package com.ibm.eNetwork.security.sso.cms;

import com.ibm.eNetwork.security.sso.CMResponse;
import com.ibm.eNetwork.security.sso.PasswordCipher;
import com.ibm.eNetwork.security.sso.Ras;
import com.ibm.eNetwork.security.sso.SSOConstants;
import com.ibm.hats.runtime.ApplicationSpecificInfo;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.Hashtable;

/* loaded from: input_file:install/linkwfhats.zip:linkhatsXX_linkwfXXEAR/hodwel.jar:com/ibm/eNetwork/security/sso/cms/DCASClient.class */
public class DCASClient implements DCASResponseListener {
    private static final String className = "com.ibm.eNetwork.security.sso.cms.DCASClient";
    public static final int DEFAULT_DCAS_PORT = 8990;
    public static final long DEFAULT_REQUEST_TIMEOUT = 50000;
    public static final boolean DEFAULT_WELL_KNOWN_CAS = false;
    public static final boolean DEFAULT_USE_DEFAULT_TRUST = false;
    public static final boolean DEFAULT_NO_FIPS = false;
    public static final String TRUSTSTORE_TYPE_PKCS12 = "pkcs12";
    public static final String TRUSTSTORE_TYPE_JKS = "jks";
    public static final String TRUSTSTORE_TYPE_JCEKS = "jceks";
    public static final boolean DEFAULT_SERVER_AUTH = false;
    public static final boolean DEFAULT_USE_SSL = true;
    public static final int DEFAULT_TRACE_LEVEL = 0;
    public static final int DEFAULT_SCAFFOLDING = 0;
    private int dcasPort;
    private String trustStoreName;
    private String trustStorePassword;
    private String trustStoreType;
    private boolean useDefaultTrust;
    private boolean dontUseFIPS;
    private boolean useWellKnownCAs;
    private String p12PasswordWellKnown;
    private boolean serverAuth;
    private boolean useSSL;
    public static int traceLevel;
    private String logFile;
    private int scaffoldDCAS;
    private Hashtable dcasResponseObjectsTable = new Hashtable();
    private Hashtable tableOfLocks = new Hashtable();
    private int correlator = 0;
    InetAddress dcasInetAddr = null;
    static DCASPassticketManager theDCASPtm = null;

    public DCASClient() {
        clientInit(0, SSOConstants.DEFAULT_TRACE_LOG_FILE);
    }

    public DCASClient(int i, String str) {
        clientInit(i, str);
    }

    private void clientInit(int i, String str) {
        traceLevel = i;
        this.logFile = str;
        this.useWellKnownCAs = false;
        this.serverAuth = false;
        this.useSSL = true;
        this.scaffoldDCAS = 0;
        if (i > 0 && Ras.hasNoImplementations()) {
            Ras.addRasImplementation(new ConsoleRas(str));
        }
        if (i >= 1) {
            Ras.traceExit(className, "clientInit");
        }
    }

    public int Init(String str, int i, String str2, String str3) {
        return Init(str, i, str2, str3, "pkcs12");
    }

    public int Init(String str, int i, String str2, String str3, String str4) {
        if (traceLevel >= 1) {
            Ras.traceEntry(className, "Init", (Object[]) new String[]{new StringBuffer().append("DCASAddress     = ").append(str).toString(), new StringBuffer().append("DCASPort        = ").append(new Integer(i).toString()).toString(), new StringBuffer().append("TrustStore      = ").append(str2).toString(), "TrustStorePW    = ********", new StringBuffer().append("TrustStoreType  = ").append(str4).toString()});
        }
        this.dcasPort = i;
        this.trustStoreName = str2;
        this.trustStorePassword = PasswordCipher.decrypt(str3);
        this.trustStoreType = str4;
        if (this.dcasPort <= 0) {
            if (traceLevel >= 1) {
                Ras.logMessage(1, className, "Init", "DCAS_INVALID_SERVER_PORT", String.valueOf(this.dcasPort));
            }
            this.dcasPort = DEFAULT_DCAS_PORT;
        }
        if (str != null && str.length() > 0) {
            try {
                this.dcasInetAddr = InetAddress.getByName(str);
            } catch (UnknownHostException e) {
                Ras.logMessage(2, className, "Init", new StringBuffer().append("DCAS_UNKNOWN_DCAS_SERVER  ").append(str).toString());
            }
        }
        if (traceLevel < 1) {
            return 0;
        }
        Ras.traceExit(className, "Init");
        return 0;
    }

    public void setUseDefaultTrustStore(boolean z) {
        this.useDefaultTrust = z;
    }

    public void setNoFIPS(boolean z) {
        this.dontUseFIPS = z;
    }

    public void setWellKnownTrustedCAs(boolean z) {
        this.useWellKnownCAs = z;
    }

    public void setWellKnownTrustedCAsPassword(String str) {
        this.p12PasswordWellKnown = PasswordCipher.decrypt(str);
    }

    public void setServerAuthentication(boolean z) {
        this.serverAuth = z;
    }

    public void setSSL(boolean z) {
        this.useSSL = z;
    }

    public void setTraceLevel(int i) {
        traceLevel = i;
    }

    public void setLogFile(String str) {
        this.logFile = str;
    }

    public void setScaffoldLevel(int i) {
        this.scaffoldDCAS = i;
    }

    public CMResponse getPassticket(String str, String str2, String str3, long j) {
        return getPassticket(str, str2, str3, j, false);
    }

    public CMResponse getPassticket(String str, String str2, String str3, long j, boolean z) {
        if (traceLevel >= 1) {
            Ras.traceEntry(className, "getPassticket", (Object[]) new String[]{new StringBuffer().append("HostUserID    = ").append(str).toString(), new StringBuffer().append("HostApplID    = ").append(str2).toString(), new StringBuffer().append("HostAddress = ").append(str3).toString(), new StringBuffer().append("Timeout       = ").append(new Long(j).toString()).toString(), new StringBuffer().append("Use Foreign Principal = ").append(String.valueOf(z)).toString()});
        }
        CMResponse cMResponse = new CMResponse();
        cMResponse.setPassword("");
        if (str == null || str.trim().equals("")) {
            if (traceLevel >= 1) {
                Ras.logMessage(2, className, "getPassticket", "DCAS_INVALID_USER_ID");
            }
            cMResponse.setStatus(9);
            return cMResponse;
        }
        if (str2 == null || str2.trim().equals("")) {
            if (traceLevel >= 1) {
                Ras.logMessage(2, className, "getPassticket", "DCAS_INVALID_APPL_ID");
            }
            cMResponse.setStatus(4);
            return cMResponse;
        }
        if (str3 == null || str3.trim().equals("")) {
            if (traceLevel >= 1) {
                Ras.logMessage(2, className, "getPassticket", "DCAS_INVALID_SERVER_ADDRESS");
            }
            cMResponse.setStatus(5);
            return cMResponse;
        }
        if (this.dcasInetAddr == null) {
            try {
                this.dcasInetAddr = InetAddress.getByName(str3);
            } catch (UnknownHostException e) {
                Ras.logMessage(2, className, "getPassticket", new StringBuffer().append("DCAS_UNKNOWN_DCAS_SERVER").append(str3).toString());
                cMResponse.setStatus(5);
                return cMResponse;
            }
        }
        return commonGetPassticket(new DCASPassticketRequest(this.dcasInetAddr, this.dcasPort, j, str, str2, z), z);
    }

    public CMResponse getPassticket(byte[] bArr, String str, String str2, long j) {
        if (traceLevel >= 1) {
            Ras.traceEntry(className, "getPassticket", (Object[]) new String[]{new StringBuffer().append("Certificate = ").append(bArr.toString()).toString(), new StringBuffer().append("HostApplID  = ").append(str).toString(), new StringBuffer().append("HostAddress = ").append(str2).toString(), new StringBuffer().append("Timeout     = ").append(new Long(j).toString()).toString()});
        }
        CMResponse cMResponse = new CMResponse();
        cMResponse.setPassword("");
        if (bArr == null) {
            if (traceLevel >= 1) {
                Ras.logMessage(2, className, "getPassticket", "DCAS_INVALID_USER_ID");
            }
            cMResponse.setStatus(9);
            return cMResponse;
        }
        if (str == null || str.trim().equals("")) {
            if (traceLevel >= 1) {
                Ras.logMessage(2, className, "getPassticket", "DCAS_INVALID_APPL_ID");
            }
            cMResponse.setStatus(4);
            return cMResponse;
        }
        if (str2 == null || str2.trim().equals("")) {
            if (traceLevel >= 1) {
                Ras.logMessage(2, className, "getPassticket", "DCAS_INVALID_SERVER_ADDRESS");
            }
            cMResponse.setStatus(5);
            return cMResponse;
        }
        if (this.dcasInetAddr == null) {
            try {
                this.dcasInetAddr = InetAddress.getByName(str2);
            } catch (UnknownHostException e) {
                Ras.logMessage(2, className, "getPassticket", new StringBuffer().append("DCAS_UNKNOWN_DCAS_SERVER").append(str2).toString());
                cMResponse.setStatus(5);
                return cMResponse;
            }
        }
        return commonGetPassticket(new DCASPassticketRequest(this.dcasInetAddr, this.dcasPort, j, bArr, str), false);
    }

    private CMResponse commonGetPassticket(DCASPassticketRequest dCASPassticketRequest, boolean z) {
        Object obj;
        if (traceLevel >= 1) {
            Ras.traceEntry(className, "commonGetPassticket", (Object[]) new String[]{new StringBuffer().append("DCASPassticketRequest  = ").append(dCASPassticketRequest.toString()).toString()});
        }
        CMResponse cMResponse = new CMResponse();
        cMResponse.setPassword("");
        try {
            DCASPassticketManager GetDCASPassticketManager = GetDCASPassticketManager();
            if (traceLevel >= 4) {
                Ras.trace(className, "commonGetPassticket", new StringBuffer().append("Adding DCASResponseListener for request ID [").append(dCASPassticketRequest.getUserID()).append("] on thread [").append(Thread.currentThread().toString()).append(ApplicationSpecificInfo.COMPOSITE_APPID_FINAL_SEPARATOR).toString());
            }
            dCASPassticketRequest.addDCASResponseListener(this);
            if (traceLevel >= 4) {
                Ras.trace(className, "commonGetPassticket", new StringBuffer().append("Entering synchronized dcasLock section for request ID [").append(dCASPassticketRequest.getUserID()).append("] on thread [").append(Thread.currentThread().toString()).append(ApplicationSpecificInfo.COMPOSITE_APPID_FINAL_SEPARATOR).toString());
            }
            synchronized (this) {
                obj = new Object();
                if (this.correlator == Integer.MAX_VALUE) {
                    this.correlator = 0;
                }
                if (traceLevel >= 2) {
                    Ras.trace(className, "request", new StringBuffer().append("Setting correlator to [").append(this.correlator + 1).append("] for userid [").append(dCASPassticketRequest.getUserID()).append(ApplicationSpecificInfo.COMPOSITE_APPID_FINAL_SEPARATOR).toString());
                }
                int i = this.correlator + 1;
                this.correlator = i;
                dCASPassticketRequest.setCorrelator(i);
                this.tableOfLocks.put(new Integer(dCASPassticketRequest.getCorrelator()), obj);
                if (traceLevel >= 4) {
                    Ras.trace(className, "commonGetPassticket", new StringBuffer().append("Inside synchronized dcasLock section for request ID [").append(dCASPassticketRequest.getUserID()).append("] on thread [").append(Thread.currentThread().toString()).append(ApplicationSpecificInfo.COMPOSITE_APPID_FINAL_SEPARATOR).toString());
                }
                if (traceLevel >= 2) {
                    Ras.logMessage(0, className, "commonGetPassticket", "DCAS_PASSTICKET_REQUESTED", dCASPassticketRequest.toString());
                }
                GetDCASPassticketManager.request(dCASPassticketRequest);
                if (traceLevel >= 4) {
                    Ras.trace(className, "commonGetPassticket", new StringBuffer().append("Waiting on dcasLock for request ID [").append(dCASPassticketRequest.getUserID()).append("] on thread [").append(Thread.currentThread().toString()).append(ApplicationSpecificInfo.COMPOSITE_APPID_FINAL_SEPARATOR).toString());
                }
            }
            synchronized (obj) {
                obj.wait();
                if (traceLevel >= 4) {
                    Ras.trace(className, "commonGetPassticket", new StringBuffer().append("After waiting on dcasLock for request ID [").append(dCASPassticketRequest.getUserID()).append("] on thread [").append(Thread.currentThread().toString()).append(ApplicationSpecificInfo.COMPOSITE_APPID_FINAL_SEPARATOR).toString());
                }
                dCASPassticketRequest.removeDCASResponseListener(this);
                if (traceLevel >= 4) {
                    Ras.trace(className, "commonGetPassticket", new StringBuffer().append("Exiting synchronized dcasLock section for request ID [").append(dCASPassticketRequest.getUserID()).append("] on thread [").append(Thread.currentThread().toString()).append(ApplicationSpecificInfo.COMPOSITE_APPID_FINAL_SEPARATOR).toString());
                }
            }
            DCASPassticketResponse dCASPassticketResponse = (DCASPassticketResponse) this.dcasResponseObjectsTable.remove(new Integer(dCASPassticketRequest.getCorrelator()));
            int rc = dCASPassticketResponse.getRc();
            if (rc == 0) {
                String userid = dCASPassticketResponse.getUserid();
                if (z || dCASPassticketRequest.getUserID() == null || ((userid.length() >= 8 || userid.equalsIgnoreCase(dCASPassticketRequest.getUserID())) && (userid.length() != 8 || dCASPassticketRequest.getUserID().toUpperCase().startsWith(userid.toUpperCase())))) {
                    String passticket = dCASPassticketResponse.getPassticket();
                    cMResponse.setID(userid);
                    cMResponse.setPassword(passticket);
                    cMResponse.setStatus(0);
                    if (traceLevel >= 2) {
                        Ras.logMessage(0, className, "commonGetPassticket", "DCAS_PASSTICKET_GENERATED", dCASPassticketRequest.getUserID());
                    }
                } else {
                    if (traceLevel >= 1) {
                        Ras.logMessage(2, className, "commonGetPassticket", "DCAS_REQUEST_RESPONSE_MISMATCH", new String[]{dCASPassticketRequest.getUserID(), userid, Integer.toString(22)});
                    }
                    cMResponse.setStatus(22);
                }
            } else if (rc == -1) {
                if (traceLevel >= 1) {
                    Ras.logMessage(2, className, "commonGetPassticket", "DCAS_PASSTICKET_ERROR", dCASPassticketRequest.getUserID());
                }
                cMResponse.setStatus(10);
            } else if (rc == -2) {
                if (traceLevel >= 1) {
                    Ras.logMessage(2, className, "commonGetPassticket", "DCAS_CLIENT_TIMEOUT", dCASPassticketRequest.getServerAddress().toString());
                }
                cMResponse.setStatus(11);
            } else {
                if (traceLevel >= 1) {
                    Ras.logMessage(2, className, "commonGetPassticket", "DCAS_UNEXPECTED_RC", String.valueOf(rc));
                }
                cMResponse.setStatus(12);
            }
        } catch (DCASException e) {
            this.tableOfLocks.remove(new Integer(dCASPassticketRequest.getCorrelator()));
            this.dcasResponseObjectsTable.remove(new Integer(dCASPassticketRequest.getCorrelator()));
            if (traceLevel >= 3) {
                Ras.logMessage(2, className, "commonGetPassticket", "DCAS_EXCEPTION", e.getMessage());
            }
            cMResponse.setStatus(8);
        } catch (InterruptedException e2) {
            this.tableOfLocks.remove(new Integer(dCASPassticketRequest.getCorrelator()));
            this.dcasResponseObjectsTable.remove(new Integer(dCASPassticketRequest.getCorrelator()));
            logException(e2, className, "commonGetPassticket");
            cMResponse.setStatus(8);
        } catch (Throwable th) {
            this.tableOfLocks.remove(new Integer(dCASPassticketRequest.getCorrelator()));
            this.dcasResponseObjectsTable.remove(new Integer(dCASPassticketRequest.getCorrelator()));
            logException(th, className, "commonGetPassticket");
            cMResponse.setStatus(8);
        }
        if (traceLevel >= 2) {
            Ras.logMessage(0, className, "commonGetPassticket", new StringBuffer().append("Returning from commonGetPassticket request for DCAS Request ID [").append(dCASPassticketRequest.getUserID()).append("], Corr [").append(dCASPassticketRequest.getCorrelator()).append("], Response [").append(cMResponse.toString()).append(ApplicationSpecificInfo.COMPOSITE_APPID_FINAL_SEPARATOR).toString());
        }
        if (traceLevel >= 1) {
            Ras.traceExit(className, "commonGetPassticket", cMResponse.toString());
        }
        return cMResponse;
    }

    private DCASPassticketManager GetDCASPassticketManager() {
        if (theDCASPtm == null) {
            theDCASPtm = DCASPassticketManager.getInstance();
            theDCASPtm.setUsingSSL(this.useSSL);
            theDCASPtm.setTrustStoreName(this.trustStoreName);
            theDCASPtm.setTrustStorePassword(this.trustStorePassword);
            theDCASPtm.setTrustStoreType(this.trustStoreType);
            theDCASPtm.setUsingDefaultKeys(this.useWellKnownCAs);
            theDCASPtm.setUsingDefaultTrust(this.useDefaultTrust);
            theDCASPtm.setNoFIPS(this.dontUseFIPS);
            theDCASPtm.setWellKnownTrustedCAsPassword(this.p12PasswordWellKnown);
            theDCASPtm.setServerAuthentication(this.serverAuth);
            theDCASPtm.setMode(this.scaffoldDCAS);
        }
        return theDCASPtm;
    }

    public void Destroy() {
        if (traceLevel >= 1) {
            Ras.traceEntry(className, "Destroy");
        }
        try {
            DCASPassticketManager.getInstance().detach();
        } catch (Throwable th) {
            logException(th, className, "Destroy");
        }
        if (traceLevel >= 1) {
            Ras.traceExit(className, "Destroy");
        }
    }

    public CMResponse getUserIDAndPassticket(String str, String str2, String str3, long j) {
        if (traceLevel >= 1) {
            Ras.traceEntry(className, "getUserIDAndPassticket", (Object[]) new String[]{new StringBuffer().append("Network ID  = ").append(str).toString(), new StringBuffer().append("HostApplID  = ").append(str2).toString(), new StringBuffer().append("HostAddress = ").append(str3).toString(), new StringBuffer().append("Timeout     = ").append(new Long(j).toString()).toString()});
        }
        Ras.logMessage(2, className, "getUserIDAndPassticket", "API_NOT_SUPPORTED", "getUserIDAndPassticket");
        CMResponse cMResponse = new CMResponse();
        cMResponse.setStatus(13);
        if (traceLevel >= 1) {
            Ras.traceExit(className, "getUserIDAndPassticket", cMResponse.toString());
        }
        return cMResponse;
    }

    @Override // com.ibm.eNetwork.security.sso.cms.DCASResponseListener
    public void response(DCASPassticketResponse dCASPassticketResponse) {
        if (traceLevel >= 3) {
            Ras.traceEntry(className, "response", (Object[]) new String[]{new StringBuffer().append("Response userid  = ").append(dCASPassticketResponse.getUserid()).toString(), new StringBuffer().append("Correlator       = ").append(dCASPassticketResponse.getCorrelator()).toString()});
        }
        Object remove = this.tableOfLocks.remove(new Integer(dCASPassticketResponse.getCorrelator()));
        this.dcasResponseObjectsTable.put(new Integer(dCASPassticketResponse.getCorrelator()), dCASPassticketResponse);
        if (dCASPassticketResponse.getRc() != 0) {
            if (traceLevel >= 1) {
                Ras.traceExit(className, "response", new StringBuffer().append("Dcasrc  = ").append((int) dCASPassticketResponse.getDcasRC()).append(" Safrc   = ").append(dCASPassticketResponse.getDcasRC1()).append(" Racfrc  = ").append(dCASPassticketResponse.getDcasRC2()).append(" Racfrsn = ").append(dCASPassticketResponse.getDcasRC3()).toString());
            }
        } else if (traceLevel >= 4) {
            Ras.traceExit(className, "response", new StringBuffer().append("Response code is 0 for response correlator [").append(dCASPassticketResponse.getCorrelator()).append(ApplicationSpecificInfo.COMPOSITE_APPID_FINAL_SEPARATOR).toString());
        }
        synchronized (remove) {
            remove.notify();
        }
    }

    public static void logException(Throwable th, String str, String str2) {
        logException(th, str, str2, "");
    }

    public static void logException(Throwable th, String str, String str2, String str3) {
        if (traceLevel >= 1) {
            String[] strArr = {th.getMessage(), th.toString()};
            if (str3.equals("")) {
                Ras.logMessage(2, str, str2, "EXCEPTION", strArr);
            } else {
                Ras.logMessage(2, str, str2, str3, strArr);
            }
        }
        if (traceLevel >= 3) {
            Ras.traceException(th, str, str2);
        }
    }
}
