package com.ibm.ws.security.web.saml;

import com.ibm.ws.security.web.saml.util.Util;
import com.ibm.ws.wssecurity.saml.binding.saml20.PropertyConfigUtil;
import com.ibm.ws.wssecurity.saml.binding.saml20.SAMLSpConstants;
import com.ibm.ws.wssecurity.util.ConfigUtil;
import com.ibm.wsspi.security.web.saml.UserMapping;
import java.util.Properties;

/* loaded from: input_file:lib/com.ibm.wsfp.main.jar:com/ibm/ws/security/web/saml/SAMLIdAssertionRule.class */
public class SAMLIdAssertionRule {
    Properties props;
    private String realmName = null;
    private String principalName = null;
    private String uniqueId = null;
    private String groupName = null;
    private String realmNameRange = null;
    private String defaultRealm = null;
    private String useRealm = null;
    private boolean includeToken = true;
    private boolean includecachekey = true;
    private UserMapping usermapping = null;
    private IDMapOption idMapOption = IDMapOption.NULL;

    /* loaded from: input_file:lib/com.ibm.wsfp.main.jar:com/ibm/ws/security/web/saml/SAMLIdAssertionRule$IDMapOption.class */
    public enum IDMapOption {
        NULL,
        ASSERTION,
        LOCAL_REALM,
        LOCAL_REALM_THEN_ASSERTION,
        ASSERTION_ADD_LOCAL_GROUP,
        LOCAL_REALM_THEN_ASSERTION_ADD_LOCAL_GROUP,
        ASSERTION_AND_LOCAL_GROUP,
        LOCAL_REALM_THEN_ASSERTION_AND_LOCAL_GROUP
    }

    public SAMLIdAssertionRule(Properties properties) {
        this.props = new Properties();
        this.props = properties;
        init();
    }

    protected void init() {
        this.realmName = PropertyConfigUtil.getPropertyString(this.props, SAMLSpConstants.REALM);
        this.principalName = PropertyConfigUtil.getPropertyString(this.props, SAMLSpConstants.PRINCIPAL);
        this.uniqueId = PropertyConfigUtil.getPropertyString(this.props, SAMLSpConstants.UNIQUEID);
        this.realmNameRange = PropertyConfigUtil.getPropertyString(this.props, SAMLSpConstants.REALM_RANGE);
        this.defaultRealm = PropertyConfigUtil.getPropertyString(this.props, SAMLSpConstants.DEFAULT_REALM);
        this.groupName = PropertyConfigUtil.getPropertyString(this.props, SAMLSpConstants.GROUPS);
        this.includeToken = PropertyConfigUtil.getPropertyBoolean(this.props, SAMLSpConstants.INCLUDE_TOKEN_IN_SUBJECT, true);
        this.includecachekey = PropertyConfigUtil.getPropertyBoolean(this.props, SAMLSpConstants.INCLUDE_CACHE_KEY_IN_SUBJECT, true);
        this.useRealm = PropertyConfigUtil.getPropertyString(this.props, SAMLSpConstants.USE_REALM);
        this.usermapping = initIdentityProviderMapping(this.props);
        processIDMapOption(PropertyConfigUtil.getPropertyString(this.props, SAMLSpConstants.ID_MAP), PropertyConfigUtil.getPropertyString(this.props, SAMLSpConstants.GROUP_MAP));
    }

    public String getRealmName() {
        return this.realmName;
    }

    public String getPrincipalName() {
        return this.principalName;
    }

    public void setPrincipalName(String str) {
        this.principalName = str;
    }

    public String getUniqueId() {
        return this.uniqueId;
    }

    public void setUniqueId(String str) {
        this.uniqueId = str;
    }

    public String getGroups() {
        return this.groupName;
    }

    public void setGroups(String str) {
        this.groupName = str;
    }

    public String getRealmNameRange() {
        return this.realmNameRange;
    }

    public void setRealmNameRange(String str) {
        this.realmNameRange = str;
    }

    public String getDefaultRealm() {
        return this.defaultRealm;
    }

    public void setDefaultRealm(String str) {
        this.defaultRealm = str;
    }

    public boolean isIssuerForDefaultRealm() {
        return (isNameQualifierForDefaultRealm() || isDomainRealm()) ? false : true;
    }

    public boolean isDomainRealm() {
        return SAMLSpConstants.SYSTEM_DOMAIN_REALM.equalsIgnoreCase(this.defaultRealm);
    }

    public boolean isNameQualifierForDefaultRealm() {
        return SAMLSpConstants.NAME_QUALIFIER.equalsIgnoreCase(this.defaultRealm);
    }

    public String getUseRealm() {
        return this.useRealm;
    }

    public void setUseRealm(String str) {
        this.useRealm = str;
    }

    protected UserMapping initIdentityProviderMapping(Properties properties) {
        String propertyString = PropertyConfigUtil.getPropertyString(properties, SAMLSpConstants.USER_ID_MAP);
        if (propertyString != null) {
            this.usermapping = (UserMapping) Util.getClassForName(propertyString);
        }
        return this.usermapping;
    }

    public boolean includeTokenInSubject() {
        return this.includeToken;
    }

    public boolean includeCacheKeyInSubject() {
        return this.includecachekey;
    }

    public UserMapping getUserMapping() {
        return this.usermapping;
    }

    public void setUserMapping(UserMapping userMapping) {
        this.usermapping = userMapping;
    }

    public IDMapOption getIDMapOption() {
        return this.idMapOption;
    }

    protected void processIDMapOption(String str, String str2) {
        this.idMapOption = IDMapOption.ASSERTION;
        if (SAMLSpConstants.ID_MAP_LOCAL_REALM.equalsIgnoreCase(str)) {
            this.idMapOption = IDMapOption.LOCAL_REALM;
        } else if (SAMLSpConstants.ID_MAP_LOCAL_THEN_ASSERTION.equalsIgnoreCase(str)) {
            this.idMapOption = IDMapOption.LOCAL_REALM_THEN_ASSERTION;
        }
        if (SAMLSpConstants.GROUP_MAP_ADD_LOCAL_REALM.equalsIgnoreCase(str2) && this.idMapOption.equals(IDMapOption.ASSERTION)) {
            this.idMapOption = IDMapOption.ASSERTION_ADD_LOCAL_GROUP;
        }
        if (SAMLSpConstants.GROUP_MAP_ADD_LOCAL_REALM.equalsIgnoreCase(str2) && this.idMapOption.equals(IDMapOption.LOCAL_REALM_THEN_ASSERTION)) {
            this.idMapOption = IDMapOption.LOCAL_REALM_THEN_ASSERTION_ADD_LOCAL_GROUP;
        }
        if (SAMLSpConstants.GROUP_MAP_LOCAL_REALM.equalsIgnoreCase(str2) && this.idMapOption.equals(IDMapOption.ASSERTION)) {
            this.idMapOption = IDMapOption.ASSERTION_AND_LOCAL_GROUP;
        }
        if (SAMLSpConstants.GROUP_MAP_LOCAL_REALM.equalsIgnoreCase(str2) && this.idMapOption.equals(IDMapOption.LOCAL_REALM_THEN_ASSERTION)) {
            this.idMapOption = IDMapOption.LOCAL_REALM_THEN_ASSERTION_AND_LOCAL_GROUP;
        }
    }

    public String toString() {
        StringBuffer append = new StringBuffer(getClass().getName()).append("(");
        append.append("realmName=[").append(this.realmName).append("], ");
        append.append("principalName=[").append(this.principalName).append("], ");
        append.append("uniqueId=[").append(this.uniqueId).append("], ");
        append.append("groupName=[").append(this.groupName).append("], ");
        append.append("realmNameRange=[").append(this.realmNameRange).append("], ");
        append.append("defaultRealm=[").append(this.defaultRealm).append("], ");
        append.append("useRealm=[").append(this.useRealm).append("], ");
        append.append("includeToken=[").append(this.includeToken).append("], ");
        append.append("includecachekey=[").append(this.includecachekey).append("], ");
        append.append("idMapOption=[").append(this.idMapOption).append("], ");
        append.append("usermapping=[").append(ConfigUtil.getObjState(this.usermapping)).append("]");
        append.append(")");
        return append.toString();
    }
}
