package com.ibm.ws.wssecurity.util;

import com.ibm.websphere.wssecurity.wssapi.token.SecurityToken;
import com.ibm.ws.wssecurity.common.Constants;
import com.ibm.ws.wssecurity.config.WSSConsumerConfig;
import com.ibm.ws.wssecurity.platform.auth.WSSContext;
import com.ibm.ws.wssecurity.platform.auth.WSSContextFactory;
import com.ibm.ws.wssecurity.wssapi.token.impl.AuthenticationTokenImpl;
import com.ibm.ws.wssecurity.wssapi.token.impl.DKToken;
import com.ibm.ws.wssecurity.wssapi.token.impl.KRB5TokenImpl;
import com.ibm.ws.wssecurity.wssapi.token.impl.SAMLTokenImpl;
import com.ibm.ws.wssecurity.wssapi.token.impl.SCT;
import com.ibm.ws.wssecurity.wssapi.token.impl.SecurityTokenImpl;
import com.ibm.ws.wssecurity.wssapi.token.impl.TokenFactory;
import com.ibm.ws.wssecurity.wssapi.token.impl.TokenFactoryFactory;
import com.ibm.ws.wssecurity.wssapi.token.impl.UsernameTokenImpl;
import com.ibm.wsspi.wssecurity.core.SoapSecurityException;
import com.ibm.wsspi.wssecurity.core.config.CallbackHandlerConfig;
import java.security.AccessController;
import java.security.Principal;
import java.security.PrivilegedAction;
import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Vector;
import javax.security.auth.Subject;
import javax.xml.namespace.QName;
import org.apache.axis2.context.MessageContext;

/* loaded from: input_file:com/ibm/ws/wssecurity/util/TokenUtils.class */
public class TokenUtils {
    private static final String comp = "security.wssecurity";
    private static final TraceComponent tc = Tr.register(TokenUtils.class, "Web Services Security", "com.ibm.ws.wssecurity.resources.wssmessages");
    private static final String clsName = TokenUtils.class.getName();
    private static String _sctFactoryKey = (String) WSSecurityFactoryBuilder.getImplClassName("com.ibm.ws.wssecurity.platform.AuthnToken");
    private static TokenFactory _sctTokenFactory = TokenFactoryFactory.getTokenFactory(_sctFactoryKey);
    public static String WSSECURITY_BEHALF_OF_TOKEN = "com.ibm.ws.wssecurity.util.TokenUtils.behalfOfToken";

    public static ArrayList<SecurityToken> getTokenFromContext(MessageContext messageContext, QName qName) throws SoapSecurityException {
        return getTokenFromSubject(getRunAsSubject(messageContext), qName);
    }

    public static ArrayList<SecurityToken> getTokenFromSubject(final Subject subject, final QName qName) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getTokenFromSubject() valueType[" + qName + "], Subject[" + (subject == null ? "null" : subject.toString()) + "]");
        }
        ArrayList<SecurityToken> arrayList = new ArrayList<>();
        if (subject == null) {
            return arrayList;
        }
        try {
            ArrayList<SecurityToken> arrayList2 = (ArrayList) AccessController.doPrivileged(new PrivilegedExceptionAction() { // from class: com.ibm.ws.wssecurity.util.TokenUtils.1
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    ArrayList arrayList3 = new ArrayList();
                    for (SecurityToken securityToken : subject.getPrivateCredentials(SecurityToken.class)) {
                        if (securityToken != null) {
                            if (TokenUtils.tc.isDebugEnabled()) {
                                Tr.debug(TokenUtils.tc, "Found SecurityToken in PrivateCredential: id[" + securityToken.getId() + "], valueType[" + securityToken.getValueType() + "]");
                            }
                        } else if (TokenUtils.tc.isDebugEnabled()) {
                            Tr.debug(TokenUtils.tc, "NO SecurityToken is found to be processed...");
                        }
                        if (qName.equals(securityToken.getValueType())) {
                            if (TokenUtils.tc.isDebugEnabled()) {
                                Tr.debug(TokenUtils.tc, "ValueTypes match.  Adding token to list.");
                            }
                            arrayList3.add(securityToken);
                        }
                    }
                    for (SecurityToken securityToken2 : subject.getPublicCredentials(SecurityToken.class)) {
                        if (securityToken2 != null) {
                            if (TokenUtils.tc.isDebugEnabled()) {
                                Tr.debug(TokenUtils.tc, "Found SecurityToken in publicCredential: id[" + securityToken2.getId() + "], valueType[" + securityToken2.getValueType() + "]");
                            }
                        } else if (TokenUtils.tc.isDebugEnabled()) {
                            Tr.debug(TokenUtils.tc, "NO SecurityToken is found to be processed...");
                        }
                        if (qName.equals(securityToken2.getValueType())) {
                            if (TokenUtils.tc.isDebugEnabled()) {
                                Tr.debug(TokenUtils.tc, "ValueTypes match.  Adding token to list.");
                            }
                            arrayList3.add(securityToken2);
                        }
                    }
                    return arrayList3;
                }
            });
            if (tc.isDebugEnabled()) {
                if (arrayList2 == null || arrayList2.isEmpty()) {
                    Tr.debug(tc, "Could not find SecurityToken.");
                } else {
                    Tr.debug(tc, "Found SecurityToken from runAsSubject: " + arrayList2);
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getSecurityTokenFromSubject returns [" + (arrayList2 != null ? arrayList2.getClass().getName() : "null") + "]");
            }
            return arrayList2;
        } catch (Exception e) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception getting SecurityToken from Subject.", new Object[]{e});
            }
            throw new SoapSecurityException(e.getMessage(), e.getCause());
        }
    }

    public static SecurityToken getOneTokenFromSubject(final Subject subject, final QName qName) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getOneTokenFromSubject() valueType[" + qName + "], Subject[" + subject + "]");
        }
        if (subject == null) {
            return null;
        }
        try {
            SecurityToken securityToken = (SecurityToken) AccessController.doPrivileged(new PrivilegedExceptionAction() { // from class: com.ibm.ws.wssecurity.util.TokenUtils.2
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    Iterator it = subject.getPrivateCredentials(SecurityToken.class).iterator();
                    if (it.hasNext()) {
                        SecurityToken securityToken2 = (SecurityToken) it.next();
                        if (securityToken2 != null) {
                            if (TokenUtils.tc.isDebugEnabled()) {
                                Tr.debug(TokenUtils.tc, "Found SecurityToken in PrivateCredential: id[" + securityToken2.getId() + "], valueType[" + securityToken2.getValueType() + "]");
                            }
                        } else if (TokenUtils.tc.isDebugEnabled()) {
                            Tr.debug(TokenUtils.tc, "NO SecurityToken is found to be processed...");
                        }
                        if (qName.equals(securityToken2.getValueType())) {
                            return securityToken2;
                        }
                    }
                    Iterator it2 = subject.getPublicCredentials(SecurityToken.class).iterator();
                    if (!it2.hasNext()) {
                        return null;
                    }
                    SecurityToken securityToken3 = (SecurityToken) it2.next();
                    if (securityToken3 != null) {
                        if (TokenUtils.tc.isDebugEnabled()) {
                            Tr.debug(TokenUtils.tc, "Found SecurityToken in publicCredential: id[" + securityToken3.getId() + "], valueType[" + securityToken3.getValueType() + "]");
                        }
                    } else if (TokenUtils.tc.isDebugEnabled()) {
                        Tr.debug(TokenUtils.tc, "NO SecurityToken is found to be processed...");
                    }
                    if (qName.equals(securityToken3.getValueType())) {
                        return securityToken3;
                    }
                    return null;
                }
            });
            if (tc.isDebugEnabled()) {
                if (securityToken == null) {
                    Tr.debug(tc, "Could not find SecurityToken.");
                } else {
                    Tr.debug(tc, "Found SecurityToken from runAsSubject: " + securityToken);
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getOneTokenFromSubject()");
            }
            return securityToken;
        } catch (Exception e) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception getting SecurityToken from Subject.", new Object[]{e});
            }
            throw new SoapSecurityException(e.getMessage(), e.getCause());
        }
    }

    public static Subject getRunAsSubject(final MessageContext messageContext) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getRunAsSubject");
        }
        Subject subject = null;
        final WSSContext wSSContextFactory = WSSContextFactory.getInstance();
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Found a WSSContext: " + wSSContextFactory.toString());
        }
        if (wSSContextFactory != null) {
            try {
                subject = (Subject) AccessController.doPrivileged(new PrivilegedExceptionAction() { // from class: com.ibm.ws.wssecurity.util.TokenUtils.3
                    @Override // java.security.PrivilegedExceptionAction
                    public Object run() throws Exception {
                        return WSSContext.this.getRunAsSubject(messageContext);
                    }
                });
            } catch (Exception e) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Unable to get RunAsSubject.");
                }
            }
        } else if (tc.isDebugEnabled()) {
            Tr.debug(tc, "No WSSContext is found. Return.");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getRunAsSubject returns [" + (subject != null ? subject.toString() : "null") + "]");
        }
        return subject;
    }

    public static final void removePrivateData(Subject subject, Map<Object, Object> map) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "removePrivateData(Subject, context)");
        }
        if (removePrivateData(map)) {
            removePrivateData(subject);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "removePrivateData(Subject, context)");
        }
    }

    public static final void removePrivateData(final Subject subject) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "removePrivateData(Subject)");
        }
        AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: com.ibm.ws.wssecurity.util.TokenUtils.4
            @Override // java.security.PrivilegedAction
            public Object run() {
                for (Object obj : subject.getPublicCredentials()) {
                    if (obj != null) {
                        if (obj instanceof UsernameTokenImpl) {
                            ((UsernameTokenImpl) obj).setPassword(null);
                            if (TokenUtils.tc.isDebugEnabled()) {
                                Tr.debug(TokenUtils.tc, "Remove password from UsernameToken: " + obj);
                            }
                        } else if (obj instanceof SAMLTokenImpl) {
                            SAMLTokenImpl sAMLTokenImpl = (SAMLTokenImpl) obj;
                            sAMLTokenImpl.setHolderOfKeyBytes(null);
                            TokenUtils.removeKeys(sAMLTokenImpl);
                            if (TokenUtils.tc.isDebugEnabled()) {
                                Tr.debug(TokenUtils.tc, "Remove Keys from SAMLToken: " + obj);
                            }
                        } else if (obj instanceof KRB5TokenImpl) {
                            KRB5TokenImpl kRB5TokenImpl = (KRB5TokenImpl) obj;
                            kRB5TokenImpl.setAPREQKeyByte(null);
                            TokenUtils.removeKeys(kRB5TokenImpl);
                            if (TokenUtils.tc.isDebugEnabled()) {
                                Tr.debug(TokenUtils.tc, "Remove keys from KRB5Token: " + obj);
                            }
                        } else if (obj instanceof SecurityTokenImpl) {
                            TokenUtils.removeKeys((SecurityTokenImpl) obj);
                            if (TokenUtils.tc.isDebugEnabled()) {
                                Tr.debug(TokenUtils.tc, "Remove privateObject from SecurityTokenImpl: " + obj);
                            }
                        } else if (TokenUtils.tc.isDebugEnabled()) {
                            Tr.debug(TokenUtils.tc, "Public object already in Subject: " + obj);
                        }
                    }
                }
                for (Object obj2 : subject.getPrivateCredentials()) {
                    if (obj2 != null) {
                        if (obj2 instanceof UsernameTokenImpl) {
                            ((UsernameTokenImpl) obj2).setPassword(null);
                            if (TokenUtils.tc.isDebugEnabled()) {
                                Tr.debug(TokenUtils.tc, "Remove password from UsernameToken: " + obj2);
                            }
                        } else if (obj2 instanceof SAMLTokenImpl) {
                            SAMLTokenImpl sAMLTokenImpl2 = (SAMLTokenImpl) obj2;
                            sAMLTokenImpl2.setHolderOfKeyBytes(null);
                            TokenUtils.removeKeys(sAMLTokenImpl2);
                            if (TokenUtils.tc.isDebugEnabled()) {
                                Tr.debug(TokenUtils.tc, "Remove Keys from SAMLToken: " + obj2);
                            }
                        } else if (obj2 instanceof KRB5TokenImpl) {
                            KRB5TokenImpl kRB5TokenImpl2 = (KRB5TokenImpl) obj2;
                            kRB5TokenImpl2.setAPREQKeyByte(null);
                            TokenUtils.removeKeys(kRB5TokenImpl2);
                            if (TokenUtils.tc.isDebugEnabled()) {
                                Tr.debug(TokenUtils.tc, "Remove keys from KRB5Token: " + obj2);
                            }
                        } else if (obj2 instanceof SecurityTokenImpl) {
                            TokenUtils.removeKeys((SecurityTokenImpl) obj2);
                            if (TokenUtils.tc.isDebugEnabled()) {
                                Tr.debug(TokenUtils.tc, "Remove keys from SecurityTokenImpl: " + obj2);
                            }
                        } else if (TokenUtils.tc.isDebugEnabled()) {
                            Tr.debug(TokenUtils.tc, "Public object already in Subject: " + obj2);
                        }
                    }
                }
                for (Principal principal : subject.getPrincipals()) {
                    if (principal != null) {
                        if (!subject.getPrincipals().contains(principal)) {
                            if (TokenUtils.tc.isDebugEnabled()) {
                                Tr.debug(TokenUtils.tc, "Adding principal object to Subject: " + principal);
                            }
                            subject.getPrincipals().add(principal);
                        } else if (TokenUtils.tc.isDebugEnabled()) {
                            Tr.debug(TokenUtils.tc, "Principal object already in Subject: " + principal);
                        }
                    }
                }
                return null;
            }
        });
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "removePrivateData(Subject)");
        }
    }

    public static final void replaceSCT(final Subject subject, Map<Object, Object> map) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "replaceSCT(Subject, context)");
        }
        if (removePrivateData(map)) {
            AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: com.ibm.ws.wssecurity.util.TokenUtils.5
                @Override // java.security.PrivilegedAction
                public Object run() {
                    TokenUtils.replaceSCT(subject);
                    return null;
                }
            });
        }
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "replaceSCT(Subject, context)");
        }
    }

    public static final void replaceSCT(Subject subject) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "replaceSCT(Subject)");
        }
        Vector vector = new Vector();
        for (Object obj : subject.getPublicCredentials()) {
            if (obj != null) {
                if (obj instanceof SCT) {
                    vector.add((SCT) obj);
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Remove SCT: " + obj);
                    }
                } else if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Not a SCT: " + obj);
                }
            }
        }
        if (vector != null && !vector.isEmpty()) {
            Iterator it = vector.iterator();
            while (it.hasNext()) {
                SCT sct = (SCT) it.next();
                AuthenticationTokenImpl authenticationTokenImpl = (AuthenticationTokenImpl) _sctTokenFactory.getToken(true);
                authenticationTokenImpl.setValueType(sct.getValueType());
                authenticationTokenImpl.setUniqueID(sct.getUUID());
                authenticationTokenImpl.setXML(sct.getXML());
                replaceToken(subject, true, sct, authenticationTokenImpl);
            }
        }
        Vector vector2 = new Vector();
        for (Object obj2 : subject.getPrivateCredentials()) {
            if (obj2 != null) {
                if (obj2 instanceof SCT) {
                    vector2.add((SCT) obj2);
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Remove SCT: " + obj2);
                    }
                } else if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Not a SCT: " + obj2);
                }
            }
        }
        if (vector2 != null && !vector2.isEmpty()) {
            Iterator it2 = vector2.iterator();
            while (it2.hasNext()) {
                SCT sct2 = (SCT) it2.next();
                AuthenticationTokenImpl authenticationTokenImpl2 = (AuthenticationTokenImpl) _sctTokenFactory.getToken(true);
                authenticationTokenImpl2.setValueType(sct2.getValueType());
                authenticationTokenImpl2.setUniqueID(sct2.getUUID());
                authenticationTokenImpl2.setXML(sct2.getXML());
                replaceToken(subject, false, sct2, authenticationTokenImpl2);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "replaceSCT(Subject)");
        }
    }

    public static final void removeDKT(final Subject subject, Map<Object, Object> map) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "removeDKT(Subject)");
        }
        if (removeAuxiliarySecurityTokens(map)) {
            AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: com.ibm.ws.wssecurity.util.TokenUtils.6
                @Override // java.security.PrivilegedAction
                public Object run() {
                    TokenUtils.removeDKT(subject);
                    return null;
                }
            });
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "removeDKT(Subject)");
        }
    }

    public static final void removeDKT(Subject subject) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "removeDKT(Subject)");
        }
        Vector vector = new Vector();
        for (Object obj : subject.getPublicCredentials()) {
            if (obj != null) {
                if (obj instanceof DKToken) {
                    vector.add((DKToken) obj);
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Remove DKT: " + obj);
                    }
                } else if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "not a DKT: " + obj);
                }
            }
        }
        if (vector != null && !vector.isEmpty()) {
            Iterator it = vector.iterator();
            while (it.hasNext()) {
                removeToken(subject, true, (DKToken) it.next());
            }
        }
        Vector vector2 = new Vector();
        for (Object obj2 : subject.getPrivateCredentials()) {
            if (obj2 != null) {
                if (obj2 instanceof DKToken) {
                    vector2.add((DKToken) obj2);
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Remove DKT: " + obj2);
                    }
                } else if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Not a DKT: " + obj2);
                }
            }
        }
        if (vector2 != null && !vector2.isEmpty()) {
            Iterator it2 = vector2.iterator();
            while (it2.hasNext()) {
                removeToken(subject, false, (DKToken) it2.next());
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "removeDKT(Subject)");
        }
    }

    public static final void removeLtpaPropToken(final Subject subject, Map<Object, Object> map) {
        final SecurityToken securityToken;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "removeLtpaPropToken(Subject)");
        }
        if (removeAuxiliarySecurityTokens(map) && (securityToken = (SecurityToken) map.remove(Constants.PROPAGATED_SECURITY_CONTEXT)) != null) {
            AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: com.ibm.ws.wssecurity.util.TokenUtils.7
                @Override // java.security.PrivilegedAction
                public Object run() {
                    TokenUtils.removeToken(subject, true, securityToken);
                    TokenUtils.removeToken(subject, false, securityToken);
                    return null;
                }
            });
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "removeLtpaPropToken(Subject)");
        }
    }

    public static final void replaceToken(final Subject subject, final boolean z, final SecurityToken securityToken, final SecurityToken securityToken2) {
        if (tc.isEntryEnabled()) {
            StringBuffer stringBuffer = new StringBuffer("replaceToken(");
            stringBuffer.append("SecurityToken token[").append(securityToken).append("])");
            Tr.entry(tc, stringBuffer.toString());
        }
        if (securityToken != null && securityToken2 != null) {
            AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: com.ibm.ws.wssecurity.util.TokenUtils.8
                @Override // java.security.PrivilegedAction
                public Object run() {
                    if (z) {
                        subject.getPublicCredentials().remove(securityToken);
                        subject.getPublicCredentials().add(securityToken2);
                        return null;
                    }
                    subject.getPrivateCredentials().remove(securityToken);
                    subject.getPrivateCredentials().add(securityToken2);
                    return null;
                }
            });
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "replaceToken(SecurityToken)");
        }
    }

    public static final void replaceToken(final Subject subject, final SecurityToken securityToken, final SecurityToken securityToken2) {
        if (tc.isEntryEnabled()) {
            StringBuffer stringBuffer = new StringBuffer("replaceToken(");
            stringBuffer.append("SecurityToken token[").append(securityToken).append("])");
            Tr.entry(tc, stringBuffer.toString());
        }
        if (securityToken != null && securityToken2 != null) {
            AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: com.ibm.ws.wssecurity.util.TokenUtils.9
                @Override // java.security.PrivilegedAction
                public Object run() {
                    if (subject.getPublicCredentials().contains(securityToken)) {
                        subject.getPublicCredentials().remove(securityToken);
                        subject.getPublicCredentials().add(securityToken2);
                    }
                    if (!subject.getPrivateCredentials().contains(securityToken)) {
                        return null;
                    }
                    subject.getPrivateCredentials().remove(securityToken);
                    subject.getPrivateCredentials().add(securityToken2);
                    return null;
                }
            });
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "replaceToken(SecurityToken)");
        }
    }

    public static final void removeToken(final Subject subject, final boolean z, final SecurityToken securityToken) {
        if (tc.isEntryEnabled()) {
            StringBuffer stringBuffer = new StringBuffer("removeToken(");
            stringBuffer.append("SecurityToken token[").append(securityToken).append("])");
            Tr.entry(tc, stringBuffer.toString());
        }
        if (securityToken != null) {
            AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: com.ibm.ws.wssecurity.util.TokenUtils.10
                @Override // java.security.PrivilegedAction
                public Object run() {
                    if (z) {
                        subject.getPublicCredentials().remove(securityToken);
                        return null;
                    }
                    subject.getPrivateCredentials().remove(securityToken);
                    return null;
                }
            });
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "removeToken(SecurityToken)");
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void removeKeys(SecurityTokenImpl securityTokenImpl) {
        securityTokenImpl.setKey(61, null);
        securityTokenImpl.setKey(64, null);
        securityTokenImpl.setKey(62, null);
        securityTokenImpl.setKey(63, null);
    }

    public static final boolean removePrivateData(Map<Object, Object> map) {
        WSSConsumerConfig wSSConsumerConfig;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "removePrivateData(context)");
        }
        boolean z = true;
        if (map != null && (wSSConsumerConfig = (WSSConsumerConfig) map.get("com.ibm.wsspi.wssecurity.config.wssConsumer.configKey")) != null && !wSSConsumerConfig.isRemoveSensitiveUserData()) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "removePrivateData(context) is false.");
            }
            z = false;
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "removePrivateData(context):" + z);
        }
        return z;
    }

    private static final boolean removeAuxiliarySecurityTokens(Map<Object, Object> map) {
        WSSConsumerConfig wSSConsumerConfig;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "removeAuxiliarySecurityTokens(context)");
        }
        boolean z = true;
        if (map != null && (wSSConsumerConfig = (WSSConsumerConfig) map.get("com.ibm.wsspi.wssecurity.config.wssConsumer.configKey")) != null && !wSSConsumerConfig.isRemoveAuxiliarySecurityTokens()) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "removePrivateData(context) is false.");
            }
            z = false;
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "removeAuxiliarySecurityTokens(context):" + z);
        }
        return z;
    }

    public static SecurityToken getOneTokenFromPropagationHash(Map<Object, Object> map, QName qName) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getOneTokenFromPropagationHash(Map[" + ConfigUtil.getObjState(map) + "], valueType[" + qName + "]");
        }
        SecurityToken securityToken = null;
        if (map != null) {
            securityToken = getOneTokenFromPropagationHash((MessageContext) map.get(com.ibm.wsspi.wssecurity.core.Constants.WSSECURITY_MESSAGE_CONTEXT), qName);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getOneTokenFromPropagationHash(Map) returns [" + ConfigUtil.getObjState(securityToken) + "]");
        }
        return securityToken;
    }

    public static SecurityToken getOneTokenFromPropagationHash(MessageContext messageContext, QName qName) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getOneTokenFromPropagationHash(Map[" + ConfigUtil.getObjState(messageContext) + "], valueType[" + qName + "]");
        }
        SecurityToken oneTokenFromHash = getOneTokenFromHash(messageContext, qName, com.ibm.wsspi.wssecurity.core.Constants.WSSECURITY_TOKEN_PROPERGATION);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getOneTokenFromPropagationHash(MessageContext) returns [" + ConfigUtil.getObjState(oneTokenFromHash) + "]");
        }
        return oneTokenFromHash;
    }

    public static SecurityToken getOneTokenFromCustomerHash(MessageContext messageContext, QName qName) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getOneTokenFromCustomerHash(Map[" + ConfigUtil.getObjState(messageContext) + "], valueType[" + qName + "]");
        }
        SecurityToken oneTokenFromHash = getOneTokenFromHash(messageContext, qName, com.ibm.wsspi.wssecurity.core.Constants.CUSTOMER_TOKEN_HOLDER);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getOneTokenFromCustomerHash(Map) returns [" + ConfigUtil.getObjState(oneTokenFromHash) + "]");
        }
        return oneTokenFromHash;
    }

    public static SecurityToken getOneTokenFromHash(MessageContext messageContext, QName qName, String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getOneTokenFromHash(MessageContext[" + ConfigUtil.getObjState(messageContext) + "], valueType[" + qName + "], ContextPropertyName[" + str + "])");
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Checking for token on MessageContext [" + str + "]");
        }
        SecurityToken securityToken = null;
        if (messageContext != null && qName != null) {
            securityToken = getOneTokenFromList(getSecurityTokenArrayListFromContextEntry(messageContext, str), qName);
        }
        if (securityToken == null && tc.isDebugEnabled()) {
            Tr.debug(tc, "No token with valueType[" + qName + "] found.");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getOneTokenFromHash(MessageContext) returns [" + (securityToken != null ? securityToken.getClass().getName() : "null") + "]");
        }
        return securityToken;
    }

    public static SecurityToken getOneTokenFromSharedState(Map map, QName qName, boolean z) {
        return getOneTokenFromSharedState(map, qName, getSharedStateProp(z));
    }

    public static SecurityToken getOneTokenFromSharedState(Map map, QName qName, String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getOneTokenFromSharedState(sharedState[" + ConfigUtil.getObjState(map) + "], valueType[" + qName + "], propName[" + str + "])");
        }
        SecurityToken securityToken = null;
        if (map != null && qName != null) {
            securityToken = getOneTokenFromList(getSharedStateTokensAsArrayList(map, str), qName);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getOneTokenFromSharedState returns [" + (securityToken != null ? securityToken.getClass().getName() : "null") + "]");
        }
        return securityToken;
    }

    public static ArrayList getSecurityTokenArrayListFromPropagationHash(MessageContext messageContext) {
        return getSecurityTokenArrayListFromContextEntry(messageContext, com.ibm.wsspi.wssecurity.core.Constants.WSSECURITY_TOKEN_PROPERGATION);
    }

    public static ArrayList getSecurityTokenArrayListFromCustomerHash(MessageContext messageContext) {
        return getSecurityTokenArrayListFromContextEntry(messageContext, com.ibm.wsspi.wssecurity.core.Constants.CUSTOMER_TOKEN_HOLDER);
    }

    public static ArrayList getSecurityTokenArrayListFromContextEntry(MessageContext messageContext, String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSecurityTokenArrayListFromContextEntry(MessageContext[" + ConfigUtil.getObjState(messageContext) + "], ContextPropertyName[" + str + "])");
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Getting token ArrayList from MessageContext [" + str + "]");
        }
        ArrayList arrayList = null;
        if (messageContext != null && ConfigUtil.hasValue(str)) {
            Object property = Axis2Util.getProperty(messageContext, str);
            if (property != null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "[" + str + "] found on MessageContext");
                }
                arrayList = convertToArrayList(property);
            }
        } else if (tc.isDebugEnabled()) {
            Tr.debug(tc, str + " not found on MessageContext");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSecurityTokenArrayListFromContextEntry returns [" + (arrayList != null ? arrayList.getClass().getName() : "null") + "]");
        }
        return arrayList;
    }

    public static ArrayList getSharedStateTokensAsArrayList(Map map, String str) {
        return getSecurityTokenArrayListFromMapEntry(map, str);
    }

    public static ArrayList getSecurityTokenArrayListFromMapEntry(Map map, String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSecurityTokenArrayListFromMapEntry(map[" + ConfigUtil.getObjState(map) + "], key[" + str + "])");
        }
        ArrayList arrayList = null;
        if (map != null && ConfigUtil.hasValue(str)) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Getting map entry.");
            }
            Object obj = map.get(str);
            if (obj != null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "[" + str + "] Object found in map");
                }
                arrayList = convertToArrayList(obj);
            }
        } else if (tc.isDebugEnabled()) {
            Tr.debug(tc, str + " not in map");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSecurityTokenArrayListFromMapEntry returns [" + (arrayList != null ? arrayList.getClass().getName() : "null") + "]");
        }
        return arrayList;
    }

    private static ArrayList convertToArrayList(Object obj) {
        ArrayList arrayList = null;
        if (obj != null) {
            if (obj instanceof ArrayList) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Object is an ArrayList");
                }
                arrayList = (ArrayList) obj;
            } else if (obj instanceof SecurityToken) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Object is a SecurityToken");
                }
                arrayList = new ArrayList();
                arrayList.add(obj);
            } else if (obj instanceof List) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Object is a List");
                }
                arrayList = new ArrayList((List) obj);
            } else if (obj instanceof Map) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Object is a Map");
                }
                arrayList = new ArrayList(((Map) obj).values());
            }
        }
        return arrayList;
    }

    private static boolean equalsTokenValueType(SecurityToken securityToken, QName qName) {
        boolean z = false;
        if (securityToken != null && qName != null && qName.equals(securityToken.getValueType())) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "SecurityToken with valueType[" + qName + "] found");
            }
            z = true;
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "equalsTokenValueType(token[" + (securityToken != null ? securityToken.getValueType() : "null") + "], valueType[" + qName + "]) returns " + z);
        }
        return z;
    }

    private static SecurityToken getOneTokenFromList(List list, QName qName) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getOneTokenFromList(tokenList[" + ConfigUtil.getObjState(list) + "] valueType[" + qName + "])");
        }
        SecurityToken securityToken = null;
        if (list != null) {
            Iterator it = list.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                Object next = it.next();
                if (next instanceof SecurityToken) {
                    SecurityToken securityToken2 = (SecurityToken) next;
                    if (equalsTokenValueType(securityToken2, qName)) {
                        securityToken = securityToken2;
                        break;
                    }
                }
            }
        } else if (tc.isDebugEnabled()) {
            Tr.exit(tc, "tokenList is null");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getOneTokenFromList returns [" + ConfigUtil.getObjState(securityToken) + "]");
        }
        return securityToken;
    }

    public static SecurityToken getCustomerToken(MessageContext messageContext, Map map, CallbackHandlerConfig callbackHandlerConfig, QName qName, boolean z) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getCustomerToken(messageContext[" + ConfigUtil.getObjState(messageContext) + "], sharedState[" + (map == null ? "null" : "not null") + "], chConfig[" + (callbackHandlerConfig == null ? "null" : "not null") + "], valueType[" + qName + "],isGenerator[" + z + "])");
        }
        SecurityToken securityToken = null;
        if (map != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Checking for token on shared state");
            }
            securityToken = getOneTokenFromSharedState(map, qName, z);
        }
        Map<Object, Object> map2 = null;
        if (callbackHandlerConfig != null) {
            map2 = callbackHandlerConfig.getProperties();
            if (map2 == null && tc.isDebugEnabled()) {
                Tr.debug(tc, "chConfig.getProperties() is null.");
            }
        }
        if (securityToken == null && map2 != null && messageContext != null) {
            boolean isTrueProperty = ConfigUtil.getIsTrueProperty(map2, com.ibm.wsspi.wssecurity.core.Constants.ENABLE_CAPTURE_TOKEN_CONTEXT);
            boolean isTrueProperty2 = ConfigUtil.getIsTrueProperty(map2, com.ibm.wsspi.wssecurity.core.Constants.ENABLE_CAPTURE_TOKEN_INBOUND);
            if (isTrueProperty) {
                securityToken = getOneTokenFromCustomerHash(messageContext, qName);
            }
            if (securityToken == null && isTrueProperty2) {
                securityToken = getOneTokenFromPropagationHash(messageContext, qName);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getCustomerToken returns [" + (securityToken != null ? securityToken.getClass().getName() : "null") + "]");
        }
        return securityToken;
    }

    public static String getSharedStateProp(boolean z) {
        return z ? com.ibm.wsspi.wssecurity.core.Constants.WSSECURITY_TOKEN_TO_BE_INSERTED : com.ibm.wsspi.wssecurity.core.Constants.WSSECURITY_TOKEN_PROCESSED;
    }

    public static void putTokenToSharedState(Map map, SecurityToken securityToken, boolean z) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "putTokenToSharedState(sharedState[" + ConfigUtil.getObjState(map) + "], token[" + (securityToken == null ? "null" : securityToken.getValueType()) + "], isGenerator[" + z + "])");
        }
        if (map != null && securityToken != null) {
            String sharedStateProp = getSharedStateProp(z);
            List sharedStateList = getSharedStateList(map, sharedStateProp);
            sharedStateList.add(securityToken);
            map.put(sharedStateProp, sharedStateList);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "putTokenToSharedState");
        }
    }

    public static void putTokenToSharedState(Map map, List<SecurityToken> list, boolean z) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "putTokenToSharedState(sharedState[" + ConfigUtil.getObjState(map) + "], tokenList[" + (list == null ? "null" : list.getClass().getName()) + "], isGenerator[" + z + "])");
        }
        if (map != null && list != null) {
            String sharedStateProp = getSharedStateProp(z);
            List sharedStateList = getSharedStateList(map, sharedStateProp);
            sharedStateList.addAll(list);
            map.put(sharedStateProp, sharedStateList);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "putTokenToSharedState");
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v18, types: [java.util.List] */
    public static List getSharedStateList(Map map, String str) {
        ArrayList arrayList;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSharedStateList [" + str + "]");
        }
        Object obj = map.get(str);
        if (obj == null) {
            arrayList = new ArrayList();
        } else if (obj instanceof List) {
            arrayList = (List) obj;
        } else {
            arrayList = new ArrayList();
            if (obj instanceof SecurityToken) {
                arrayList.add(obj);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSharedStateList");
        }
        return arrayList;
    }

    public static void putAuthenticatedTokenToSharedState(Map map, SecurityToken securityToken) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "putAuthenticatedTokenToSharedState(sharedState[" + ConfigUtil.getObjState(map) + "], token[" + (securityToken == null ? "null" : securityToken.getValueType()) + "]");
        }
        if (map != null && securityToken != null) {
            List sharedStateList = getSharedStateList(map, com.ibm.wsspi.wssecurity.core.Constants.WSSECURITY_TRUSTED_IDENTITY);
            sharedStateList.add(securityToken);
            map.put(com.ibm.wsspi.wssecurity.core.Constants.WSSECURITY_TRUSTED_IDENTITY, sharedStateList);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "putAuthenticatedTokenToSharedState");
        }
    }

    public static SecurityToken getAuthenticatedTokenFromSharedState(Map map, QName qName) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getAuthenticatedTokenFromSharedState(sharedState[" + ConfigUtil.getObjState(map) + "], valueType[" + qName + "])");
        }
        SecurityToken oneTokenFromSharedState = getOneTokenFromSharedState(map, qName, com.ibm.wsspi.wssecurity.core.Constants.WSSECURITY_TRUSTED_IDENTITY);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getAuthenticatedTokenFromSharedState returns [" + (oneTokenFromSharedState != null ? oneTokenFromSharedState.getClass().getName() : "null") + "]");
        }
        return oneTokenFromSharedState;
    }

    public static void putBehalfOfTokenToSharedState(Map map, SecurityToken securityToken) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "putBehalfOfTokenToSharedState(sharedState[" + ConfigUtil.getObjState(map) + "], token[" + (securityToken == null ? "null" : securityToken.getValueType()) + "]");
        }
        if (map != null && securityToken != null) {
            List sharedStateList = getSharedStateList(map, WSSECURITY_BEHALF_OF_TOKEN);
            sharedStateList.add(securityToken);
            map.put(WSSECURITY_BEHALF_OF_TOKEN, sharedStateList);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "putBehalfOfTokenToSharedState");
        }
    }

    public static SecurityToken getBehalfOfTokenFromSharedState(Map map, QName qName) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getBehalfOfTokenFromSharedState(sharedState[" + ConfigUtil.getObjState(map) + "], valueType[" + qName + "])");
        }
        SecurityToken oneTokenFromSharedState = getOneTokenFromSharedState(map, qName, WSSECURITY_BEHALF_OF_TOKEN);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getBehalfOfTokenFromSharedState returns [" + (oneTokenFromSharedState != null ? oneTokenFromSharedState.getClass().getName() : "null") + "]");
        }
        return oneTokenFromSharedState;
    }
}
