package com.ibm.ws.security.config;

import com.ibm.ISecurityUtilityImpl.AuthenticationTarget;
import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ws.security.jaspi.commands.AdminConstants;

/* loaded from: input_file:com/ibm/ws/security/config/CSIv2MessageLayerConfig.class */
class CSIv2MessageLayerConfig extends CSIv2LayerConfig {
    public static final String SUPPORTED_AUTH_MECH_LIST = "supportedAuthMechList";
    public static final String AUTHENTICATION_LAYER_RETRY_COUNT = "authenticationLayerRetryCount";
    public static final String AUTHENTICATION_LAYER_RETRY_ENABLED = "authenticationRetryEnabled";
    protected static final String SUPPORTED_AUTH_MECH_LIST_DEFAULT = "ltpa|basicAuth|custom";
    protected TraceComponent tc;

    /* JADX INFO: Access modifiers changed from: protected */
    public CSIv2MessageLayerConfig(SecurityConfigObject securityConfigObject, GenericConfigHelperImpl genericConfigHelperImpl, String str) {
        super(securityConfigObject, genericConfigHelperImpl, str);
        this.tc = Tr.register(CSIv2MessageLayerConfig.class, "SecurityConfig", AdminConstants.MSG_BUNDLE_NAME);
        if (SecurityConfigGlobals.enableVerbose && this.tc.isEntryEnabled()) {
            Tr.entry(this.tc, "ctor " + str, new Object[]{securityConfigObject, genericConfigHelperImpl});
        }
        if (!securityConfigObject.instanceOf("http://www.ibm.com/websphere/appserver/schemas/5.0/orb.securityprotocol.xmi", "MessageLayer")) {
            throw new RuntimeException("Invalid SCO paased to CSIv2MessageLayerConfig constructor, must be an SCO pointing to CSIv2 MessageLayer object");
        }
        initialize_defaults();
        addXMLAttributes();
        initialize();
        if (SecurityConfigGlobals.enableVerbose && this.tc.isEntryEnabled()) {
            Tr.exit(this.tc, "ctor" + this.cacheKey, this);
        }
    }

    private void initialize_defaults() {
        this.defaults.put(SUPPORTED_AUTH_MECH_LIST, null);
        this.defaults.put(AUTHENTICATION_LAYER_RETRY_COUNT, 0);
        this.defaults.put(AUTHENTICATION_LAYER_RETRY_ENABLED, Boolean.FALSE);
    }

    private void addXMLAttributes() {
        this.xmlAttributes.add(SUPPORTED_AUTH_MECH_LIST);
        this.xmlAttributes.add(AUTHENTICATION_LAYER_RETRY_COUNT);
    }

    private void initialize() {
        String string = getString(SUPPORTED_AUTH_MECH_LIST);
        if (string == null) {
            string = SUPPORTED_AUTH_MECH_LIST_DEFAULT;
            setString(SUPPORTED_AUTH_MECH_LIST, SUPPORTED_AUTH_MECH_LIST_DEFAULT);
        }
        if (SecurityConfigGlobals.enableVerbose && this.tc.isDebugEnabled()) {
            Tr.debug(this.tc, "SUPPORTED_AUTH_MECH_LIST=" + string);
        }
        if (string.length() == 0) {
            if (getRequiredQOP().getBoolean(CSIv2QOPConfig.ESTABLISH_TRUST_IN_CLIENT) || getSupportedQOP().getBoolean(CSIv2QOPConfig.ESTABLISH_TRUST_IN_CLIENT)) {
                throw new IllegalStateException("Invalid empty string for supportedAuthMechList");
            }
        }
        if (getRequiredQOP().getBoolean(CSIv2QOPConfig.ESTABLISH_TRUST_IN_CLIENT) || getSupportedQOP().getBoolean(CSIv2QOPConfig.ESTABLISH_TRUST_IN_CLIENT)) {
            for (String str : string.split("\\|")) {
                String lowerCase = str.toLowerCase();
                if (!lowerCase.equalsIgnoreCase(AuthenticationTarget.KRB5String) && !lowerCase.equalsIgnoreCase(AuthenticationTarget.LTPAString) && !lowerCase.equalsIgnoreCase(AuthenticationTarget.RSATokenString) && !lowerCase.equalsIgnoreCase(AuthenticationTarget.BasicAuthString) && !lowerCase.equalsIgnoreCase("custom")) {
                    throw new IllegalStateException("A value defined in supportedAuthMechList is invalid. The value is:" + lowerCase);
                }
            }
        }
        if (getInteger(AUTHENTICATION_LAYER_RETRY_COUNT) > 0) {
            setBoolean(AUTHENTICATION_LAYER_RETRY_ENABLED, Boolean.TRUE);
        } else {
            setBoolean(AUTHENTICATION_LAYER_RETRY_ENABLED, Boolean.FALSE);
        }
    }

    @Override // com.ibm.ws.security.config.CSIv2LayerConfig
    public String getType() {
        return "MessageLayer";
    }
}
