package com.ibm.ws.transport.iiop.security.config.tss;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.ws.config.xml.internal.nester.Nester;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.transport.iiop.security.util.HelperConstants;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.omg.CSIIOP.TransportAddress;
import org.osgi.framework.Bundle;

@InjectedFFDC
@TraceObjectField(fieldName = "$$$tc$$$", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:com/ibm/ws/transport/iiop/security/config/tss/TSSConfigHelper.class */
public class TSSConfigHelper implements HelperConstants {
    private static final String CSIV2_CONFIGURATION = "csiv2Configuration";
    private static final String PRIVILEGE_AUTHORITY = "privilegeAuthority";
    private static final String GENERAL_NAME = "generalName";
    private static final String TARGET_NAME = "targetName";
    private static final String REQUIRED = "required";
    private static final String IDENTITY_TOKEN_TYPES = "identityTokenTypes";
    private static final String SERVICE_CONFIGURATION_LIST = "serviceConfigurationList";
    static final long serialVersionUID = -5980153257558162594L;
    private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(TSSConfigHelper.class);

    public static TSSConfig getTSSConfig(Map<String, Object> map, Map<OptionsKey, List<TransportAddress>> map2, Bundle bundle) throws Exception {
        TSSConfig tSSConfig = new TSSConfig();
        List<Map<String, Object>> nest = Nester.nest(CSIV2_CONFIGURATION, map);
        if (!nest.isEmpty()) {
            Map<String, Object> map3 = nest.get(0);
            List<Map<String, Object>> nest2 = Nester.nest(HelperConstants.COMPOUND_SEC_MECH_TYPE_LIST, map3);
            TSSCompoundSecMechListConfig mechListConfig = tSSConfig.getMechListConfig();
            mechListConfig.setStateful(((Boolean) map3.get("stateful")).booleanValue());
            Iterator<Map<String, Object>> it = nest2.iterator();
            while (it.hasNext()) {
                mechListConfig.add(extractCompoundSecMech(it.next(), map2, bundle));
            }
        }
        return tSSConfig;
    }

    protected static TSSTransportMechConfig extractSSL(Map<String, Object> map, Map<OptionsKey, List<TransportAddress>> map2) {
        TSSSSLTransportConfig tSSSSLTransportConfig = new TSSSSLTransportConfig();
        tSSSSLTransportConfig.setSupports(extractAssociationOptions((String[]) map.get(HelperConstants.SUPPORTS)));
        tSSSSLTransportConfig.setRequires(extractAssociationOptions((String[]) map.get(HelperConstants.REQUIRES)));
        List<TransportAddress> list = map2.get(new OptionsKey(tSSSSLTransportConfig.getSupports(), tSSSSLTransportConfig.getRequires()));
        if (list == null) {
            throw new IllegalStateException("No transport addressses configured for supports: " + map.get(HelperConstants.SUPPORTS) + " and requires: " + map.get(HelperConstants.REQUIRES));
        }
        tSSSSLTransportConfig.setTransportAddresses(list);
        return tSSSSLTransportConfig;
    }

    public static Map<OptionsKey, List<TransportAddress>> extractTransportAddresses(Map<String, Object> map) {
        return extractTransportAddresses(Nester.nest("transportAddress", map));
    }

    protected static Map<OptionsKey, List<TransportAddress>> extractTransportAddresses(List<Map<String, Object>> list) {
        HashMap hashMap = new HashMap();
        for (Map<String, Object> map : list) {
            OptionsKey optionsKey = new OptionsKey(extractAssociationOptions((String[]) map.get(HelperConstants.SUPPORTS)), extractAssociationOptions((String[]) map.get(HelperConstants.REQUIRES)));
            List list2 = (List) hashMap.get(optionsKey);
            if (list2 == null) {
                list2 = new ArrayList();
                hashMap.put(optionsKey, list2);
            }
            list2.add(new TransportAddress((String) map.get("host"), ((Short) map.get("port")).shortValue()));
        }
        return hashMap;
    }

    protected static TSSCompoundSecMechConfig extractCompoundSecMech(Map<String, Object> map, Map<OptionsKey, List<TransportAddress>> map2, Bundle bundle) throws Exception {
        Map<String, List<Map<String, Object>>> nest = Nester.nest(map, HelperConstants.SSL_OPTIONS, "GSSUP", HelperConstants.SAS_MECH);
        TSSCompoundSecMechConfig tSSCompoundSecMechConfig = new TSSCompoundSecMechConfig();
        List<Map<String, Object>> list = nest.get(HelperConstants.SSL_OPTIONS);
        if (list.isEmpty()) {
            tSSCompoundSecMechConfig.setTransport_mech(new TSSNULLTransportConfig());
        } else {
            tSSCompoundSecMechConfig.setTransport_mech(extractSSL(list.get(0), map2));
        }
        List<Map<String, Object>> list2 = nest.get("GSSUP");
        if (list2.isEmpty()) {
            tSSCompoundSecMechConfig.setAs_mech(new TSSNULLASMechConfig());
        } else {
            tSSCompoundSecMechConfig.setAs_mech(extractASMech(list2.get(0)));
        }
        List<Map<String, Object>> list3 = nest.get(HelperConstants.SAS_MECH);
        if (!list3.isEmpty()) {
            tSSCompoundSecMechConfig.setSas_mech(extractSASMech(list3.get(0), bundle));
        }
        return tSSCompoundSecMechConfig;
    }

    protected static TSSASMechConfig extractASMech(Map<String, Object> map) {
        TSSGSSUPMechConfig tSSGSSUPMechConfig = new TSSGSSUPMechConfig();
        tSSGSSUPMechConfig.setTargetName((String) map.get(TARGET_NAME));
        tSSGSSUPMechConfig.setRequired(((Boolean) map.get(REQUIRED)).booleanValue());
        return tSSGSSUPMechConfig;
    }

    protected static TSSSASMechConfig extractSASMech(Map<String, Object> map, Bundle bundle) throws Exception {
        Map<String, List<Map<String, Object>>> nest = Nester.nest(map, SERVICE_CONFIGURATION_LIST, IDENTITY_TOKEN_TYPES);
        TSSSASMechConfig tSSSASMechConfig = new TSSSASMechConfig();
        List<Map<String, Object>> list = nest.get(SERVICE_CONFIGURATION_LIST);
        if (!list.isEmpty()) {
            Map<String, Object> map2 = list.get(0);
            tSSSASMechConfig.setRequired(((Boolean) map2.get(REQUIRED)).booleanValue());
            for (Map<String, Object> map3 : Nester.nest(map2, GENERAL_NAME).get(GENERAL_NAME)) {
                String str = (String) map3.get("config.referenceType");
                if ("com.ibm.ws.transport.iiop.tssGeneralName".equals(str)) {
                    tSSSASMechConfig.addServiceConfigurationConfig(new TSSGeneralNameConfig((String) map3.get(PRIVILEGE_AUTHORITY)));
                } else {
                    if (!"com.ibm.ws.transport.iiop.tssGSSExportedName".equals(str)) {
                        throw new IllegalStateException("Unrecognized service configuration: " + str);
                    }
                    tSSSASMechConfig.addServiceConfigurationConfig(new TSSGSSExportedNameConfig((String) map3.get(PRIVILEGE_AUTHORITY), (String) map3.get(HelperConstants.OID)));
                }
            }
        }
        List<Map<String, Object>> list2 = nest.get(IDENTITY_TOKEN_TYPES);
        if (list2.isEmpty()) {
            tSSSASMechConfig.addIdentityToken(new TSSITTAbsent());
        } else {
            List<Map<String, Object>> nest2 = Nester.nest("ittGroup", list2.get(0));
            if (nest2.isEmpty()) {
                tSSSASMechConfig.addIdentityToken(new TSSITTAbsent());
            } else {
                for (Map<String, Object> map4 : nest2) {
                    String str2 = (String) map4.get("config.referenceType");
                    if ("com.ibm.ws.transport.iiop.tssIttAbsent".equals(str2)) {
                        tSSSASMechConfig.addIdentityToken(new TSSITTAbsent());
                    } else if ("com.ibm.ws.transport.iiop.tssIttAnonymous".equals(str2)) {
                        tSSSASMechConfig.addIdentityToken(new TSSITTAnonymous());
                    } else if ("com.ibm.ws.transport.iiop.tssIttPrincipalNameGSSUP".equals(str2)) {
                        try {
                            Class loadClass = bundle.loadClass((String) map4.get(HelperConstants.PRINCIPAL_CLASS));
                            String str3 = (String) map4.get(HelperConstants.DOMAIN);
                            try {
                                tSSSASMechConfig.addIdentityToken(new TSSITTPrincipalNameGSSUP(loadClass, str3 != null ? (String) map4.get("realm") : null, str3));
                            } catch (NoSuchMethodException e) {
                                FFDCFilter.processException(e, "com.ibm.ws.transport.iiop.security.config.tss.TSSConfigHelper", "259", (Object) null, new Object[]{map, bundle});
                                throw new Exception("Could not find principal class constructor", e);
                            }
                        } catch (ClassNotFoundException e2) {
                            FFDCFilter.processException(e2, "com.ibm.ws.transport.iiop.security.config.tss.TSSConfigHelper", "247", (Object) null, new Object[]{map, bundle});
                            throw new Exception("Could not load principal class", e2);
                        }
                    } else if ("com.ibm.ws.transport.iiop.tssIttDistinguishedName".equals(str2)) {
                        tSSSASMechConfig.addIdentityToken(new TSSITTDistinguishedName(null, null));
                    } else if ("com.ibm.ws.transport.iiop.tssIttX509CertChain".equals(str2)) {
                        tSSSASMechConfig.addIdentityToken(new TSSITTX509CertChain(null, null));
                    }
                }
            }
        }
        return tSSSASMechConfig;
    }

    protected static short extractAssociationOptions(String[] strArr) {
        short s = 0;
        if (strArr != null) {
            for (String str : strArr) {
                HelperConstants.AssociationOptions valueOf = HelperConstants.AssociationOptions.valueOf(str);
                if (HelperConstants.AssociationOptions.NoProtection.equals(valueOf)) {
                    s = (short) (s | 1);
                } else if (HelperConstants.AssociationOptions.Integrity.equals(valueOf)) {
                    s = (short) (s | 2);
                } else if (HelperConstants.AssociationOptions.Confidentiality.equals(valueOf)) {
                    s = (short) (s | 4);
                } else if (HelperConstants.AssociationOptions.DetectReplay.equals(valueOf)) {
                    s = (short) (s | 8);
                } else if (HelperConstants.AssociationOptions.DetectMisordering.equals(valueOf)) {
                    s = (short) (s | 16);
                } else if (HelperConstants.AssociationOptions.EstablishTrustInTarget.equals(valueOf)) {
                    s = (short) (s | 32);
                } else if (HelperConstants.AssociationOptions.EstablishTrustInClient.equals(valueOf)) {
                    s = (short) (s | 64);
                } else if (HelperConstants.AssociationOptions.NoDelegation.equals(valueOf)) {
                    s = (short) (s | 128);
                } else if (HelperConstants.AssociationOptions.SimpleDelegation.equals(valueOf)) {
                    s = (short) (s | 256);
                } else if (HelperConstants.AssociationOptions.CompositeDelegation.equals(valueOf)) {
                    s = (short) (s | 512);
                }
            }
        }
        return s;
    }
}
