package com.ibm.ws.security.token;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ws.security.auth.kerberos.Krb5Utils;
import com.ibm.ws.security.jaspi.commands.AdminConstants;
import com.ibm.ws.security.token.util.ObjectOutputInputUtil;
import com.ibm.ws.wssecurity.platform.websphere.token.KRBTicket;
import com.ibm.wsspi.security.token.AuthenticationToken;
import com.ibm.wsspi.wssecurity.platform.token.KRBAuthnToken;
import com.ibm.wsspi.wssecurity.platform.token.KRBAuthnTokenFactory;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.ObjectInput;
import java.io.ObjectInputStream;
import java.io.ObjectOutput;
import java.io.ObjectOutputStream;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.Date;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.kerberos.KerberosTicket;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSManager;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.Oid;

/* loaded from: input_file:lib/com.ibm.ws.runtime.jar:com/ibm/ws/security/token/KRBAuthnTokenImpl.class */
public class KRBAuthnTokenImpl implements KRBAuthnToken, AuthenticationToken, KRBTicket {
    private static final long serialVersionUID = 1;
    private static final short VERSION = 1;
    private static final String VERSION_NUMBER = "1.0";
    private static final String KRB5_OID = "1.2.840.113554.1.2.2";
    private static final TraceComponent tc = Tr.register((Class<?>) KRBAuthnTokenImpl.class, "Security", AdminConstants.MSG_BUNDLE_NAME);
    private static GSSManager gssMgr = null;
    private short version;
    private byte[] tokenBytes;
    private String uniqueId;
    private String kpn;
    private String realm;
    private KerberosTicket tgt;
    private GSSCredential gssCred;
    private Long expiration;
    private String tokenName;
    private boolean isReadOnly;
    private boolean readOnly;
    private Date renewTill;
    private Hashtable<String, String> kData;
    private String identifier;
    private boolean isAddressless;
    private boolean isForwardable;
    private boolean isRenewable;
    private int credType;
    private byte[] apReqBytes;

    public KRBAuthnTokenImpl() {
        this.version = (short) 1;
        this.tokenBytes = null;
        this.uniqueId = null;
        this.kpn = null;
        this.realm = null;
        this.tgt = null;
        this.gssCred = null;
        this.expiration = 0L;
        this.tokenName = KRBAuthnTokenImpl.class.getName();
        this.isReadOnly = false;
        this.renewTill = null;
        this.kData = null;
        this.identifier = null;
        this.isAddressless = false;
        this.isForwardable = false;
        this.isRenewable = false;
        this.credType = 0;
        this.apReqBytes = null;
    }

    public KRBAuthnTokenImpl(byte[] bArr) {
        this.version = (short) 1;
        this.tokenBytes = null;
        this.uniqueId = null;
        this.kpn = null;
        this.realm = null;
        this.tgt = null;
        this.gssCred = null;
        this.expiration = 0L;
        this.tokenName = KRBAuthnTokenImpl.class.getName();
        this.isReadOnly = false;
        this.renewTill = null;
        this.kData = null;
        this.identifier = null;
        this.isAddressless = false;
        this.isForwardable = false;
        this.isRenewable = false;
        this.credType = 0;
        this.apReqBytes = null;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "KRBAuthnTokenImpl(TokenBytes)... ", bArr);
        }
        this.tokenBytes = bArr;
        if (this.tokenBytes != null && this.tokenBytes.length > 0) {
            try {
                readExternal(new ObjectInputStream(new ByteArrayInputStream(this.tokenBytes)));
            } catch (Exception e) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "KRBAuthnTokenImpl(TokenBytes) unexpected exception: " + e.getMessage());
                }
                e.printStackTrace();
                throw new RuntimeException(e.getMessage());
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "KRBAuthnTokenImpl(TokenBytes)", this);
        }
    }

    public KRBAuthnTokenImpl(Map map) {
        int indexOf;
        this.version = (short) 1;
        this.tokenBytes = null;
        this.uniqueId = null;
        this.kpn = null;
        this.realm = null;
        this.tgt = null;
        this.gssCred = null;
        this.expiration = 0L;
        this.tokenName = KRBAuthnTokenImpl.class.getName();
        this.isReadOnly = false;
        this.renewTill = null;
        this.kData = null;
        this.identifier = null;
        this.isAddressless = false;
        this.isForwardable = false;
        this.isRenewable = false;
        this.credType = 0;
        this.apReqBytes = null;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "KRBAuthnTokenImpl(map): ", map);
        }
        this.kpn = (String) map.get(KRBAuthnTokenFactory.PRINCIPAL_NAME);
        this.tgt = (KerberosTicket) map.get(KRBAuthnTokenFactory.KERBEROS_TICKET);
        this.gssCred = (GSSCredential) map.get(KRBAuthnTokenFactory.GSS_CREDENTIAL);
        this.realm = (String) map.get(KRBAuthnTokenFactory.REALM_NAME);
        Long l = (Long) map.get(KRBAuthnTokenFactory.EXPIRATION_TIME);
        if (l != null) {
            this.expiration = Long.valueOf(l.longValue());
        }
        if (this.tgt != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "KRBAuthnTokenImpl(map) TGT: " + (this.tgt != null ? "<not null>" : "<null>"));
            }
            if (this.kpn == null) {
                this.kpn = this.tgt.getClient().toString();
            }
            if (!map.containsKey(KRBAuthnTokenFactory.EXPIRATION_TIME)) {
                this.expiration = Long.valueOf(this.tgt.getEndTime().getTime());
            }
            this.renewTill = this.tgt.getRenewTill();
            this.isAddressless = this.tgt.getClientAddresses() == null;
            this.isForwardable = this.tgt.isForwardable();
            this.isRenewable = this.tgt.isRenewable();
        } else if (this.gssCred != null) {
            try {
                if (this.kpn == null) {
                    this.kpn = this.gssCred.getName().toString();
                }
            } catch (Exception e) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "KRBAuthnTokenImpl(map) unexpected exception", e);
                }
                e.printStackTrace();
                throw new RuntimeException(e.getMessage());
            }
        }
        if (this.gssCred != null) {
            try {
                long remainingLifetime = (this.gssCred.getRemainingLifetime() * 1000) + System.currentTimeMillis();
                if (remainingLifetime < this.expiration.longValue() || this.expiration.longValue() == 0) {
                    this.expiration = Long.valueOf(remainingLifetime);
                }
            } catch (Exception e2) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "KRBAuthnTokenImpl(map) unexpected GSSException", e2);
                }
                e2.printStackTrace();
                throw new RuntimeException(e2.getMessage());
            }
        }
        if (this.realm == null && this.kpn != null && (indexOf = this.kpn.indexOf("@")) != -1) {
            this.realm = this.kpn.substring(indexOf + 1, this.kpn.length());
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "KRBAuthnTokenImpl(map)", this);
        }
    }

    public GSSCredential getGSSCredential() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getGSSCredential");
        }
        if (this.tgt != null) {
            try {
                this.gssCred = getGSSCredential(this.tgt);
            } catch (Exception e) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "getGSSCredential unexpected exception", e);
                }
                e.printStackTrace();
                throw new RuntimeException(e.getMessage());
            }
        }
        if (tc.isDebugEnabled()) {
            if (this.gssCred != null) {
                Tr.debug(tc, "this.gssCred = " + this.gssCred.toString());
            } else {
                Tr.debug(tc, "this.gssCred = null");
                if (this.tgt == null) {
                    Tr.debug(tc, "this.tgt = null");
                }
            }
        }
        return this.gssCred;
    }

    private GSSCredential getGSSCredential(final KerberosTicket kerberosTicket) throws PrivilegedActionException {
        Subject subject = new Subject();
        subject.getPrivateCredentials().add(kerberosTicket);
        return (GSSCredential) Subject.doAs(subject, new PrivilegedExceptionAction() { // from class: com.ibm.ws.security.token.KRBAuthnTokenImpl.1
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                return KRBAuthnTokenImpl.this.createGSSCredential(kerberosTicket);
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public GSSCredential createGSSCredential(KerberosTicket kerberosTicket) throws Exception {
        GSSCredential gSSCredential = null;
        if (kerberosTicket != null) {
            try {
                String name = kerberosTicket.getClient().getName();
                Oid oid = new Oid("1.2.840.113554.1.2.2");
                if (name != null && name.length() > 0) {
                    if (gssMgr == null) {
                        gssMgr = GSSManager.getInstance();
                    }
                    gSSCredential = gssMgr.createCredential(gssMgr.createName(name, GSSName.NT_USER_NAME, oid).canonicalize(oid), Integer.MAX_VALUE, oid, 1);
                }
            } catch (Throwable th) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "getGSSCredential unexpected exception", th);
                }
                th.printStackTrace();
                throw new Exception(th);
            }
        }
        return gSSCredential;
    }

    public boolean isAddressless() {
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "isAddressless " + this.isAddressless);
        }
        return this.isAddressless;
    }

    public boolean isRenewable() {
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "isRenewable " + this.isRenewable);
        }
        return this.isRenewable;
    }

    public Date getRenewTill() {
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getRenewTill " + this.renewTill);
        }
        return this.renewTill;
    }

    public String getTokenRealm() {
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getTokenRealm " + this.realm);
        }
        return this.realm;
    }

    public KerberosTicket getKerberosTicket() {
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getKerberosTicket", this.tgt);
        }
        return this.tgt;
    }

    public String[] addTokenAttribute(String str, String str2) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "addTokenAttribute", new Object[]{str, str2});
        }
        if (!this.isReadOnly) {
            if (this.kData == null) {
                this.kData = new Hashtable<>();
            }
            String put = this.kData.put(str, str2);
            if (put != null) {
                String[] strArr = {put};
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "addTokenAttribute", strArr);
                }
                return strArr;
            }
        }
        if (!tc.isEntryEnabled()) {
            return null;
        }
        Tr.exit(tc, "addTokenAttribute null");
        return null;
    }

    public Enumeration getTokenAttributeNames() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getTokenAttributeNames");
        }
        if (this.kData == null) {
            this.kData = new Hashtable<>();
        }
        Enumeration<String> keys = this.kData.keys();
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getTokenAttributeNames", keys);
        }
        return keys;
    }

    public String[] getTokenAttributes(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getTokenAttribute");
        }
        if (this.kData == null) {
            this.kData = new Hashtable<>();
        }
        String str2 = this.kData.get(str);
        if (str2 != null) {
            String[] strArr = {str2};
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getTokenAttributes", strArr);
            }
            return strArr;
        }
        if (!tc.isEntryEnabled()) {
            return null;
        }
        Tr.exit(tc, "getTokenAttributes null");
        return null;
    }

    public byte[] getTokenBytes() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getTokenBytes");
        }
        if (this.tokenBytes == null) {
            try {
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                ObjectOutputStream objectOutputStream = new ObjectOutputStream(byteArrayOutputStream);
                writeExternal(objectOutputStream);
                objectOutputStream.flush();
                objectOutputStream.close();
                this.tokenBytes = byteArrayOutputStream.toByteArray();
            } catch (Exception e) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "getTokenBytes unexpected exception", e);
                }
                throw new RuntimeException(e.getMessage());
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getTokenBytes", this.tokenBytes);
        }
        return this.tokenBytes;
    }

    public long getTokenExpiration() {
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getTokenExpiration " + this.expiration);
        }
        return this.expiration.longValue();
    }

    public String getTokenName() {
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getTokenName " + this.tokenName);
        }
        return this.tokenName;
    }

    public String getTokenPrincipal() {
        return Krb5Utils.trimUserName(this.kpn);
    }

    public String getTokenUniqueID() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getTokenUniqueID " + this.uniqueId);
        }
        if (this.uniqueId == null) {
            if (this.tgt != null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "KRBAuthnTokenImpl: using principal name and hash of TGT for unique ID");
                }
                if (this.tgt.hashCode() > 0) {
                    this.uniqueId = this.kpn + this.tgt.hashCode();
                } else {
                    this.uniqueId = this.kpn + ((-1) * this.tgt.hashCode()) + "n";
                }
            } else {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "KRBAuthnTokenImpl: using principal for unique ID");
                }
                this.uniqueId = this.kpn;
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getTokenUniqueID " + this.uniqueId);
        }
        return this.uniqueId;
    }

    public String getIdentifier() {
        if (this.identifier == null && this.tgt != null) {
            this.identifier = this.tgt.getClient().getName();
        }
        return this.identifier;
    }

    public void setIdentifier(String str) {
        this.identifier = str;
    }

    public short getTokenVersion() {
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getTokenVersion " + ((int) this.version));
        }
        return this.version;
    }

    public boolean isTokenForwardable() {
        return true;
    }

    public boolean isTokenValid() {
        if (this.expiration.longValue() - System.currentTimeMillis() <= 0) {
            if (!tc.isEntryEnabled()) {
                return false;
            }
            Tr.exit(tc, "isTokenValid false");
            return false;
        }
        if (!tc.isEntryEnabled()) {
            return true;
        }
        Tr.exit(tc, "isTokenValid true");
        return true;
    }

    public void setTokenReadOnly() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setTokenReadOnly " + this.isReadOnly);
        }
        this.isReadOnly = true;
    }

    public boolean isKRBAuthnToken(byte[] bArr) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isKRBAuthnToken(byte[] inBytes)... " + bArr);
        }
        boolean z = false;
        if (bArr != null && bArr.length > 0) {
            try {
                ObjectInputStream objectInputStream = new ObjectInputStream(new ByteArrayInputStream(bArr));
                if ("1.0".equals(ObjectOutputInputUtil.readUTF(objectInputStream, "KRBAuthnToken.version"))) {
                    if (KRBAuthnToken.WSSECURITY_KRBAUTHNTOKEN_NAME.equals(ObjectOutputInputUtil.readUTF(objectInputStream, "KRBAuthnToken.tokenName"))) {
                        z = true;
                    }
                }
                objectInputStream.close();
            } catch (Exception e) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "isKRBAuthnToken. Can not determine if this is a KRBAuthnToken.");
                    e.printStackTrace();
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "isKRBAuthnToken(byte[] inBytes)");
        }
        return z;
    }

    public synchronized void setKerberosTicket(KerberosTicket kerberosTicket) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setKerberosTicket()");
        }
        this.tgt = kerberosTicket;
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Kerberos ticket: " + kerberosTicket);
        }
        if (kerberosTicket != null) {
            this.expiration = Long.valueOf(kerberosTicket.getEndTime().getTime());
            this.kpn = kerberosTicket.getClient().toString();
            this.renewTill = kerberosTicket.getRenewTill();
            this.isAddressless = kerberosTicket.getClientAddresses() == null;
            this.isRenewable = kerberosTicket.isRenewable();
            try {
                this.gssCred = getGSSCredential(kerberosTicket);
            } catch (Exception e) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "No GSSCredential created - " + e.getMessage());
                }
                this.gssCred = null;
            }
        } else {
            this.gssCred = null;
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setKerberosTicket()");
        }
    }

    public void readExternal(ObjectInput objectInput) throws IOException, ClassNotFoundException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "readExternal", objectInput);
        }
        if ("1.0".equals(ObjectOutputInputUtil.readUTF(objectInput, "KRBAuthnToken.version"))) {
            this.tokenName = ObjectOutputInputUtil.readUTF(objectInput, "KRBAuthnToken.tokenName");
            this.credType = ObjectOutputInputUtil.readInt(objectInput, "KRBAuthnToken.credType");
            this.kpn = ObjectOutputInputUtil.readUTF(objectInput, "KRBAuthnToken.kpn");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "this.kpn= " + this.kpn);
            }
            this.uniqueId = ObjectOutputInputUtil.readUTF(objectInput, "KRBAuthnToken.uniqueId");
            this.identifier = ObjectOutputInputUtil.readUTF(objectInput, "KRBAuthnToken.identifier");
            this.realm = ObjectOutputInputUtil.readUTF(objectInput, "KRBAuthnToken.realm");
            this.expiration = Long.valueOf(ObjectOutputInputUtil.readLong(objectInput, "KRBAuthnToken.expiration"));
            this.readOnly = ObjectOutputInputUtil.readBoolean(objectInput, "KRBAuthnToken.readOnly");
            Object readObject = ObjectOutputInputUtil.readObject(objectInput, "KRBAuthnToken.kData");
            if (readObject != null) {
                this.kData = (Hashtable) readObject;
            }
            Object readObject2 = ObjectOutputInputUtil.readObject(objectInput, "KRBAuthnToken.tgt");
            if (readObject2 != null) {
                this.tgt = (KerberosTicket) readObject2;
            }
            Object readObject3 = ObjectOutputInputUtil.readObject(objectInput, "KRBAuthnToken.APREQ");
            if (readObject3 != null) {
                this.apReqBytes = (byte[]) readObject3;
            }
            if (this.tgt != null) {
                try {
                    this.gssCred = getGSSCredential(this.tgt);
                    this.renewTill = this.tgt.getRenewTill();
                    this.isAddressless = this.tgt.getClientAddresses() == null;
                    this.isForwardable = this.tgt.isForwardable();
                    this.isRenewable = this.tgt.isRenewable();
                } catch (PrivilegedActionException e) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "readExternal unexpected exception", e);
                    }
                    e.printStackTrace();
                    throw new IOException(e);
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "readExternal(ObjectInput in)= " + objectInput.available());
        }
    }

    public void writeExternal(ObjectOutput objectOutput) throws IOException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "writeExternal(ObjectOutput out)");
        }
        ObjectOutputInputUtil.writeUTF(objectOutput, "1.0", "KRBAuthnToken.version");
        ObjectOutputInputUtil.writeUTF(objectOutput, this.tokenName, "KRBAuthnToken.tokenName");
        ObjectOutputInputUtil.writeInt(objectOutput, this.credType, "KRBAuthnToken.credType");
        ObjectOutputInputUtil.writeUTF(objectOutput, this.kpn, "KRBAuthnToken.kpn");
        ObjectOutputInputUtil.writeUTF(objectOutput, this.uniqueId, "KRBAuthnToken.uniqueId");
        ObjectOutputInputUtil.writeUTF(objectOutput, this.identifier, "KRBAuthnToken.identifier");
        ObjectOutputInputUtil.writeUTF(objectOutput, this.realm, "KRBAuthnToken.realm");
        ObjectOutputInputUtil.writeLong(objectOutput, this.expiration.longValue(), "KRBAuthnToken.expiration");
        ObjectOutputInputUtil.writeBoolean(objectOutput, this.readOnly, "KRBAuthnToken.readOnly");
        ObjectOutputInputUtil.writeObject(objectOutput, this.kData, "KRBAuthnToken.kData");
        ObjectOutputInputUtil.writeObject(objectOutput, this.tgt, "KRBAuthnToken.tgt");
        ObjectOutputInputUtil.writeObject(objectOutput, this.apReqBytes, "KRBAuthnToken.APREQ");
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "writeExternal(ObjectOutput out): this.tgt = " + this.tgt);
        }
    }

    public String toString() {
        Set<String> keySet;
        StringBuffer stringBuffer = new StringBuffer();
        Date date = new Date(this.expiration.longValue());
        stringBuffer.append("\ntoken name:         " + this.tokenName);
        stringBuffer.append("\nversion:            " + ((int) this.version));
        stringBuffer.append("\nhashCode:           " + hashCode());
        stringBuffer.append("\nuniqueId:           " + this.uniqueId);
        stringBuffer.append("\nkerberos principal: " + this.kpn);
        stringBuffer.append("\nrealm:              " + this.realm);
        stringBuffer.append("\nexpiration:         " + date);
        stringBuffer.append("\nrenew until:        " + this.renewTill);
        stringBuffer.append("\nisReadOnly:         " + this.isReadOnly);
        stringBuffer.append("\nisAddressless:      " + this.isAddressless);
        stringBuffer.append("\nisForwardable:      " + this.isForwardable);
        stringBuffer.append("\nisRenewable:        " + this.isRenewable);
        stringBuffer.append("\nKerberosTicket:     " + this.tgt);
        stringBuffer.append("\nGSSCredential:      " + this.gssCred);
        if (this.kData != null && !this.kData.isEmpty() && (keySet = this.kData.keySet()) != null && !keySet.isEmpty()) {
            stringBuffer.append("\n\nAttributes: ");
            for (String str : keySet) {
                stringBuffer.append("\n" + str + " : " + this.kData.get(str));
            }
        }
        return stringBuffer.toString();
    }

    @Override // com.ibm.wsspi.security.token.AuthenticationToken
    public boolean isBasicAuth() {
        if (!tc.isEntryEnabled()) {
            return false;
        }
        Tr.exit(tc, "isBasicAuth false");
        return false;
    }

    @Override // com.ibm.wsspi.security.token.Token
    public String[] addAttribute(String str, String str2) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "addAttribute");
        }
        return addTokenAttribute(str, str2);
    }

    @Override // com.ibm.wsspi.security.token.Token
    public Enumeration getAttributeNames() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getAttributeNames");
        }
        return getTokenAttributeNames();
    }

    @Override // com.ibm.wsspi.security.token.Token
    public String[] getAttributes(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getAttributes");
        }
        return getTokenAttributes(str);
    }

    @Override // com.ibm.wsspi.security.token.Token
    public byte[] getBytes() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getBytes");
        }
        return getTokenBytes();
    }

    @Override // com.ibm.wsspi.security.token.Token
    public long getExpiration() {
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getExpiration " + this.expiration);
        }
        return this.expiration.longValue();
    }

    @Override // com.ibm.wsspi.security.token.Token
    public String getName() {
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getName " + this.tokenName);
        }
        return this.tokenName;
    }

    @Override // com.ibm.wsspi.security.token.Token
    public String getPrincipal() {
        return Krb5Utils.trimUserName(this.kpn);
    }

    @Override // com.ibm.wsspi.security.token.Token
    public String getUniqueID() {
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getUniqueID " + this.uniqueId);
        }
        return this.uniqueId;
    }

    @Override // com.ibm.wsspi.security.token.Token
    public short getVersion() {
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getVersion " + ((int) this.version));
        }
        return this.version;
    }

    @Override // com.ibm.wsspi.security.token.Token
    public boolean isForwardable() {
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "isForwardable " + this.isForwardable);
        }
        return this.isForwardable;
    }

    @Override // com.ibm.wsspi.security.token.Token
    public boolean isValid() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isValid ");
        }
        return isTokenValid();
    }

    @Override // com.ibm.wsspi.security.token.Token
    public void setReadOnly() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setReadOnly " + this.isReadOnly);
        }
        this.isReadOnly = true;
    }

    @Override // com.ibm.wsspi.security.token.Token
    public Object clone() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "clone", this);
        }
        KRBAuthnTokenImpl kRBAuthnTokenImpl = new KRBAuthnTokenImpl(getTokenBytes());
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "clone", kRBAuthnTokenImpl);
        }
        return kRBAuthnTokenImpl;
    }
}
