package com.ibm.ws.security.token;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.security.auth.WSLoginFailedException;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.config.SecurityObjectLocator;
import com.ibm.ws.security.core.ContextManager;
import com.ibm.ws.security.core.ContextManagerFactory;
import com.ibm.ws.security.ltpa.LTPAServerObject;
import com.ibm.ws.security.util.AccessController;
import com.ibm.wsspi.security.ltpa.Token;
import com.ibm.wsspi.security.token.AttributeNameConstants;
import com.ibm.wsspi.security.token.SingleSignonToken;
import java.security.PrivilegedAction;

/* loaded from: input_file:com/ibm/ws/security/token/SingleSignonTokenImpl.class */
public class SingleSignonTokenImpl extends AbstractTokenImpl implements SingleSignonToken {
    private Token token = null;
    private LTPAServerObject ltpaServer = null;
    private ContextManager contextManager = null;
    private String name = AttributeNameConstants.WSSSOTOKEN_NAME;
    private short version = 2;
    private static final TraceComponent tc = Tr.register(SingleSignonTokenImpl.class, (String) null, "com.ibm.ejs.resources.security");
    private static String factoryClass = null;

    public SingleSignonTokenImpl() {
        if (factoryClass == null) {
            factoryClass = SecurityObjectLocator.getSecurityConfig().getProperty("com.ibm.wsspi.security.token.singleSignonTokenFactory");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "factoryClass:" + factoryClass);
            }
        }
    }

    public void initializeToken(byte[] bArr) throws WSLoginFailedException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "initializeToken(byte[])", "_ssoToken=" + bArr);
        }
        initializeToken(bArr, false);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "initializeToken(byte[])");
        }
    }

    public void initializeToken(byte[] bArr, boolean z) throws WSLoginFailedException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "initializeToken(byte[],boolean)", new Object[]{"_ssoToken=" + bArr, "refreshIfExpired=" + z});
        }
        try {
            this.ltpaServer = LTPAServerObject.getLTPAServer();
            this.contextManager = ContextManagerFactory.getInstance();
            this.token = null;
            if (factoryClass != null) {
                try {
                    this.token = this.ltpaServer.validateToken(bArr, factoryClass, z);
                } catch (Exception e) {
                    Tr.debug(tc, "Exception validating sso token by using factoryClass.", new Object[]{e});
                }
            }
            if (this.token == null) {
                this.token = this.ltpaServer.validateToken(bArr, z);
            }
            final Token token = this.token;
            AccessController.doPrivileged(new PrivilegedAction() { // from class: com.ibm.ws.security.token.SingleSignonTokenImpl.1
                @Override // java.security.PrivilegedAction
                public Object run() {
                    SingleSignonTokenImpl.this.setToken(token);
                    return null;
                }
            });
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "initializeToken(byte[],boolean)");
            }
        } catch (WSLoginFailedException e2) {
            FFDCFilter.processException(e2, "com.ibm.ws.security.token.SingleSignonTokenImpl.initializeToken", "104", this);
            Tr.debug(tc, "Exception validating LTPA token.", new Object[]{e2});
            this.contextManager.setRootException(e2);
            throw e2;
        } catch (Exception e3) {
            FFDCFilter.processException(e3, "com.ibm.ws.security.token.SingleSignonTokenImpl.initializeToken", "111", this);
            Tr.debug(tc, "Exception validating LTPA token.", new Object[]{e3});
            this.contextManager.setRootException(e3);
            throw new WSLoginFailedException(e3.getMessage(), e3);
        }
    }

    public void initializeToken(Token token) throws WSLoginFailedException {
        this.token = token;
        final Token token2 = this.token;
        AccessController.doPrivileged(new PrivilegedAction() { // from class: com.ibm.ws.security.token.SingleSignonTokenImpl.2
            @Override // java.security.PrivilegedAction
            public Object run() {
                SingleSignonTokenImpl.this.setToken(token2);
                return null;
            }
        });
    }

    @Override // com.ibm.ws.security.token.AbstractTokenImpl, com.ibm.wsspi.security.token.Token
    public String getName() {
        return this.name;
    }

    @Override // com.ibm.ws.security.token.AbstractTokenImpl, com.ibm.wsspi.security.token.Token
    public short getVersion() {
        return this.version;
    }

    @Override // com.ibm.ws.security.token.AbstractTokenImpl, com.ibm.wsspi.security.token.Token
    public Object clone() {
        try {
            SingleSignonTokenImpl singleSignonTokenImpl = new SingleSignonTokenImpl();
            this.token = (Token) AccessController.doPrivileged(new PrivilegedAction() { // from class: com.ibm.ws.security.token.SingleSignonTokenImpl.3
                @Override // java.security.PrivilegedAction
                public Object run() {
                    return SingleSignonTokenImpl.this.getToken();
                }
            });
            singleSignonTokenImpl.initializeToken((Token) this.token.clone());
            return singleSignonTokenImpl;
        } catch (Exception e) {
            Tr.debug(tc, "Exception creating clone of single signon token.", new Object[]{e});
            FFDCFilter.processException(e, "com.ibm.ws.security.token.SingleSignonToken.clone", "178");
            return null;
        }
    }
}
