package com.ibm.ws.security.csiv2.server.config.css;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.ssl.SSLException;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.csiv2.Authenticator;
import com.ibm.ws.security.csiv2.CommonCfg;
import com.ibm.ws.security.csiv2.config.css.CommonClientCfg;
import com.ibm.ws.security.csiv2.server.TraceConstants;
import com.ibm.ws.security.csiv2.server.config.tss.ServerLTPAMechConfig;
import com.ibm.ws.transport.iiop.security.config.css.CSSASMechConfig;
import com.ibm.ws.transport.iiop.security.config.css.CSSGSSUPMechConfigDynamic;
import com.ibm.ws.transport.iiop.security.config.css.CSSSASITTAbsent;
import com.ibm.ws.transport.iiop.security.config.css.CSSSASITTAnonymous;
import com.ibm.ws.transport.iiop.security.config.css.CSSSASITTPrincipalNameDynamic;
import com.ibm.ws.transport.iiop.security.config.css.CSSSASMechConfig;
import com.ibm.ws.transport.iiop.security.config.css.CSSSSLTransportConfig;
import com.ibm.ws.transport.iiop.security.config.css.CSSTransportMechConfig;
import com.ibm.ws.transport.iiop.security.config.tss.OptionsKey;
import com.ibm.wsspi.kernel.service.utils.SerializableProtectedString;
import java.util.Map;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:com/ibm/ws/security/csiv2/server/config/css/ClientConfigHelper.class */
public class ClientConfigHelper extends CommonClientCfg {
    private static TraceComponent tc = Tr.register(ClientConfigHelper.class, TraceConstants.TRACE_GROUP, TraceConstants.MESSAGE_BUNDLE);
    private static final String TYPE = "com.ibm.ws.security.csiv2.clientPolicyCSIV2";
    static final long serialVersionUID = -7816606294672743364L;

    public ClientConfigHelper(Authenticator authenticator, String str, String str2) {
        super(authenticator, str, str2, TYPE);
    }

    protected CSSTransportMechConfig extractSSLTransport(Map<String, Object> map) throws SSLException {
        String str = (String) map.get("sslRef");
        CSSSSLTransportConfig cSSSSLTransportConfig = new CSSSSLTransportConfig();
        if (str != null) {
            OptionsKey associationOptions = this.sslConfig.getAssociationOptions(str);
            cSSSSLTransportConfig.setSupports(associationOptions.supports);
            cSSSSLTransportConfig.setRequires(associationOptions.requires);
            cSSSSLTransportConfig.setSslConfigName(str);
        } else {
            cSSSSLTransportConfig.setOutboundSSLReference();
        }
        return cSSSSLTransportConfig;
    }

    public CSSASMechConfig handleASMech(String str, Authenticator authenticator, String str2, boolean z, Map<String, Object> map) {
        ClientLTPAMechConfig clientLTPAMechConfig = null;
        if (str.equalsIgnoreCase(ServerLTPAMechConfig.LTPA)) {
            clientLTPAMechConfig = new ClientLTPAMechConfig(authenticator, str2, z);
        } else if (str.equalsIgnoreCase("GSSUP")) {
            clientLTPAMechConfig = new CSSGSSUPMechConfigDynamic(str2, z);
        }
        return clientLTPAMechConfig;
    }

    public void logWarning(String str, Object... objArr) {
        Tr.warning(tc, str, objArr);
    }

    public Map<String, Object> getAttributeLayerProperties(CommonCfg.LayersData layersData) {
        return layersData.attributeLayer;
    }

    protected CSSSASMechConfig extractSASMech(Map<String, Object> map) {
        CSSSASMechConfig cSSSASMechConfig = new CSSSASMechConfig();
        cSSSASMechConfig.addIdentityToken(new CSSSASITTAbsent());
        boolean booleanValue = ((Boolean) map.get("identityAssertionEnabled")).booleanValue();
        String[] strArr = (String[]) map.get("identityAssertionTypes");
        String str = (String) map.get("trustedIdentity");
        SerializableProtectedString serializableProtectedString = (SerializableProtectedString) map.get("trustedPassword");
        printTrace("IdentityAssertionEnabled", Boolean.valueOf(booleanValue), 3);
        printTrace("TrustedIdentity", str, 3);
        if (booleanValue) {
            for (String str2 : strArr) {
                if ("ITTAnonymous".equals(str2)) {
                    cSSSASMechConfig.addIdentityToken(new CSSSASITTAnonymous());
                } else if ("ITTPrincipalName".equals(str2)) {
                    cSSSASMechConfig.addIdentityToken(new CSSSASITTPrincipalNameDynamic((String) null, this.domain));
                } else if ("ITTX509CertChain".equals(str2)) {
                    cSSSASMechConfig.addIdentityToken(new ClientSASITTX509CertChain(null, this.domain));
                } else if ("ITTDistinguishedName".equals(str2)) {
                    cSSSASMechConfig.addIdentityToken(new ClientSASITTDistinguishedName());
                }
            }
            cSSSASMechConfig.setTrustedIdentity(str);
            cSSSASMechConfig.setTrustedPassword(serializableProtectedString);
        }
        return cSSSASMechConfig;
    }
}
