenerateCallback.setCertStores(this.certStores);
                } else if (this.type == 2) {
                }
                sAMLGenerateCallback.setConfirmationMethod(this.confirmationMethod);
                if (this.authenticationMethod != null) {
                    sAMLGenerateCallback.setAuthenticationMethod(this.authenticationMethod);
                }
                sAMLGenerateCallback.setStsURI(this.stsURI);
                sAMLGenerateCallback.setKeyType(this.keyType);
                sAMLGenerateCallback.setKeySize(this.keySize);
                sAMLGenerateCallback.setIsSignatureRequired(this.signatureRequired);
                sAMLGenerateCallback.setStsPolicy(this.stsPolicy);
                sAMLGenerateCallback.setStsBinding(this.stsBinding);
                sAMLGenerateCallback.setStsBindingScope(this.stsBindingScope);
                sAMLGenerateCallback.setStsSoapVersion(this.stsSoapVersion);
                sAMLGenerateCallback.setTokenRequest(this.tokenRequest);
                sAMLGenerateCallback.setWSTrustNamespace(this.wstNamespace);
                sAMLGenerateCallback.setCollectionRequest(this.collectionRequest);
                sAMLGenerateCallback.setRSTTProperties(this.rstt);
                sAMLGenerateCallback.setCacheCushion(this.cacheCushion);
                sAMLGenerateCallback.setCacheToken(this.cacheToken);
                sAMLGenerateCallback.setTargetserviceAlias(this.targetAlias);
                sAMLGenerateCallback.setUseKeyType(this.usekeyType);
                sAMLGenerateCallback.setClockSkew(this.clockSkew);
                sAMLGenerateCallback.setTokenType(this.tokenType);
                sAMLGenerateCallback.setNameId(this.userid);
                sAMLGenerateCallback.setSSLConfigUrl(this.sslConfigUrl);
                sAMLGenerateCallback.setWSSGenerationContext(this.gencont);
                sAMLGenerateCallback.setWSSConsumingContext(this.concont);
                sAMLGenerateCallback.setAppliesTo(this.appliesTo);
                sAMLGenerateCallback.setAttributes(this.attributes);
                sAMLGenerateCallback.setIncludeCredentialToken(this.includeCredentialToken);
                sAMLGenerateCallback.setIncludeExpiration(this.includeExpiration);
                sAMLGenerateCallback.setIncludeGroupIds(this.includeGroupIds);
                sAMLGenerateCallback.setIncludeHostName(this.includeHostName);
                sAMLGenerateCallback.setIncludeOID(this.includeOID);
                sAMLGenerateCallback.setIncludePrimaryGroupId(this.includePrimaryGroupId);
                sAMLGenerateCallback.setIncludeRealmName(this.includeRealmName);
                sAMLGenerateCallback.setIncludeSecurityName(this.includeSecurityName);
                sAMLGenerateCallback.setIncludeUniqueSecurityName(this.includeUniqueSecurityName);
                sAMLGenerateCallback.setUseUniqueSecurityName(this.useUniqueSecurityName);
                sAMLGenerateCallback.setIssueMode(this.issueMode);
                sAMLGenerateCallback.setAudienceRestriction(this.audienceRestriction);
                sAMLGenerateCallback.setOnBehalfOfRequired(this.onBehalfOfRequired);
                sAMLGenerateCallback.setOnBehalfOfTokenType(this.onBehalfOfTokenType);
                sAMLGenerateCallback.setOnBehalfOfReIssue(this.onBehalfOfReIssue);
                sAMLGenerateCallback.setActAsRequired(this.actAsRequired);
                sAMLGenerateCallback.setActAsTokenType(this.actAsTokenType);
                sAMLGenerateCallback.setActAsReIssue(this.actAsReIssue);
                if (tc.isDebugEnabled()) {
                    StringBuffer stringBuffer = new StringBuffer("SAMLGenerateCallback[[");
                    stringBuffer.append("isWSSAPI=[").append(this.isWSSAPI).append("], ");
                    stringBuffer.append("type=[").append(this.type).append("], ");
                    if (this.type == 0 || this.type == 1) {
                        stringBuffer.append("storeRef=[").append(sAMLGenerateCallback.getKeyStoreReference()).append("], ");
                        stringBuffer.append("storePath=[").append(sAMLGenerateCallback.getKeyStorePath()).append("], ");
                        stringBuffer.append("storeType=[").append(sAMLGenerateCallback.getKeyStoreType()).append("], ");
                        stringBuffer.append("storePassword=[").append(sAMLGenerateCallback.getKeyStorePassword() == null ? "null" : "not null").append("], ");
                        stringBuffer.append("alias=[").append(sAMLGenerateCallback.getAlias()).append("], ");
                        stringBuffer.append("keyPassword=[").append(sAMLGenerateCallback.getKeyPassword() == null ? "null" : "not null").append("], ");
                        stringBuffer.append("keyName=[").append(sAMLGenerateCallback.getKeyName()).append("], ");
                        stringBuffer.append("certStores=[").append(sAMLGenerateCallback.getCertStores() == null ? "null" : "not null").append("], ");
                    }
                    stringBuffer.append("confirmationMethod=[").append(sAMLGenerateCallback.getConfirmationMethod()).append("], ");
                    stringBuffer.append("authenticationMethod=[").append(sAMLGenerateCallback.getAuthenticationMethod()).append("], ");
                    stringBuffer.append("stsURI=[").append(sAMLGenerateCallback.getStsURI()).append("], ");
                    stringBuffer.append("keyType=[").append(sAMLGenerateCallback.getKeyType()).append("], ");
                    stringBuffer.append("keySize=[").append(sAMLGenerateCallback.getKeySize()).append("], ");
                    stringBuffer.append("signatureRequired=[").append(sAMLGenerateCallback.isSignatureRequired()).append("], ");
                    stringBuffer.append("stsPolicy=[").append(sAMLGenerateCallback.getStsPolicy()).append("], ");
                    stringBuffer.append("stsBinding=[").append(sAMLGenerateCallback.getStsBinding()).append("], ");
                    stringBuffer.append("stsBindingScope=[").append(sAMLGenerateCallback.getStsBindingScope()).append("], ");
                    stringBuffer.append("stsSoapVersion=[").append(sAMLGenerateCallback.getStsSoapVersion()).append("], ");
                    stringBuffer.append("tokenRequest=[").append(sAMLGenerateCallback.getTokenRequest()).append("], ");
                    stringBuffer.append("wstNamespace=[").append(sAMLGenerateCallback.getWSTrustNamespace()).append("], ");
                    stringBuffer.append("collectionRequest=[").append(sAMLGenerateCallback.isCollectionRequest()).append("], ");
                    stringBuffer.append("cacheCushion=[").append(sAMLGenerateCallback.getCacheCushion()).append("], ");
                    stringBuffer.append("cacheToken=[").append(sAMLGenerateCallback.cacheToken()).append("], ");
                    stringBuffer.append("targetAlias=[").append(sAMLGenerateCallback.getTargetServiceAlias()).append("], ");
                    stringBuffer.append("usekeyType=[").append(sAMLGenerateCallback.getUsekeyType()).append("], ");
                    stringBuffer.append("clockSkew=[").append(sAMLGenerateCallback.getClockSkew()).append("], ");
                    stringBuffer.append("tokenType=[").append(sAMLGenerateCallback.getTokenType()).append("], ");
                    stringBuffer.append("userid=[").append(sAMLGenerateCallback.getNameId()).append("], ");
                    stringBuffer.append("sslConfigUrl=[").append(sAMLGenerateCallback.getSSLConfigUrl()).append("], ");
                    stringBuffer.append("appliesTo=[").append(sAMLGenerateCallback.getAppliesTo()).append("], ");
                    stringBuffer.append("attributes=[").append(sAMLGenerateCallback.getAttributes() == null ? "null" : "not null").append("], ");
                    stringBuffer.append("includeCredentialToken=[").append(sAMLGenerateCallback.includeCredentialToken()).append("], ");
                    stringBuffer.append("includeExpiration=[").append(sAMLGenerateCallback.includeExpiration()).append("], ");
                    stringBuffer.append("includeGroupIds=[").append(sAMLGenerateCallback.includeGroupIds()).append("], ");
                    stringBuffer.append("includeHostName=[").append(sAMLGenerateCallback.includeHostName()).append("], ");
                    stringBuffer.append("includeOID=[").append(sAMLGenerateCallback.includeOID()).append("], ");
                    stringBuffer.append("includePrimaryGroupId=[").append(sAMLGenerateCallback.includePrimaryGroupId()).append("], ");
                    stringBuffer.append("includeRealmName=[").append(sAMLGenerateCallback.includeRealmName()).append("], ");
                    stringBuffer.append("includeSecurityName=[").append(sAMLGenerateCallback.includeSecurityName()).append("], ");
                    stringBuffer.append("includeUniqueSecurityName=[").append(sAMLGenerateCallback.includeUniqueSecurityName()).append("], ");
                    stringBuffer.append("useUniqueSecurityName=[").append(sAMLGenerateCallback.useUniqueSecurityName()).append("], ");
                    stringBuffer.append("issueMode=[").append(sAMLGenerateCallback.getIssueMode()).append("], ");
                    stringBuffer.append("audienceRestriction=[").append(sAMLGenerateCallback.getAudienceRestriction()).append("]");
                    stringBuffer.append("]");
                    Tr.debug(tc, stringBuffer.toString());
                }
            } else if (this.isWSSAPI && (callback instanceof DerivedKeyInfoCallback)) {
                ((DerivedKeyInfoCallback) callback).setRequiredDKT(this.requiredDKT);
                ((DerivedKeyInfoCallback) callback).setClientLabel(this.clientLabel);
                ((DerivedKeyInfoCallback) callback).setServerLabel(this.serviceLabel);
                ((DerivedKeyInfoCallback) callback).setKeyBytesLength(this.dktKeylength);
                ((DerivedKeyInfoCallback) callback).setNonceBytesLength(this.nonceLength);
                if (tc.isDebugEnabled()) {
                    StringBuffer stringBuffer2 = new StringBuffer("DerivedKeyInfoCallback[[");
                    stringBuffer2.append("requiredDKT=[").append(((DerivedKeyInfoCallback) callback).getRequiredDKT()).append("], ");
                    stringBuffer2.append("clientLabel=[").append(((DerivedKeyInfoCallback) callback).getClientLabel()).append("], ");
                    stringBuffer2.append("serviceLabel=[").append(((DerivedKeyInfoCallback) callback).getServerLabel()).append("], ");
                    stringBuffer2.append("dktKeylength=[").append(((DerivedKeyInfoCallback) callback).getKeyBytesLength()).append("], ");
                    stringBuffer2.append("nonceLength=[").append(((DerivedKeyInfoCallback) callback).getNonceBytesLength()).append("]");
                    stringBuffer2.append("]");
                    Tr.debug(tc, stringBuffer2.toString());
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "handle()");
        }
    }

    private void ProcessCallbackProperties(Map<Object, Object> map) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "ProcessCallbackProperties()");
        }
        Object obj = map.get(Constants.WSSECURITY_USE_IDASSERTION);
        if (obj != null) {
            this.identityAssertion = UNTGenerateCallbackHandler.isTrue(obj.toString());
        }
        Object obj2 = map.get(Constants.WSSECURITY_USE_REQUESTOR_CERT);
        if (obj2 != null) {
            this.requestorCertificate = UNTGenerateCallbackHandler.isTrue(obj2.toString());
        }
        Object obj3 = map.get(SamlConstants.SIGNATURE_REQUIRED);
        if (obj3 != null) {
            String str = (String) obj3;
            if (str.equalsIgnoreCase("false") || str.equalsIgnoreCase("no") || str.equalsIgnoreCase("optional")) {
                this.signatureRequired = false;
            }
        }
        this.stsURI = (String) map.get("stsURI");
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "SAMLGenerateCallbackHandler() stsURI [" + this.stsURI + "]");
        }
        this.keySize = (String) map.get("keySize");
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "SAMLGenerateCallbackHandler() keySize [" + this.keySize + "]");
        }
        this.onBehalfOfRequired = ConfigurationUtil.getIsTrueProperty(map, "wstrustOnBehalfOfRequired");
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "SAMLGenerateCallbackHandler() onBehalfOfRequired [" + this.onBehalfOfRequired + "]");
        }
        this.onBehalfOfTokenType = (String) map.get("wstrustOnBehalfOfTokenType");
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "SAMLGenerateCallbackHandler() onBehalfOfTokenType [" + this.onBehalfOfTokenType + "]");
        }
        this.onBehalfOfReIssue = ConfigurationUtil.getIsTrueProperty(map, "wstrustOnBehalfOfReIssue");
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "SAMLGenerateCallbackHandler() onBehalfOfReIssue [" + this.onBehalfOfReIssue + "]");
        }
        this.actAsRequired = ConfigurationUtil.getIsTrueProperty(map, "wstrustActAsRequired");
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "SAMLGenerateCallbackHandler() actAsRequired [" + this.actAsRequired + "]");
        }
        this.actAsTokenType = (String) map.get("wstrustActAsTokenType");
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "SAMLGenerateCallbackHandler() actAsTokenType [" + this.actAsTokenType + "]");
        }
        this.actAsReIssue = ConfigurationUtil.getIsTrueProperty(map, "wstrustActAsReIssue");
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "SAMLGenerateCallbackHandler() actAsReIssue [" + this.actAsReIssue + "]");
        }
        String str2 = (String) map.get("confirmationMethod");
        if (str2 != null) {
            this.confirmationMethod = str2;
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "SAMLGenerateCallbackHandler() confirmationMethod [" + this.confirmationMethod + "]");
            }
        }
        String str3 = (String) map.get(SamlConstants.AUTHENTICATION_METHOD);
        if (str3 != null) {
            this.authenticationMethod = str3;
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "SAMLGenerateCallbackHandler() authenticationMethod [" + this.authenticationMethod + "]");
            }
        }
        this.audienceRestriction = ConfigurationUtil.getIsFalseProperty(map, SamlConstants.AUDIENCE_RESTRICTION);
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "SAMLGenerateCallbackHandler() audienceRestriction [" + this.audienceRestriction + "]");
        }
        this.stsPolicy = (String) map.get("wstrustClientPolicy");
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "SAMLGenerateCallbackHandler() stsPolicy [" + this.stsPolicy + "]");
        }
        this.stsBinding = (String) map.get("wstrustClientBinding");
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "SAMLGenerateCallbackHandler() stsBinding [" + this.stsBinding + "]");
        }
        this.stsBindingScope = (String) map.get("wstrustClientBindingScope");
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "SAMLGenerateCallbackHandler() stsBindingScope [" + this.stsBindingScope + "]");
        }
        String str4 = (String) map.get(SamlConstants.FAILOVER_TO_TOKEN_REQUEST);
        if (str4 != null && str4.equalsIgnoreCase("false")) {
            this.failOverToTokenRequest = false;
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "SAMLGenerateCallbackHandler() failOverToTokenRequest [" + this.failOverToTokenRequest + "]");
        }
        String str5 = (String) map.get("wstrustClientWSTNamespace");
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "SAMLGenerateCallbackHandler() wstrustClientWSTNamespace [" + str5 + "]");
        }
        if (str5 == null) {
            this.wstNamespace = "http://docs.oasis-open.org/ws-sx/ws-trust/200512";
        } else if ("http://schemas.xmlsoap.org/ws/2005/02/trust".equals(str5) || "http://docs.oasis-open.org/ws-sx/ws-trust/200512".equals(str5)) {
            this.wstNamespace = str5;
        } else if (SamlConstants.TRUST_CLIENT_WSTRUST_NAMESPACE_12.equals(str5)) {
            this.wstNamespace = "http://schemas.xmlsoap.org/ws/2005/02/trust";
        } else if (SamlConstants.TRUST_CLIENT_WSTRUST_NAMESPACE_13.equals(str5)) {
            this.wstNamespace = "http://docs.oasis-open.org/ws-sx/ws-trust/200512";
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "SAMLGenerateCallbackHandler() wstNamespace [" + str5 + "]");
        }
        String str6 = (String) map.get(SamlConstants.KEY_TYPE);
        if (str6 != null) {
            this.keyType = getFullyQualifiedKeyType(str6, this.wstNamespace);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "SAMLGenerateCallbackHandler() keyType [" + this.keyType + "]");
            }
        }
        Object obj4 = map.get("wstrustClientCollectionRequest");
        if (obj4 != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "SAMLGenerateCallbackHandler() wstrustClientCollectionRequest [" + obj4 + "]");
            }
            if (obj4 instanceof Boolean) {
                this.collectionRequest = ((Boolean) obj4).booleanValue();
            } else if (obj4 instanceof String) {
                this.collectionRequest = Boolean.valueOf((String) obj4).booleanValue();
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "SAMLGenerateCallbackHandler() this.collectionRequest [" + this.collectionRequest + "]");
            }
        }
        this.stsSoapVersion = (String) map.get("wstrustClientSoapVersion");
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "SAMLGenerateCallbackHandler() stsSoapVersion [" + this.stsSoapVersion + "]");
        }
        if (map.get(SamlConstants.Token_REQUEST) != null) {
            this.tokenRequest = (String) map.get(SamlConstants.Token_REQUEST);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "SAMLGenerateCallbackHandler() tokenRequest [" + this.tokenRequest + "]");
            }
        }
        String str7 = (String) map.get(SamlConstants.CACHE_CUSHION);
        if (str7 != null && !str7.trim().isEmpty()) {
            this.cacheCushion = Long.parseLong(str7) * 60 * 1000;
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "SAMLGenerateCallbackHandler() cacheCushion [" + str7 + "]");
                Tr.debug(tc, "SAMLGenerateCallbackHandler() cacheCushion [" + this.cacheCushion + "]");
            }
        }
        String str8 = (String) map.get(SamlConstants.CACHE_TOKEN);
        if (str8 != null && str8.equalsIgnoreCase("false")) {
            this.cacheToken = false;
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "SAMLGenerateCallbackHandler() cacheToken [" + this.cacheToken + "]");
            }
        }
        String str9 = (String) map.get(SamlConstants.SERVICE_ALIAS);
        if (str9 != null) {
            this.targetAlias = str9;
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "SAMLGenerateCallbackHandler() targetAlias [" + this.targetAlias + "]");
            }
        }
        String str10 = (String) map.get(SamlConstants.USE_KEY_TYPE);
        if (str10 != null) {
            this.usekeyType = str10;
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "SAMLGenerateCallbackHandler() usekeyType [" + this.usekeyType + "]");
            }
        }
        String str11 = (String) map.get("clockSkew");
        if (str11 != null && !str11.trim().isEmpty()) {
            this.clockSkew = Long.parseLong(str11) * 60 * 1000;
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "SAMLGenerateCallbackHandler() clockSkew [" + str11 + "]");
                Tr.debug(tc, "SAMLGenerateCallbackHandler() clockSkew [" + this.clockSkew + "]");
            }
        }
        for (Object obj5 : map.keySet()) {
            if (obj5 instanceof String) {
                Object obj6 = map.get(obj5);
                if (obj5 != null && (obj6 instanceof String)) {
                    this.rstt.put((String) obj5, (String) obj6);
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "SAMLGenerateCallbackHandler() rstt.put(" + obj5 + ", " + obj6 + ")");
                    }
                }
            }
        }
        if (map.get("NameID") != null) {
            this.userid = (String) map.get("NameID");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "SAMLGenerateCallbackHandler() NameID [" + this.userid + "]");
            }
        }
        if (map.get(SamlConstants.TOKEN_TYPE) != null) {
            this.tokenType = (String) map.get(SamlConstants.TOKEN_TYPE);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "SAMLGenerateCallbackHandler() tokenType [" + this.tokenType + "]");
            }
        }
        if (map.get("sslConfigAlias") != null) {
            this.sslConfigUrl = ConfigurationUtil.getString(map.get("sslConfigAlias"));
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "SAMLGenerateCallbackHandler() sslConfigUrl [" + this.sslConfigUrl + "]");
            }
        }
        if (map.get("WSSGenerationContext") != null) {
            this.gencont = (WSSGenerationContext) map.get("WSSGenerationContext");
        }
        if (map.get("WSSConsumingContext") != null) {
            this.concont = (WSSConsumingContext) map.get("WSSGenerationContext");
        }
        if (map.get("appliesTo") != null) {
            this.appliesTo = (String) map.get("appliesTo");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "SAMLGenerateCallbackHandler() appliesTo [" + this.appliesTo + "]");
            }
        }
        if (map.get(SamlConstants.DKT_KEY_LENGTH) != null) {
            this.dktKeylength = Integer.parseInt((String) map.get(SamlConstants.DKT_KEY_LENGTH));
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "SAMLGenerateCallbackHandler() dktKeylength [" + this.dktKeylength + "]");
            }
        }
        if (map.get(SamlConstants.DKT_NONCE_LENGTH) != null) {
            this.nonceLength = Integer.parseInt((String) map.get(SamlConstants.DKT_NONCE_LENGTH));
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "SAMLGenerateCallbackHandler() nonceLength [" + this.nonceLength + "]");
            }
        }
        if (map.get(SamlConstants.REQUIRE_DKT) != null && "true".equalsIgnoreCase((String) map.get(SamlConstants.REQUIRE_DKT))) {
            this.requiredDKT = true;
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "SAMLGenerateCallbackHandler() requiredDKT [" + this.requiredDKT + "]");
            }
        }
        if (map.get(SamlConstants.CLIENT_LABEL) != null) {
            this.clientLabel = (String) map.get(SamlConstants.CLIENT_LABEL);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "SAMLGenerateCallbackHandler() clientLabel [" + this.clientLabel + "]");
            }
        }
        if (map.get(SamlConstants.SERVICE_LABEL) != null) {
            this.serviceLabel = (String) map.get(SamlConstants.SERVICE_LABEL);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "SAMLGenerateCallbackHandler() serviceLabel [" + this.serviceLabel + "]");
            }
        }
        if (map.get(SamlConstants.USE_IMPLIED_DKT) != null && "true".equalsIgnoreCase((String) map.get(SamlConstants.USE_IMPLIED_DKT))) {
            this.useImpliedDkt = true;
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "SAMLGenerateCallbackHandler() useImpliedDkt [" + this.useImpliedDkt + "]");
            }
        }
        if (tc.isDebugEnabled() && this.storeRef != null && this.storePath != null && (map.get(SamlConstants.KEY_STORE_REF) != null || map.get("keyStorePath") != null)) {
            Tr.debug(tc, "The keystore settings from the KeystoreConfig will override the settings in the custom properties");
        }
        if (this.storeRef == null && this.storePath == null) {
            if (map.get(SamlConstants.KEY_STORE_REF) != null) {
                this.storeRef = (String) map.get(SamlConstants.KEY_STORE_REF);
            }
            if (map.get("keyStorePath") != null) {
                this.storePath = (String) map.get("keyStorePath");
            }
            if (map.get("keyStoreType") != null) {
                this.storeType = (String) map.get("keyStoreType");
            }
            if (map.get("keyStorePassword") != null) {
                this.storePassword = ((String) map.get("keyStorePassword")).toCharArray();
            }
            if (tc.isDebugEnabled() && this.storeRef != null && this.storePath != null) {
                Tr.debug(tc, "SAMLGenerateCallbackHandler() storeRef [" + this.storeRef + "]");
                Tr.debug(tc, "SAMLGenerateCallbackHandler() storePath [" + this.storePath + "]");
                Tr.debug(tc, "SAMLGenerateCallbackHandler() storeType [" + this.storeType + "]");
                Tr.debug(tc, "SAMLGenerateCallbackHandler() storePassword [" + (this.storePassword == null ? "null" : "not null") + "]");
            }
        }
        if (tc.isDebugEnabled() && this.alias != null && map.get("keyAlias") != null) {
            Tr.debug(tc, "The key information settings from the KeyInformationConfig will override the settings in the custom properties");
        }
        if (this.alias == null && map.get("keyAlias") != null) {
            this.alias = (String) map.get("keyAlias");
            if (map.get("keyPassword") != null) {
                this.keyPassword = ((String) map.get("keyPassword")).toCharArray();
            }
            if (map.get("keyName") != null) {
                this.keyName = (String) map.get("keyName");
            }
            if (tc.isDebugEnabled() && this.alias != null) {
                Tr.debug(tc, "SAMLGenerateCallbackHandler() alias [" + this.alias + "]");
                Tr.debug(tc, "SAMLGenerateCallbackHandler() keyName [" + this.keyName + "]");
                Tr.debug(tc, "SAMLGenerateCallbackHandler() keyPassword [" + (this.keyPassword == null ? "null" : "not null") + "]");
            }
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "SAMLGenerateCallbackHandler() samlAttributes [" + (map.get(SamlConstants.SAML_ATTRIBUTES) == null ? "null" : "not null") + "]");
        }
        if (map.get(SamlConstants.SAML_ATTRIBUTES) != null) {
            Object obj7 = map.get(SamlConstants.SAML_ATTRIBUTES);
            if (obj7 instanceof ArrayList) {
                boolean z = true;
                int i = 0;
                while (true) {
                    if (i >= ((ArrayList) obj7).size()) {
                        break;
                    }
                    if (!(((ArrayList) obj7).get(i) instanceof SAMLAttribute)) {
                        z = false;
                        break;
                    }
                    i++;
                }
                if (z) {
                    this.attributes = (ArrayList) obj7;
                }
            }
        }
        this.includeRealmName = ConfigurationUtil.getBoolean(map.get(SamlConstants.includeRealmName), false);
        this.includeSecurityName = ConfigurationUtil.getBoolean(map.get(SamlConstants.includeSecurityName), false);
        this.includeUniqueSecurityName = ConfigurationUtil.getBoolean(map.get(SamlConstants.includeUniqueSecurityName), true);
        this.includeCredentialToken = ConfigurationUtil.getBoolean(map.get(SamlConstants.includeCredentialToken), false);
        this.includeOID = ConfigurationUtil.getBoolean(map.get(SamlConstants.includeOID), false);
        this.includeExpiration = ConfigurationUtil.getBoolean(map.get(SamlConstants.includeExpiration), false);
        this.includePrimaryGroupId = ConfigurationUtil.getBoolean(map.get(SamlConstants.includePrimaryGroupId), false);
        this.includeGroupIds = ConfigurationUtil.getBoolean(map.get(SamlConstants.includeGroupIds), true);
        this.includeHostName = ConfigurationUtil.getBoolean(map.get(SamlConstants.includeHostName), false);
        this.useUniqueSecurityName = ConfigurationUtil.getBoolean(map.get(SamlConstants.useUniqueSecurityName), false);
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "SAMLGenerateCallbackHandler() includeRealmName [" + this.includeRealmName + "]");
            Tr.debug(tc, "SAMLGenerateCallbackHandler() includeSecurityName [" + this.includeSecurityName + "]");
            Tr.debug(tc, "SAMLGenerateCallbackHandler() includeUniqueSecurityName [" + this.includeUniqueSecurityName + "]");
            Tr.debug(tc, "SAMLGenerateCallbackHandler() includeCredentialToken [" + this.includeCredentialToken + "]");
            Tr.debug(tc, "SAMLGenerateCallbackHandler() includeOID [" + this.includeOID + "]");
            Tr.debug(tc, "SAMLGenerateCallbackHandler() includeExpiration [" + this.includeExpiration + "]");
            Tr.debug(tc, "SAMLGenerateCallbackHandler() includePrimaryGroupId [" + this.includePrimaryGroupId + "]");
            Tr.debug(tc, "SAMLGenerateCallbackHandler() includeGroupIds [" + this.includeGroupIds + "]");
            Tr.debug(tc, "SAMLGenerateCallbackHandler() includeHostName [" + this.includeHostName + "]");
            Tr.debug(tc, "SAMLGenerateCallbackHandler() useUniqueSecurityName [" + this.useUniqueSecurityName + "]");
        }
        if (this.tokenRequest == null || this.tokenRequest.isEmpty()) {
            this.issueMode = RequesterConfig.requestMode.NULL;
        } else if (this.tokenRequest.equalsIgnoreCase("issue")) {
            this.issueMode = RequesterConfig.requestMode.SAMLORPRINCIPAL;
        } else if (this.tokenRequest.toLowerCase().contains("issuebywsprincipal")) {
            this.issueMode = RequesterConfig.requestMode.WSCREDENTIAL;
        } else if (this.tokenRequest.toLowerCase().contains("issuebywscredential")) {
            this.issueMode = RequesterConfig.requestMode.WSCREDENTIAL;
        } else if (this.tokenRequest.toLowerCase().contains("propagation")) {
            this.issueMode = RequesterConfig.requestMode.PROPAGATION;
        } else {
            this.issueMode = RequesterConfig.requestMode.SAMLORPRINCIPAL;
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "ProcessCallbackProperties()");
        }
    }

    public void setWSSConsumingContextForTrustClient(WSSConsumingContext wSSConsumingContext) {
        this.concont = wSSConsumingContext;
    }

    public void setWSSGenerationContextForTrustClient(WSSGenerationContext wSSGenerationContext) {
        this.gencont = wSSGenerationContext;
    }

    private String getFullyQualifiedKeyType(String str, String str2) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getFullyQualifiedKeyType(keyTypeAlias [" + str + "], wsTrustVersionNamespace [" + str2 + "])");
        }
        String str3 = str;
        if (str2 != null && str != null) {
            if (str2.equals("http://schemas.xmlsoap.org/ws/2005/02/trust")) {
                if (str.equals(SamlConstants.SYMMETRICKEY_KEYTYPE_ALIAS)) {
                    str3 = "http://schemas.xmlsoap.org/ws/2005/02/trust/SymmetricKey";
                } else if (str.equals(SamlConstants.PUBLICKEY_KEYTYPE_ALIAS)) {
                    str3 = WSSConstants.WST12.KEYTYPE_PUBLICKEY;
                }
            } else if (str2.equals("http://docs.oasis-open.org/ws-sx/ws-trust/200512")) {
                if (str.equals("bearer")) {
                    str3 = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer";
                } else if (str.equals(SamlConstants.SYMMETRICKEY_KEYTYPE_ALIAS)) {
                    str3 = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey";
                } else if (str.equals(SamlConstants.PUBLICKEY_KEYTYPE_ALIAS)) {
                    str3 = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/PublicKey";
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getFullyQualifiedKeyType returns [" + str3 + "]");
        }
        return str3;
    }
}
