package com.ibm.ws.security.token.ltpa.internal;

import com.ibm.ejs.ras.TraceNLS;
import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.InjectedTrace;
import com.ibm.websphere.ras.annotation.Sensitive;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.ras.annotation.TraceOptions;
import com.ibm.websphere.security.auth.InvalidTokenException;
import com.ibm.websphere.security.auth.TokenCreationFailedException;
import com.ibm.websphere.security.auth.TokenExpiredException;
import com.ibm.ws.security.authentication.AuthenticationConstants;
import com.ibm.wsspi.security.ltpa.Token;
import com.ibm.wsspi.security.ltpa.TokenFactory;
import java.util.Map;
import org.apache.bcel.Constants;

@TraceOptions(traceGroups = {"Token"}, traceGroup = "", messageBundle = TraceConstants.MESSAGE_BUNDLE, traceExceptionThrow = false, traceExceptionHandling = false)
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:resources/server_runtime/lib/com.ibm.ws.security.token.ltpa_1.0.1.jar:com/ibm/ws/security/token/ltpa/internal/LTPAToken2Factory.class */
public class LTPAToken2Factory implements TokenFactory {
    private static final TraceComponent tc = Tr.register(LTPAToken2Factory.class);
    private long expirationInMinutes;
    private byte[] sharedKey;
    private LTPAPublicKey publicKey;
    private LTPAPrivateKey privateKey;
    static final long serialVersionUID = 8718196211720514953L;

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    public LTPAToken2Factory() {
    }

    @Override // com.ibm.wsspi.security.ltpa.TokenFactory
    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    public void initialize(@Sensitive Map map) {
        this.expirationInMinutes = ((Long) map.get(LTPAConfiguration.CFG_KEY_TOKEN_EXPIRATION)).longValue();
        this.sharedKey = (byte[]) map.get("ltpa_shared_key");
        this.publicKey = (LTPAPublicKey) map.get("ltpa_public_key");
        this.privateKey = (LTPAPrivateKey) map.get("ltpa_private_key");
    }

    @Override // com.ibm.wsspi.security.ltpa.TokenFactory
    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    public Token createToken(Map map) throws TokenCreationFailedException {
        return new LTPAToken2(getUniqueId(map), this.expirationInMinutes, this.sharedKey, this.privateKey, this.publicKey);
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    private String getUniqueId(Map map) throws TokenCreationFailedException {
        String str = (String) map.get(AuthenticationConstants.UNIQUE_ID);
        if (str != null && str.length() != 0) {
            return str;
        }
        Tr.error(tc, "LTPA_TOKEN_SERVICE_INVALID_UNIQUE_ID", new Object[0]);
        throw new TokenCreationFailedException(TraceNLS.getFormattedMessage(getClass(), com.ibm.ws.security.token.internal.TraceConstants.MESSAGE_BUNDLE, "LTPA_TOKEN_SERVICE_INVALID_UNIQUE_ID", new Object[0], "CWWKS4101E: There is no unique ID with which to create the token."));
    }

    @Override // com.ibm.wsspi.security.ltpa.TokenFactory
    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    public Token validateTokenBytes(byte[] bArr) throws InvalidTokenException, TokenExpiredException {
        return new LTPAToken2(bArr, this.sharedKey, this.privateKey, this.publicKey);
    }

    static {
        if (TraceComponent.isAnyTracingEnabled() && tc != null && tc.isEntryEnabled()) {
            Tr.entry(tc, Constants.STATIC_INITIALIZER_NAME, new Object[0]);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc != null && tc.isEntryEnabled()) {
            Tr.exit(tc, Constants.STATIC_INITIALIZER_NAME);
        }
    }
}
