package com.ibm.ws.security.saml.admintask;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.crypto.PasswordUtil;
import com.ibm.websphere.management.Session;
import com.ibm.websphere.management.cmdframework.AdminCommand;
import com.ibm.websphere.management.cmdframework.CommandException;
import com.ibm.websphere.management.cmdframework.CommandLoadException;
import com.ibm.websphere.management.cmdframework.CommandMgr;
import com.ibm.websphere.management.cmdframework.CommandNotFoundException;
import com.ibm.websphere.management.cmdframework.CommandResult;
import com.ibm.websphere.management.cmdframework.CommandValidationException;
import com.ibm.websphere.management.cmdframework.commanddata.CommandData;
import com.ibm.websphere.management.cmdframework.commandmetadata.CommandMetadata;
import com.ibm.websphere.management.cmdframework.provider.AbstractAdminCommand;
import com.ibm.websphere.management.cmdframework.provider.SimpleCommandProvider;
import com.ibm.websphere.management.configservice.ConfigDataId;
import com.ibm.websphere.management.configservice.ConfigService;
import com.ibm.websphere.management.configservice.ConfigServiceFactory;
import com.ibm.websphere.management.configservice.ConfigServiceHelper;
import com.ibm.websphere.management.exception.ConfigServiceException;
import com.ibm.websphere.management.exception.ConnectorException;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.admintask.securityDomain.SecConfigTaskHelper;
import com.ibm.ws.security.common.util.CommonConstants;
import com.ibm.ws.security.jaspi.commands.AdminConstants;
import com.ibm.ws.sm.workspace.impl.WorkSpaceConstant;
import com.ibm.ws.ssl.commands.personalCertificates.PersonalCertificateHelper;
import com.ibm.ws.ssl.commands.utils.CommandHelper;
import com.ibm.ws.ssl.commands.utils.TraceNLSHelper;
import com.ibm.ws.ssl.config.WSKeyStoreHelper;
import com.ibm.ws.ssl.model.KeyStoreInfo;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.ResourceBundle;
import java.util.TreeMap;
import javax.management.AttributeList;
import javax.management.AttributeNotFoundException;
import javax.management.ObjectName;
import javax.xml.bind.JAXBException;

/* loaded from: input_file:WEB-INF/lib/admin-8.5.0.jar:com/ibm/ws/security/saml/admintask/SamlCommandProviderImpl.class */
public class SamlCommandProviderImpl extends SimpleCommandProvider {
    private static String BUNDLE_NAME = AdminConstants.MSG_BUNDLE_NAME;
    private static ResourceBundle resBundle = ResourceBundle.getBundle(BUNDLE_NAME, Locale.getDefault());
    private static TraceComponent tc = Tr.register((Class<?>) SamlCommandProviderImpl.class, "SamlCommandProviderImpl", "com.ibm.ws.security.saml.admintask");

    @Override // com.ibm.websphere.management.cmdframework.provider.SimpleCommandProvider, com.ibm.websphere.management.cmdframework.provider.CommandProvider
    public AbstractAdminCommand createCommand(CommandMetadata commandMetadata) throws CommandNotFoundException {
        return super.createCommand(commandMetadata);
    }

    @Override // com.ibm.websphere.management.cmdframework.provider.SimpleCommandProvider, com.ibm.websphere.management.cmdframework.provider.CommandProvider
    public AbstractAdminCommand loadCommand(CommandData commandData) throws CommandNotFoundException, CommandLoadException {
        return super.loadCommand(commandData);
    }

    public boolean importSAMLIdpMetadata(AbstractAdminCommand abstractAdminCommand) throws CommandException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "importSAMLIdpMetadata");
        }
        String str = null;
        KeyStoreInfo keyStoreInfo = null;
        try {
            String str2 = (String) abstractAdminCommand.getParameter(Constants.PARM_IDP_FILE_NAME);
            Integer num = (Integer) abstractAdminCommand.getParameter(Constants.PARM_SSO_ID);
            Integer num2 = (Integer) abstractAdminCommand.getParameter(Constants.PARM_IDP_ID);
            String str3 = (String) abstractAdminCommand.getParameter("securityDomainName");
            String str4 = (String) abstractAdminCommand.getParameter(Constants.PARM_SIGNING_CERT_ALIAS);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "idpMetadataFile: " + num2);
                Tr.debug(tc, "ssoId: " + num);
                Tr.debug(tc, "idpId: " + num2);
                Tr.debug(tc, "securityDomainName: " + str3);
                Tr.debug(tc, "signingCertAlias: " + str4);
            }
            ConfigService configService = ConfigServiceFactory.getConfigService();
            Session configSession = abstractAdminCommand.getConfigSession();
            ObjectName samlTaiObj = getSamlTaiObj(configSession, configService, str3);
            Map<String, String> samlTaiProps = getSamlTaiProps(configSession, configService, samlTaiObj);
            String propertyValue = getPropertyValue(getSsokey(num, true, samlTaiProps) + Constants.SP, Constants.TRUST_STORE, samlTaiProps);
            IdpOrSpConfig idpOrSpConfig = new IdpOrSpConfig();
            idpOrSpConfig.load(str2);
            isElementAlreadyExist(samlTaiProps, idpOrSpConfig.getEntityId());
            isElementAlreadyExist(samlTaiProps, idpOrSpConfig.getSsoPostBindingLocation());
            X509Certificate signingCert = idpOrSpConfig.getSigningCert();
            if (signingCert != null) {
                keyStoreInfo = getKeyStoreInfo(configSession, configService, propertyValue);
                str = importCertToTrustStore(keyStoreInfo, signingCert, str4);
            }
            String buildIdpPartnerProps = buildIdpPartnerProps(idpOrSpConfig, str2, getSsoIdpKey(num, num2, samlTaiProps), str);
            if (buildIdpPartnerProps != null && buildIdpPartnerProps.length() > 0) {
                SecConfigTaskHelper.addCustomEntries(configSession, configService, samlTaiObj, buildIdpPartnerProps, "trustProperties");
                if (signingCert != null) {
                    commitWorkspace(configSession, keyStoreInfo);
                }
            }
            if (!tc.isEntryEnabled()) {
                return true;
            }
            Tr.exit(tc, "importSAMLIdpMetadata", true);
            return true;
        } catch (JAXBException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.saml.admintask.importSAMLIdpMetadata", "151");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "JAXBException caught an unexpected exception", new Object[]{e});
            }
            Exception exc = (Exception) e.getCause();
            if (exc != null) {
                throw new CommandException(exc.getMessage());
            }
            throw new CommandException(e.getMessage());
        } catch (Exception e2) {
            FFDCFilter.processException(e2, "com.ibm.ws.security.saml.admintask.importSAMLIdpMetadata", "163");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "importSAMLIdpMetadata caught an unexpected exception", new Object[]{e2});
            }
            throw new CommandException(e2.getMessage());
        }
    }

    public List<String> deleteSAMLIdpPartner(AbstractAdminCommand abstractAdminCommand) throws CommandException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "deleteSAMLIdpPartner");
        }
        try {
            String str = (String) abstractAdminCommand.getParameter("securityDomainName");
            Integer num = (Integer) abstractAdminCommand.getParameter(Constants.PARM_SSO_ID);
            Integer num2 = (Integer) abstractAdminCommand.getParameter(Constants.PARM_IDP_ID);
            Boolean bool = (Boolean) abstractAdminCommand.getParameter(Constants.PARM_DELETE_SIGNING_CERT);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "ssoId: " + num);
                Tr.debug(tc, "idpId: " + num2);
                Tr.debug(tc, "securityDomainName: " + str);
                Tr.debug(tc, "deleteSigningCert: " + bool);
            }
            ConfigService configService = ConfigServiceFactory.getConfigService();
            Session configSession = abstractAdminCommand.getConfigSession();
            ObjectName samlTaiObj = getSamlTaiObj(configSession, configService, str);
            Map<String, String> samlTaiProps = getSamlTaiProps(configSession, configService, samlTaiObj);
            String ssokey = getSsokey(num, true, samlTaiProps);
            String propertyValue = getPropertyValue(ssokey + Constants.SP, Constants.TRUST_STORE, samlTaiProps);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "trustStore: " + propertyValue);
            }
            if (num2 == null) {
                throw new CommandException(Util.getMsg(resBundle, "security.saml.parameter.is.null.SECJ8047E", new Object[]{Constants.PARM_IDP_ID}));
            }
            Map<String, String> extractPropertiesWithId = Util.extractPropertiesWithId(Constants.PARM_IDP_ID, num2, ssokey + Constants.IDP, samlTaiProps);
            if (extractPropertiesWithId == null || extractPropertiesWithId.isEmpty()) {
                throw new CommandValidationException(Util.getMsg(resBundle, "security.saml.element.id.notexistent.SECJ8041E", new Object[]{Constants.PARM_IDP_ID, num2}));
            }
            ArrayList<?> arrayList = (ArrayList) configService.getAttribute(configSession, samlTaiObj, "trustProperties");
            KeyStoreInfo keyStoreInfo = getKeyStoreInfo(configSession, configService, propertyValue);
            boolean z = false;
            if (arrayList != null) {
                Iterator<?> it = arrayList.iterator();
                while (it.hasNext()) {
                    AttributeList attributeList = (AttributeList) it.next();
                    String str2 = (String) ConfigServiceHelper.getAttributeValue(attributeList, "name");
                    String str3 = (String) ConfigServiceHelper.getAttributeValue(attributeList, "value");
                    if (extractPropertiesWithId.containsKey(str2)) {
                        configService.deleteConfigData(configSession, ConfigServiceHelper.createObjectName(attributeList));
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Deleted property name:" + str2 + " value:" + str3);
                        }
                        if (bool != null && bool.booleanValue() && str2.contains(Constants.CERT_ALIAS)) {
                            if (isALiasReferenceByOtherEntry(arrayList, str3, null)) {
                                Tr.warning(tc, Util.getMsg(resBundle, "security.saml.can.not.delete.certificate.SECJ8051W", null));
                            } else {
                                deleteCertFromTrustStore(keyStoreInfo, str3);
                                z = true;
                            }
                        }
                    }
                }
            }
            if (z) {
                commitWorkspace(configSession, keyStoreInfo);
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "deleteSAMLIdpPartner");
            }
            return Util.toList(extractPropertiesWithId);
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.saml.admintask.deleteSAMLIdpPartner", "257");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "deleteSAMLIdpPartner caught an unexpected exception", new Object[]{e});
            }
            throw new CommandException(e, e.getMessage());
        }
    }

    public List<?> showSAMLIdpPartner(AbstractAdminCommand abstractAdminCommand) throws CommandException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "showSAMLIdpPartner");
        }
        try {
            String str = (String) abstractAdminCommand.getParameter("securityDomainName");
            Integer num = (Integer) abstractAdminCommand.getParameter(Constants.PARM_SSO_ID);
            Integer num2 = (Integer) abstractAdminCommand.getParameter(Constants.PARM_IDP_ID);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "securityDomainName: " + str);
                Tr.debug(tc, "ssoId: " + num);
                Tr.debug(tc, "idpId: " + num2);
            }
            ConfigService configService = ConfigServiceFactory.getConfigService();
            Session configSession = abstractAdminCommand.getConfigSession();
            Map<String, String> samlTaiProps = getSamlTaiProps(configSession, configService, getSamlTaiObj(configSession, configService, str));
            String ssokey = getSsokey(num, true, samlTaiProps);
            Map<String, String> extractPropertiesWithPrefix = num2 == null ? Util.extractPropertiesWithPrefix(ssokey + ".", samlTaiProps) : Util.extractPropertiesWithId(Constants.PARM_IDP_ID, num2, ssokey + Constants.IDP, samlTaiProps);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "SAML TAI IdP partner: " + Util.mapToString(extractPropertiesWithPrefix));
            }
            if (extractPropertiesWithPrefix == null || extractPropertiesWithPrefix.isEmpty()) {
                throw new CommandValidationException(Util.getMsg(resBundle, "security.saml.element.id.notexistent.SECJ8041E", new Object[]{Constants.PARM_IDP_ID, num2}));
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "showSAMLIdpPartner");
            }
            return Util.toList(extractPropertiesWithPrefix);
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.saml.admintask.showSAMLIdpPartner", "312");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "showSAMLIdpPartner caught an unexpected exception", new Object[]{e});
            }
            throw new CommandException(e, e.getMessage());
        }
    }

    public boolean exportSAMLSpMetadata(AbstractAdminCommand abstractAdminCommand) throws CommandException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "exportSAMLSpMetadata");
        }
        try {
            String str = (String) abstractAdminCommand.getParameter(Constants.PARM_SP_FILE_NAME);
            Integer num = (Integer) abstractAdminCommand.getParameter(Constants.PARM_SSO_ID);
            String str2 = (String) abstractAdminCommand.getParameter("securityDomainName");
            Boolean bool = (Boolean) abstractAdminCommand.getParameter(Constants.PARM_WANT_ASSERTIONS_SIGNED);
            String str3 = (String) abstractAdminCommand.getParameter(Constants.PARM_ENCRYPTION_METHOD);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "spMetadataFile: ", str);
                Tr.debug(tc, "ssoId: " + num);
                Tr.debug(tc, "securityDomainName: " + str2);
                Tr.debug(tc, "wantAssertionsSigned: " + bool);
                Tr.debug(tc, "encryptionMethod: " + str3);
            }
            ConfigService configService = ConfigServiceFactory.getConfigService();
            Session configSession = abstractAdminCommand.getConfigSession();
            Map<String, String> samlTaiProps = getSamlTaiProps(configSession, configService, getSamlTaiObj(configSession, configService, str2));
            String str4 = getSsokey(num, true, samlTaiProps) + Constants.SP;
            Map<String, String> extractPropertiesWithPrefix = Util.extractPropertiesWithPrefix(str4, samlTaiProps);
            if (extractPropertiesWithPrefix == null || extractPropertiesWithPrefix.isEmpty()) {
                throw new CommandValidationException(Util.getMsg(resBundle, "security.saml.no.sp.SECJ8056E", new Object[]{"ssokey"}));
            }
            String propertyValue = getPropertyValue(str4, Constants.TRUST_STORE, extractPropertiesWithPrefix);
            String propertyValue2 = getPropertyValue(str4, Constants.ACS_URL, extractPropertiesWithPrefix);
            String propertyValue3 = getPropertyValue(str4, Constants.KEY_STORE, extractPropertiesWithPrefix);
            String propertyValue4 = getPropertyValue(str4, Constants.KEY_ALIAS, extractPropertiesWithPrefix);
            String propertyValue5 = getPropertyValue(str4, Constants.ENTITYID, extractPropertiesWithPrefix);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "trustStore: " + propertyValue);
                Tr.debug(tc, "acsUrl: " + propertyValue2);
                Tr.debug(tc, "keyStore: " + propertyValue3);
                Tr.debug(tc, "keyAlias: " + propertyValue4);
                Tr.debug(tc, "entityId: " + propertyValue5);
            }
            if (propertyValue2 == null || propertyValue2.length() < 1) {
                throw new CommandValidationException(Util.getMsg(resBundle, "security.saml.parameter.is.null.SECJ8047E", new Object[]{Constants.PARM_ACS_URL}));
            }
            X509Certificate certFromTrustStore = getCertFromTrustStore(getKeyStoreInfo(configSession, configService, propertyValue3), propertyValue4);
            IdpOrSpConfig idpOrSpConfig = new IdpOrSpConfig();
            idpOrSpConfig.writeMetadata(idpOrSpConfig.createSPSSODesc(propertyValue5, str3, bool, propertyValue2, certFromTrustStore), str);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "exportSAMLSpMetadata");
            }
            return true;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.saml.admintask.exportSAMLSpMetadata", "398");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "exportSAMLSpMetadata caught an unexpected exception", new Object[]{e});
            }
            throw new CommandException(e.getMessage());
        } catch (JAXBException e2) {
            FFDCFilter.processException(e2, "com.ibm.ws.security.saml.admintask.exportSAMLSpMetadata", "386");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "JAXBException caught an unexpected exception", new Object[]{e2});
            }
            Exception exc = (Exception) e2.getCause();
            if (exc != null) {
                throw new CommandException(exc.getMessage());
            }
            throw new CommandException(e2.getMessage());
        }
    }

    public boolean addSAMLTAISSO(AbstractAdminCommand abstractAdminCommand) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "addSAMLTAISSO");
        }
        ConfigService configService = ConfigServiceFactory.getConfigService();
        Session configSession = abstractAdminCommand.getConfigSession();
        String securityDomain = getSecurityDomain(abstractAdminCommand, configSession);
        Boolean bool = (Boolean) abstractAdminCommand.getParameter("enable");
        Integer num = (Integer) abstractAdminCommand.getParameter(Constants.PARM_SSO_ID);
        String str = (String) abstractAdminCommand.getParameter(Constants.PARM_ACS_URL);
        String str2 = (String) abstractAdminCommand.getParameter("trustStoreName");
        String str3 = (String) abstractAdminCommand.getParameter("keyStoreName");
        String str4 = (String) abstractAdminCommand.getParameter(Constants.PARM_KEY_NAME);
        String str5 = (String) abstractAdminCommand.getParameter("keyAlias");
        String str6 = (String) abstractAdminCommand.getParameter("keyPassword");
        String str7 = (String) abstractAdminCommand.getParameter("errorPage");
        String str8 = (String) abstractAdminCommand.getParameter(Constants.PARM_ID_MAP);
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "securityDomainName: " + securityDomain);
            Tr.debug(tc, "enableTai: " + bool);
            Tr.debug(tc, "ssoId: " + num);
            Tr.debug(tc, "acsUrl: " + str);
            Tr.debug(tc, "trustStore: " + str2);
            Tr.debug(tc, "keyStore: " + str3);
            Tr.debug(tc, "keyName: " + str4);
            Tr.debug(tc, "keyAlias: " + str5);
            Tr.debug(tc, "keyPassword: " + str6);
            Tr.debug(tc, "errorPage: " + str7);
            Tr.debug(tc, "idMap: " + str8);
        }
        if (str == null || str.length() < 1) {
            throw new CommandException(Util.getMsg(resBundle, "security.saml.parameter.is.null.SECJ8047E", new Object[]{Constants.PARM_ACS_URL}));
        }
        getKeyStoreInfo(configSession, configService, str2);
        validateKeyStore(configSession, configService, str3, str5);
        Map<String, String> map = null;
        try {
            map = getSamlTaiProps(configSession, configService, getSamlTaiObj(configSession, configService, securityDomain));
        } catch (Exception e) {
        }
        isElementAlreadyExist(map, str);
        configureSAMLTai(configSession, securityDomain, buildSpProps(getAvailableKey(Constants.PARM_SSO_ID, Constants.SSO, num, map) + Constants.SP, str, str2, str3, str4, str5, str6, str7, str8));
        configureTai(configSession, securityDomain, bool);
        addSecurityCustomProperties(configSession, configService, getSecurityObj(configSession, configService, securityDomain));
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "addSAMLTAISSO");
        }
        return true;
    }

    public List<?> showSAMLTAISSO(AbstractAdminCommand abstractAdminCommand) throws CommandException {
        Map<String, String> extractPropertiesWithId;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "showSAMLTAISSO ");
        }
        try {
            String str = (String) abstractAdminCommand.getParameter("securityDomainName");
            Integer num = (Integer) abstractAdminCommand.getParameter(Constants.PARM_SSO_ID);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "securityDomainName: " + str);
                Tr.debug(tc, "ssoId: " + num);
            }
            ConfigService configService = ConfigServiceFactory.getConfigService();
            Session configSession = abstractAdminCommand.getConfigSession();
            Map<String, String> samlTaiProps = getSamlTaiProps(configSession, configService, getSamlTaiObj(configSession, configService, str));
            if (num == null) {
                extractPropertiesWithId = Util.extractPropertiesWithPrefix(Constants.SSO, samlTaiProps);
                if (extractPropertiesWithId == null || extractPropertiesWithId.isEmpty()) {
                    throw new CommandValidationException(Util.getMsg(resBundle, "security.saml.tai.no.custom.property.SECJ8059E", new Object[]{"SAML TAI SSO"}));
                }
            } else {
                extractPropertiesWithId = Util.extractPropertiesWithId(Constants.PARM_SSO_ID, num, Constants.SSO, samlTaiProps);
                if (extractPropertiesWithId == null || extractPropertiesWithId.isEmpty()) {
                    throw new CommandValidationException(Util.getMsg(resBundle, "security.saml.element.id.notexistent.SECJ8041E", new Object[]{Constants.PARM_SSO_ID, num}));
                }
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "SAML TAI SSO properties: " + Util.mapToString(extractPropertiesWithId));
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "showSAMLTAISSO");
            }
            return Util.toList(extractPropertiesWithId);
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.saml.admintask.showSAMLTAISSO", "506");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "showSAMLTAISSO caught an unexpected exception", new Object[]{e});
            }
            throw new CommandException(e, e.getMessage());
        }
    }

    public List<String> deleteSAMLTAISSO(AbstractAdminCommand abstractAdminCommand) throws CommandException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "deleteSAMLTAISSO");
        }
        try {
            String str = (String) abstractAdminCommand.getParameter("securityDomainName");
            Integer num = (Integer) abstractAdminCommand.getParameter(Constants.PARM_SSO_ID);
            Boolean bool = (Boolean) abstractAdminCommand.getParameter(Constants.PARM_DELETE_SIGNING_CERT);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "ssoId: " + num);
                Tr.debug(tc, "securityDomainName: " + str);
                Tr.debug(tc, "deleteSigningCert: " + bool);
            }
            ConfigService configService = ConfigServiceFactory.getConfigService();
            Session configSession = abstractAdminCommand.getConfigSession();
            ObjectName samlTaiObj = getSamlTaiObj(configSession, configService, str);
            Map<String, String> samlTaiProps = getSamlTaiProps(configSession, configService, samlTaiObj);
            String ssokey = getSsokey(num, true, samlTaiProps);
            String propertyValue = getPropertyValue(ssokey + Constants.SP, Constants.TRUST_STORE, samlTaiProps);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "trustStore: " + propertyValue);
            }
            Map<String, String> extractPropertiesWithPrefix = Util.extractPropertiesWithPrefix(ssokey, samlTaiProps);
            if (extractPropertiesWithPrefix == null || extractPropertiesWithPrefix.isEmpty()) {
                throw new CommandValidationException(Util.getMsg(resBundle, "security.saml.element.id.notexistent.SECJ8041E", new Object[]{Constants.PARM_SSO_ID, num}));
            }
            ArrayList<?> arrayList = (ArrayList) configService.getAttribute(configSession, samlTaiObj, "trustProperties");
            KeyStoreInfo keyStoreInfo = getKeyStoreInfo(configSession, configService, propertyValue);
            boolean z = false;
            if (arrayList != null) {
                Iterator<?> it = arrayList.iterator();
                while (it.hasNext()) {
                    AttributeList attributeList = (AttributeList) it.next();
                    String str2 = (String) ConfigServiceHelper.getAttributeValue(attributeList, "name");
                    String str3 = (String) ConfigServiceHelper.getAttributeValue(attributeList, "value");
                    if (extractPropertiesWithPrefix.containsKey(str2)) {
                        configService.deleteConfigData(configSession, ConfigServiceHelper.createObjectName(attributeList));
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Deleted property name:" + str2 + " value:" + str3);
                        }
                        if (bool != null && bool.booleanValue() && str2.contains(Constants.CERT_ALIAS)) {
                            if (isALiasReferenceByOtherEntry(arrayList, str3, ssokey)) {
                                Tr.warning(tc, Util.getMsg(resBundle, "security.saml.can.not.delete.certificate.SECJ8051W", null));
                            } else {
                                deleteCertFromTrustStore(keyStoreInfo, str3);
                                z = true;
                            }
                        }
                    }
                }
            }
            if (z) {
                commitWorkspace(configSession, keyStoreInfo);
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "deleteSAMLTAISSO");
            }
            return Util.toList(extractPropertiesWithPrefix);
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.saml.admintask.deleteSamlTaiIdP", "584");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "deleteSAMLTAISSO caught an unexpected exception", new Object[]{e});
            }
            throw new CommandException(e, e.getMessage());
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    public Map<String, String> getSamlTaiProps(Session session, ConfigService configService, ObjectName objectName) throws ConfigServiceException, ConnectorException, AttributeNotFoundException, CommandValidationException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSamlTaiProps", new Object[]{objectName});
        }
        Map treeMap = new TreeMap();
        if (objectName != null) {
            treeMap = Util.toMap((ArrayList) configService.getAttribute(session, objectName, "trustProperties"));
        }
        if (treeMap == null || treeMap.isEmpty()) {
            throw new CommandValidationException(Util.getMsg(resBundle, "security.saml.tai.no.custom.property.SECJ8059E", new Object[]{"SAML TAI"}));
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSamlTaiProps", treeMap);
        }
        return treeMap;
    }

    public String buildIdpPartnerProps(IdpOrSpConfig idpOrSpConfig, String str, String str2, String str3) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "buildIdpPartnerProps");
        }
        String str4 = null;
        ArrayList arrayList = new ArrayList();
        if (idpOrSpConfig != null) {
            if (idpOrSpConfig.getSigningCert() == null) {
                Tr.warning(tc, Util.getMsg(resBundle, "security.saml.idp.signing.cert.notexistent.SECJ8060W", new Object[]{str}));
            }
            String entityId = idpOrSpConfig.getEntityId();
            if (entityId == null || entityId.length() <= 0) {
                Tr.warning(tc, Util.getMsg(resBundle, "security.saml.idp.entity.id.notexistent.SECJ8061W", new Object[]{str}));
            } else {
                arrayList.add(nameAndValueProperty(str2 + Constants.ENTITYID, entityId));
            }
            String ssoPostBindingLocation = idpOrSpConfig.getSsoPostBindingLocation();
            if (ssoPostBindingLocation == null || ssoPostBindingLocation.length() <= 0) {
                Tr.warning(tc, Util.getMsg(resBundle, "security.saml.idp.http.post.notexistent.SECJ8062W", new Object[]{str}));
            } else {
                arrayList.add(nameAndValueProperty(str2 + Constants.SINGLE_SIGNON_SERVICE_URL, ssoPostBindingLocation));
            }
            if (arrayList != null && !arrayList.isEmpty()) {
                String arrayList2 = arrayList.toString();
                str4 = arrayList2.substring(arrayList2.indexOf(WorkSpaceConstant.FIELD_SEPERATOR) + 1, arrayList2.lastIndexOf("]"));
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "buildIdpPartnerProps", str4);
        }
        return str4;
    }

    public String getSsoIdpKey(Integer num, Integer num2, Map<String, String> map) throws CommandException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSsoIdpKey", new Object[]{num, num2, map});
        }
        String str = null;
        if (map == null || map.isEmpty()) {
            throw new CommandValidationException(Util.getMsg(resBundle, "security.saml.sso.with.no.sp.SECJ8049E", new Object[]{Constants.SSO + num}));
        }
        String ssokey = getSsokey(num, true, map);
        if (ssokey != null && !ssokey.isEmpty()) {
            Map<String, String> extractPropertiesWithPrefix = Util.extractPropertiesWithPrefix(ssokey + Constants.SP, map);
            if (extractPropertiesWithPrefix == null || (extractPropertiesWithPrefix != null && extractPropertiesWithPrefix.isEmpty())) {
                throw new CommandValidationException(Util.getMsg(resBundle, "security.saml.sso.with.no.sp.SECJ8049E", new Object[]{ssokey}));
            }
            str = getAvailableKey(Constants.PARM_IDP_ID, ssokey + Constants.IDP, num2, map);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSsoIdpKey", str);
        }
        return str;
    }

    public String getSsokey(Integer num, boolean z, Map<String, String> map) throws CommandException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSsokey", new Object[]{num, map});
        }
        String str = null;
        try {
            if (num != null) {
                Map<String, String> extractPropertiesWithId = Util.extractPropertiesWithId(Constants.PARM_SSO_ID, num, Constants.SSO, map);
                if ((extractPropertiesWithId == null || extractPropertiesWithId.isEmpty()) && z) {
                    throw new CommandValidationException(Util.getMsg(resBundle, "security.saml.element.id.notexistent.SECJ8041E", new Object[]{Constants.PARM_SSO_ID, num}));
                }
                str = Constants.SSO + num.intValue();
            } else {
                Map<String, String> extractPropertiesWithPrefix = Util.extractPropertiesWithPrefix(Constants.SSO, map);
                if (extractPropertiesWithPrefix != null && !extractPropertiesWithPrefix.isEmpty()) {
                    if (!Util.isOnlyOneKey(Constants.SSO, extractPropertiesWithPrefix)) {
                        throw new CommandException(Util.getMsg(resBundle, "security.saml.sso.is.null.SECJ8048E", null));
                    }
                    str = Util.getThisKey(Constants.SSO, extractPropertiesWithPrefix);
                }
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "ssoKey: " + str);
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getSsokey", str);
            }
            return str;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.saml.admintask.getSsokey", "771");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "getSsokey caught an unexpected exception.", new Object[]{e});
            }
            throw new CommandException(e, e.getMessage());
        }
    }

    public String getAvailableKey(String str, String str2, Integer num, Map<String, String> map) throws CommandException {
        int findAvailableKeyId;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getAvailableKey", new Object[]{str2, num, map});
        }
        try {
            if (num != null) {
                Map<String, String> extractPropertiesWithId = Util.extractPropertiesWithId(str, num, str2, map);
                if (extractPropertiesWithId != null && !extractPropertiesWithId.isEmpty()) {
                    throw new CommandException(Util.getMsg(resBundle, "security.saml.element.id.notavailable.SECJ8040E", new Object[]{str2, num}));
                }
                findAvailableKeyId = num.intValue();
            } else {
                findAvailableKeyId = Util.findAvailableKeyId(str2, Util.getKeyIdMap(str2, map));
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "resolve idpId: " + findAvailableKeyId);
            }
            String str3 = str2 + findAvailableKeyId;
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getAvailableKey", str3);
            }
            return str3;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.saml.admintask.getIdpKey", "804");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "getAvailableKey caught an unexpected exception.", new Object[]{e});
            }
            throw new CommandException(e, e.getMessage());
        }
    }

    public ObjectName getSecurityObj(Session session, ConfigService configService, String str) throws Exception {
        ObjectName secDomain = str != null ? SecConfigTaskHelper.getSecDomain(session, configService, str) : SecConfigTaskHelper.getSecurityObjectName(session, configService);
        if (secDomain == null) {
            throw new CommandValidationException(Util.getMsg(resBundle, "security.admintask.config.does.not.exist.SECJ7702E", new Object[]{str}));
        }
        return secDomain;
    }

    public ObjectName getSamlTaiObj(Session session, ConfigService configService, String str) throws CommandException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSamlTaiObj", new Object[]{str});
        }
        ObjectName objectName = null;
        try {
            ObjectName securityObj = getSecurityObj(session, configService, str);
            ObjectName[] queryConfigObjects = configService.queryConfigObjects(session, securityObj, ConfigServiceHelper.createObjectName((ConfigDataId) null, "TAInterceptor"), null);
            if (queryConfigObjects != null && queryConfigObjects.length > 0) {
                int i = 0;
                while (true) {
                    if (i >= queryConfigObjects.length) {
                        break;
                    }
                    if (((String) configService.getAttribute(session, queryConfigObjects[i], "interceptorClassName")).equals(Constants.SAML_TAI_CLASS_NAME)) {
                        objectName = queryConfigObjects[i];
                        break;
                    }
                    i++;
                }
            }
            if (objectName == null) {
                throw new CommandException(Util.getMsg(resBundle, "security.saml.tai.notexist.SECJ8044E", null));
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "securityObj: " + securityObj);
                Tr.debug(tc, "samlTai: " + objectName);
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getSamlTaiObj");
            }
            return objectName;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.saml.admintask.getSamlTaiObj", "866");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "getSamlTaiObj caught an unexpected exception.", new Object[]{e});
            }
            throw new CommandException(e, e.getMessage());
        }
    }

    public String importCertToTrustStore(KeyStoreInfo keyStoreInfo, X509Certificate x509Certificate, String str) throws CommandException {
        return importCertToTrustStore(keyStoreInfo, x509Certificate, str, new WSKeyStoreHelper(keyStoreInfo));
    }

    public String importCertToTrustStore(KeyStoreInfo keyStoreInfo, X509Certificate x509Certificate, String str, WSKeyStoreHelper wSKeyStoreHelper) throws CommandException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "importCertToTrustStore", new Object[]{x509Certificate, str});
        }
        if (x509Certificate == null) {
            return null;
        }
        if (keyStoreInfo != null && keyStoreInfo.getReadOnly().booleanValue()) {
            throw new CommandValidationException(TraceNLSHelper.getInstance().getFormattedMessage("ssl.command.readonly.keystore.CWPKI0699E", new Object[]{keyStoreInfo.getName()}, keyStoreInfo.getName() + " is marked as a read only key store.  Unable to perform write operations to the key store file."));
        }
        if (str != null) {
            try {
                if (str.length() != 0) {
                    String signerCertOverwrite = wSKeyStoreHelper.setSignerCertOverwrite(str, x509Certificate);
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "newSignCertAlias: " + signerCertOverwrite);
                    }
                    if (!signerCertOverwrite.equalsIgnoreCase(str)) {
                        Tr.info(tc, Util.getMsg(resBundle, "security.saml.existing.cert.alias.is.used.SECJ8052I", new Object[]{signerCertOverwrite}));
                    }
                    if (tc.isEntryEnabled()) {
                        Tr.exit(tc, "importCertToTrustStore", signerCertOverwrite);
                    }
                    return signerCertOverwrite;
                }
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.saml.admintask.SamlCommandProviderImpl.importCertToTrustStore", "926");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "importCertToTrustStore caught an unexpected exception.", new Object[]{e});
                }
                throw new CommandException(e.getMessage());
            }
        }
        throw new CommandException(Util.getMsg(resBundle, "security.saml.parameter.is.null.SECJ8047E", new Object[]{Constants.PARM_SIGNING_CERT_ALIAS}));
    }

    public X509Certificate getCertFromTrustStore(KeyStoreInfo keyStoreInfo, String str) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getCertFromTrustStore", new Object[]{str});
        }
        X509Certificate x509Certificate = null;
        if (keyStoreInfo != null && str != null) {
            x509Certificate = new WSKeyStoreHelper(keyStoreInfo).getSigner(str);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getCertFromTrustStore", x509Certificate);
        }
        return x509Certificate;
    }

    public void deleteCertFromTrustStore(KeyStoreInfo keyStoreInfo, String str) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "deleteCertFromTrustStore", new Object[]{str});
        }
        if (str == null || str.length() == 0) {
            throw new CommandException(Util.getMsg(resBundle, "security.saml.parameter.is.null.SECJ8047E", new Object[]{Constants.PARM_SIGNING_CERT_ALIAS}));
        }
        if (keyStoreInfo != null && keyStoreInfo.getReadOnly().booleanValue()) {
            throw new CommandValidationException(TraceNLSHelper.getInstance().getFormattedMessage("ssl.command.readonly.keystore.CWPKI0699E", new Object[]{keyStoreInfo.getName()}, keyStoreInfo.getName() + " is marked as a read only key store.  Unable to perform write operations to the key store file."));
        }
        if (keyStoreInfo != null) {
            new WSKeyStoreHelper(keyStoreInfo).deleteCertificate(str);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "deleteCertFromTrustStore");
        }
    }

    public KeyStoreInfo getKeyStoreInfo(Session session, ConfigService configService, String str) throws CommandException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getKeyStoreInfo", new Object[]{str});
        }
        try {
            CommandHelper commandHelper = new CommandHelper();
            String defaultScope = commandHelper.defaultScope();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Default cell scopeName: " + defaultScope);
            }
            if (str == null || str.length() == 0) {
                str = commandHelper.getDefaultKeyStoreName(com.ibm.ws.ssl.core.Constants.DEFAULT_TRUST_STORE, session, configService);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Default trustStore: " + str);
                }
            }
            KeyStoreInfo ksInfo = PersonalCertificateHelper.getKsInfo(session, configService, str, defaultScope);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getKeyStoreInfo");
            }
            return ksInfo;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.saml.admintask.SamlCommandProviderImpl.deleteCertFromTrustStore", "1023");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "getKeyStoreInfo caught an unexpected exception.", new Object[]{e});
            }
            throw new CommandException(e.getMessage());
        }
    }

    public void commitWorkspace(Session session, KeyStoreInfo keyStoreInfo) throws CommandException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "commitWorkspace");
        }
        if (keyStoreInfo != null) {
            try {
                PersonalCertificateHelper.markSSLConfigChanged(keyStoreInfo, session);
                if (keyStoreInfo.getFileBased().booleanValue()) {
                    PersonalCertificateHelper.setWorkspaceUpdated(session, keyStoreInfo.getLocation());
                }
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.saml.admintask.SamlCommandProviderImpl.commitWorkspace", "1046");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "commitWorkspace caught an unexpected exception.", new Object[]{e});
                }
                throw new CommandException(e.getMessage());
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "commitWorkspace");
        }
    }

    public void isElementAlreadyExist(Map<String, String> map, String str) throws CommandException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isElementAlreadyExist", new Object[]{map, str});
        }
        if (map != null && map.containsValue(str)) {
            throw new CommandException(Util.getMsg(resBundle, "security.saml.idp.element.already.exist.SECJ8043E", new Object[]{str}));
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "isElementAlreadyExist");
        }
    }

    public boolean isALiasReferenceByOtherEntry(ArrayList<?> arrayList, String str, String str2) throws AttributeNotFoundException, ConfigServiceException, ConnectorException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isALiasReferenceByOtherEntry");
        }
        boolean z = false;
        int i = 0;
        if (arrayList != null) {
            Iterator<?> it = arrayList.iterator();
            while (it.hasNext()) {
                AttributeList attributeList = (AttributeList) it.next();
                String str3 = (String) ConfigServiceHelper.getAttributeValue(attributeList, "name");
                String str4 = (String) ConfigServiceHelper.getAttributeValue(attributeList, "value");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Property name:" + str3 + " value:" + str4);
                }
                if (str3.contains(Constants.CERT_ALIAS) && str4.equalsIgnoreCase(str) && (str2 == null || (str2 != null && !str3.startsWith(str2)))) {
                    i++;
                }
            }
        }
        if (i > 1) {
            z = true;
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "isALiasReferenceByOtherEntry", Boolean.valueOf(z));
        }
        return z;
    }

    public String nameAndValueProperty(String str, String str2) {
        String str3 = null;
        StringBuffer stringBuffer = new StringBuffer();
        if (str != null && str2 != null) {
            stringBuffer.append("\"");
            stringBuffer.append(str);
            stringBuffer.append("=");
            stringBuffer.append(str2);
            stringBuffer.append("\"");
            str3 = stringBuffer.toString();
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "nameAndValueProperty", str3);
        }
        return str3;
    }

    public String getPropertyValue(String str, String str2, Map<String, String> map) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getPropertyValue", new Object[]{str, str2, map});
        }
        String str3 = null;
        if (str != null && str.length() > 0 && str2 != null && str2.length() > 0 && map != null && !map.isEmpty()) {
            String str4 = str + str2;
            Iterator<Map.Entry<String, String>> it = map.entrySet().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                Map.Entry<String, String> next = it.next();
                String key = next.getKey();
                if (key != null && key.equalsIgnoreCase(str4)) {
                    str3 = next.getValue();
                    break;
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getPropertyValue", new Object[]{str3});
        }
        return str3;
    }

    /* JADX WARN: Code restructure failed: missing block: B:20:0x0013, code lost:
    
        if (r0.length() < 1) goto L7;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private java.lang.String getSecurityDomain(com.ibm.websphere.management.cmdframework.provider.AbstractAdminCommand r8, com.ibm.websphere.management.Session r9) throws com.ibm.websphere.management.cmdframework.InvalidParameterNameException {
        /*
            r7 = this;
            r0 = r8
            java.lang.String r1 = "securityDomainName"
            java.lang.Object r0 = r0.getParameter(r1)
            java.lang.String r0 = (java.lang.String) r0
            r10 = r0
            r0 = r10
            if (r0 == 0) goto L16
            r0 = r10
            int r0 = r0.length()     // Catch: java.lang.Exception -> L8f
            r1 = 1
            if (r0 >= r1) goto L8c
        L16:
            com.ibm.websphere.management.cmdframework.CommandMgr r0 = com.ibm.websphere.management.cmdframework.CommandMgr.getCommandMgr()     // Catch: java.lang.Exception -> L8f
            r11 = r0
            r0 = r11
            java.lang.String r1 = "listSecurityDomains"
            com.ibm.websphere.management.cmdframework.AdminCommand r0 = r0.createCommand(r1)     // Catch: java.lang.Exception -> L8f
            r12 = r0
            r0 = r12
            r1 = r9
            r0.setConfigSession(r1)     // Catch: java.lang.Exception -> L8f
            r0 = r12
            r0.execute()     // Catch: java.lang.Exception -> L8f
            r0 = r12
            com.ibm.websphere.management.cmdframework.CommandResult r0 = r0.getCommandResult()     // Catch: java.lang.Exception -> L8f
            r13 = r0
            r0 = r13
            boolean r0 = r0.isSuccessful()     // Catch: java.lang.Exception -> L8f
            if (r0 == 0) goto L68
            r0 = r13
            java.lang.Object r0 = r0.getResult()     // Catch: java.lang.Exception -> L8f
            if (r0 == 0) goto L8c
            java.util.ResourceBundle r0 = com.ibm.ws.security.saml.admintask.SamlCommandProviderImpl.resBundle     // Catch: java.lang.Exception -> L8f
            java.lang.String r1 = "security.saml.at.global.security.SECJ8057W"
            r2 = 0
            java.lang.String r0 = com.ibm.ws.security.saml.admintask.Util.getMsg(r0, r1, r2)     // Catch: java.lang.Exception -> L8f
            r14 = r0
            com.ibm.ejs.ras.TraceComponent r0 = com.ibm.ws.security.saml.admintask.SamlCommandProviderImpl.tc     // Catch: java.lang.Exception -> L8f
            r1 = r14
            com.ibm.ejs.ras.Tr.warning(r0, r1)     // Catch: java.lang.Exception -> L8f
            goto L8c
        L68:
            r0 = r13
            java.lang.Throwable r0 = r0.getException()     // Catch: java.lang.Exception -> L8f
            r14 = r0
            com.ibm.ejs.ras.TraceComponent r0 = com.ibm.ws.security.saml.admintask.SamlCommandProviderImpl.tc     // Catch: java.lang.Exception -> L8f
            boolean r0 = r0.isDebugEnabled()     // Catch: java.lang.Exception -> L8f
            if (r0 == 0) goto L8c
            com.ibm.ejs.ras.TraceComponent r0 = com.ibm.ws.security.saml.admintask.SamlCommandProviderImpl.tc     // Catch: java.lang.Exception -> L8f
            java.lang.String r1 = "listSecurityDomains command failed"
            r2 = 1
            java.lang.Object[] r2 = new java.lang.Object[r2]     // Catch: java.lang.Exception -> L8f
            r3 = r2
            r4 = 0
            r5 = r14
            r3[r4] = r5     // Catch: java.lang.Exception -> L8f
            com.ibm.ejs.ras.Tr.debug(r0, r1, r2)     // Catch: java.lang.Exception -> L8f
        L8c:
            goto L91
        L8f:
            r11 = move-exception
        L91:
            r0 = r10
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.ws.security.saml.admintask.SamlCommandProviderImpl.getSecurityDomain(com.ibm.websphere.management.cmdframework.provider.AbstractAdminCommand, com.ibm.websphere.management.Session):java.lang.String");
    }

    private void configureTai(Session session, String str, Boolean bool) throws CommandNotFoundException, CommandException, ConnectorException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "configureTai");
        }
        AdminCommand createCommand = CommandMgr.getCommandMgr().createCommand("configureTrustAssociation");
        createCommand.setParameter("securityDomainName", str);
        createCommand.setParameter("enable", bool);
        createCommand.setConfigSession(session);
        createCommand.execute();
        CommandResult commandResult = createCommand.getCommandResult();
        if (commandResult.isSuccessful()) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "configureTai");
            }
        } else {
            Throwable exception = commandResult.getException();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Enable TAI failed", new Object[]{exception});
            }
            Tr.error(tc, "Enable TAI failed", new Object[]{exception.getMessage()});
            throw new CommandValidationException(exception.getMessage());
        }
    }

    private void configureSAMLTai(Session session, String str, String str2) throws CommandNotFoundException, CommandException, ConnectorException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "configureSAMLTai");
        }
        AdminCommand createCommand = CommandMgr.getCommandMgr().createCommand("configureInterceptor");
        createCommand.setParameter("securityDomainName", str);
        createCommand.setParameter("interceptor", Constants.SAML_TAI_CLASS_NAME);
        createCommand.setParameter(CommonConstants.CUSTOM_PROPERTIES, str2);
        createCommand.setConfigSession(session);
        createCommand.execute();
        CommandResult commandResult = createCommand.getCommandResult();
        if (commandResult.isSuccessful()) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "configureSAMLTai");
            }
        } else {
            Throwable exception = commandResult.getException();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Configure SAML TAI failed", new Object[]{exception});
            }
            Tr.error(tc, "Configure SAML TAI failed", new Object[]{exception.getMessage()});
            throw new CommandValidationException(exception.getMessage());
        }
    }

    private void addSecurityCustomProperties(Session session, ConfigService configService, ObjectName objectName) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "addSecurityCustomProperties");
        }
        addSecurityCustomProperty(session, configService, objectName, "com.ibm.websphere.security.InvokeTAIbeforeSSO");
        addSecurityCustomProperty(session, configService, objectName, "com.ibm.websphere.security.DeferTAItoSSO");
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "addSecurityCustomProperties");
        }
    }

    private void addSecurityCustomProperty(Session session, ConfigService configService, ObjectName objectName, String str) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "addSecurityCustomProperty", new Object[]{objectName, str});
        }
        ArrayList arrayList = new ArrayList();
        String str2 = (String) SecConfigTaskHelper.getPropertyValue(session, configService, objectName, "properties", str);
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "propertyValue: " + str2);
        }
        if (str2 == null || str2.length() == 0) {
            arrayList.add(nameAndValueProperty(str, Constants.SAML_TAI_CLASS_NAME));
        } else if (!str2.contains(Constants.SAML_TAI_CLASS_NAME)) {
            arrayList.add(nameAndValueProperty(str, str2 + "," + Constants.SAML_TAI_CLASS_NAME));
        }
        if (arrayList.size() > 0) {
            String arrayList2 = arrayList.toString();
            String substring = arrayList2.substring(arrayList2.indexOf(WorkSpaceConstant.FIELD_SEPERATOR) + 1, arrayList2.lastIndexOf("]"));
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "propValueString: " + substring);
            }
            SecConfigTaskHelper.addCustomProperties(session, configService, objectName, substring);
        }
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "addSecurityCustomProperty");
        }
    }

    public String buildSpProps(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, String str9) throws CommandException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "buildSpProps", new Object[]{str, str2, str3, str4, str5, str6, str7, str8});
        }
        String str10 = null;
        try {
            ArrayList arrayList = new ArrayList();
            if (str2 == null || str2.length() <= 0) {
                throw new CommandValidationException(Util.getMsg(resBundle, "security.saml.parameter.is.null.SECJ8047E", new Object[]{Constants.ACS_URL}));
            }
            Util.isValidURL(str2);
            arrayList.add(nameAndValueProperty(str + Constants.ACS_URL, str2));
            if (str3 != null && str3.length() > 0) {
                arrayList.add(nameAndValueProperty(str + Constants.TRUST_STORE, str3));
            }
            if (str4 != null && str4.length() > 0) {
                arrayList.add(nameAndValueProperty(str + Constants.KEY_STORE, str4));
            }
            if (str5 != null && str5.length() > 0) {
                arrayList.add(nameAndValueProperty(str + Constants.KEY_NAME, str5));
            }
            if (str6 != null && str6.length() > 0) {
                arrayList.add(nameAndValueProperty(str + Constants.KEY_ALIAS, str6));
            }
            if (str7 != null && str7.length() > 0) {
                arrayList.add(nameAndValueProperty(str + Constants.KEY_PASSWORD, PasswordUtil.encode(str7)));
            }
            if (str8 != null && str8.length() > 0) {
                Util.isValidURL(str8);
                arrayList.add(nameAndValueProperty(str + Constants.LOGIN_ERROR_PAGE, str8));
            }
            if (str9 != null && str9.length() > 0) {
                if (!str9.equalsIgnoreCase(Constants.ID_ASSERTION) && !str9.equalsIgnoreCase(Constants.LOCAL_REAL) && !str9.equalsIgnoreCase(Constants.LOCAL_REAL_THEN_ASSERTION)) {
                    throw new CommandValidationException(Util.getMsg(resBundle, "security.saml.invalid.id.map.SECJ8058E", new Object[]{str9}));
                }
                arrayList.add(nameAndValueProperty(str + Constants.ID_MAP, str9));
            }
            if (arrayList != null && !arrayList.isEmpty()) {
                String arrayList2 = arrayList.toString();
                str10 = arrayList2.substring(arrayList2.indexOf(WorkSpaceConstant.FIELD_SEPERATOR) + 1, arrayList2.lastIndexOf("]"));
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "buildSpProps", str10);
            }
            return str10;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.saml.admintask.buildSpProps", "1302");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "buildSpProps caught an unexpected exception", new Object[]{e});
            }
            throw new CommandException(e, e.getMessage());
        }
    }

    private void validateKeyStore(Session session, ConfigService configService, String str, String str2) throws CommandException, ConnectorException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "validateKeyStore", new Object[]{str, str2});
        }
        if (str != null && (str2 == null || str2.length() == 0)) {
            throw new CommandValidationException(Util.getMsg(resBundle, "security.saml.parameter.is.null.SECJ8047E", new Object[]{"keyAlias"}));
        }
        if ((str == null || str.length() == 0) && str2 != null) {
            throw new CommandValidationException(Util.getMsg(resBundle, "security.saml.parameter.is.null.SECJ8047E", new Object[]{"keyStoreName"}));
        }
        if (str != null && str2 != null) {
            AdminCommand createCommand = CommandMgr.getCommandMgr().createCommand("getCertificate");
            createCommand.setParameter("keyStoreName", str);
            createCommand.setParameter("certificateAlias", str2);
            createCommand.setConfigSession(session);
            createCommand.execute();
            CommandResult commandResult = createCommand.getCommandResult();
            if (!commandResult.isSuccessful()) {
                Throwable exception = commandResult.getException();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "getCertificate failed", new Object[]{exception});
                }
                Tr.error(tc, "getCertificate failed", new Object[]{exception.getMessage()});
                throw new CommandValidationException(exception.getMessage());
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "validateKeyStore");
        }
    }
}
