package org.wso2.carbon.identity.oauth.config;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.xml.namespace.QName;
import org.apache.amber.oauth2.as.validator.AuthorizationCodeValidator;
import org.apache.amber.oauth2.as.validator.ClientCredentialValidator;
import org.apache.amber.oauth2.as.validator.PasswordValidator;
import org.apache.amber.oauth2.as.validator.RefreshTokenValidator;
import org.apache.amber.oauth2.common.message.types.GrantType;
import org.apache.amber.oauth2.common.message.types.ResponseType;
import org.apache.amber.oauth2.common.validators.OAuthValidator;
import org.apache.axiom.om.OMElement;
import org.apache.axis2.util.JavaUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.base.ServerConfigurationException;
import org.wso2.carbon.identity.core.util.IdentityConfigParser;
import org.wso2.carbon.identity.oauth.common.SAML2GrantValidator;
import org.wso2.carbon.identity.oauth.tokenprocessor.PlainTextPersistenceProcessor;
import org.wso2.carbon.identity.oauth.tokenprocessor.TokenPersistenceProcessor;
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
import org.wso2.carbon.identity.oauth2.authcontext.DefaultClaimsRetriever;
import org.wso2.carbon.identity.oauth2.authz.handlers.ResponseTypeHandler;
import org.wso2.carbon.identity.oauth2.token.handlers.clientauth.ClientAuthenticationHandler;
import org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationGrantHandler;
import org.wso2.carbon.identity.oauth2.token.handlers.grant.saml.SAML2TokenCallbackHandler;
import org.wso2.carbon.identity.oauth2.validators.OAuth2ScopeValidator;
import org.wso2.carbon.identity.openidconnect.CustomClaimsCallbackHandler;
import org.wso2.carbon.identity.openidconnect.IDTokenBuilder;
import org.wso2.carbon.utils.CarbonUtils;

/* loaded from: input_file:org/wso2/carbon/identity/oauth/config/OAuthServerConfiguration.class */
public class OAuthServerConfiguration {
    private static final String CONFIG_ELEM_OAUTH = "OAuth";
    private static final String AUTHORIZATION_CODE_GRANT_HANDLER_CLASS = "org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationCodeHandler";
    private static final String CLIENT_CREDENTIALS_GRANT_HANDLER_CLASS = "org.wso2.carbon.identity.oauth2.token.handlers.grant.ClientCredentialsGrantHandler";
    private static final String PASSWORD_GRANT_HANDLER_CLASS = "org.wso2.carbon.identity.oauth2.token.handlers.grant.PasswordGrantHandler";
    private static final String REFRESH_TOKEN_GRANT_HANDLER_CLASS = "org.wso2.carbon.identity.oauth2.token.handlers.grant.RefreshGrantHandler";
    private static final String SAML20_BEARER_GRANT_HANDLER_CLASS = "org.wso2.carbon.identity.oauth2.token.handlers.grant.saml.SAML2BearerGrantHandler";
    private static final String IWA_NTLM_BEARER_GRANT_HANDLER_CLASS = "org.wso2.carbon.identity.oauth2.token.handlers.grant.iwa.ntlm.NTLMAuthenticationGrantHandler";
    private static Log log = LogFactory.getLog(OAuthServerConfiguration.class);
    private static OAuthServerConfiguration instance;
    private Map<String, AuthorizationGrantHandler> supportedGrantTypes;
    private Map<String, Class<? extends OAuthValidator<HttpServletRequest>>> supportedGrantTypeValidators;
    private Map<String, ResponseTypeHandler> supportedResponseTypes;
    private List<ClientAuthenticationHandler> supportedClientAuthHandlers;
    private OAuth2ScopeValidator oAuth2ScopeValidator;
    private long authorizationCodeValidityPeriodInSeconds = 300;
    private long userAccessTokenValidityPeriodInSeconds = 3600;
    private long applicationAccessTokenValidityPeriodInSeconds = 3600;
    private long refreshTokenValidityPeriodInSeconds = 86400;
    private long timeStampSkewInSeconds = 300;
    private String tokenPersistenceProcessorClassName = "org.wso2.carbon.identity.oauth.tokenprocessor.PlainTextPersistenceProcessor";
    private boolean cacheEnabled = true;
    private boolean isRefreshTokenRenewalEnabled = true;
    private boolean assertionsUserNameEnabled = false;
    private boolean accessTokenPartitioningEnabled = false;
    private String accessTokenPartitioningDomains = null;
    private TokenPersistenceProcessor persistenceProcessor = null;
    private Set<OAuthCallbackHandlerMetaData> callbackHandlerMetaData = new HashSet();
    private Map<String, String> supportedGrantTypeClassNames = new Hashtable();
    private Map<String, String> supportedGrantTypeValidatorNames = new Hashtable();
    private Map<String, String> supportedResponseTypeClassNames = new Hashtable();
    private String[] supportedClaims = null;
    private Map<String, Properties> supportedClientAuthHandlerData = new Hashtable();
    private String saml2TokenCallbackHandlerName = null;
    private SAML2TokenCallbackHandler saml2TokenCallbackHandler = null;
    private Map<String, String> tokenValidatorClassNames = new HashMap();
    private boolean isAuthContextTokGenEnabled = false;
    private String tokenGeneratorImplClass = "org.wso2.carbon.identity.oauth2.token.JWTTokenGenerator";
    private String claimsRetrieverImplClass = "org.wso2.carbon.identity.oauth2.token.DefaultClaimsRetriever";
    private String consumerDialectURI = DefaultClaimsRetriever.DEFAULT_DIALECT_URI;
    private String signatureAlgorithm = "SHA256withRSA";
    private String authContextTTL = "15L";
    private String openIDConnectIDTokenBuilderClassName = "org.wso2.carbon.identity.openidconnect.DefaultIDTokenBuilder";
    private String openIDConnectIDTokenCustomClaimsHanlderClassName = "org.wso2.carbon.identity.openidconnect.SAMLAssertionClaimsCallback";
    private IDTokenBuilder openIDConnectIDTokenBuilder = null;
    private CustomClaimsCallbackHandler openidConnectIDTokenCustomClaimsCallbackHandler = null;
    private String openIDConnectIDTokenIssuerIdentifier = "OIDCAuthzServer";
    private String openIDConnectIDTokenSubClaim = "http://wso2.org/claims/fullname";
    private String openIDConnectSkipUserConsent = "true";
    private String openIDConnectIDTokenExpiration = "300";
    private String openIDConnectUserInfoEndpointClaimDialect = DefaultClaimsRetriever.DEFAULT_DIALECT_URI;
    private String openIDConnectUserInfoEndpointClaimRetriever = "org.wso2.carbon.identity.oauth.endpoint.user.impl.UserInfoUserStoreClaimRetriever";
    private String openIDConnectUserInfoEndpointRequestValidator = "org.wso2.carbon.identity.oauth.endpoint.user.impl.UserInforRequestDefaultValidator";
    private String openIDConnectUserInfoEndpointAccessTokenValidator = "org.wso2.carbon.identity.oauth.endpoint.user.impl.UserInfoISAccessTokenValidator";
    private String openIDConnectUserInfoEndpointResponseBuilder = "org.wso2.carbon.identity.oauth.endpoint.user.impl.UserInfoJSONResponseBuilder";

    /* loaded from: input_file:org/wso2/carbon/identity/oauth/config/OAuthServerConfiguration$ConfigElements.class */
    private class ConfigElements {
        public static final String AUTHORIZATION_CONTEXT_TOKEN_GENERATION = "AuthorizationContextTokenGeneration";
        public static final String ENABLED = "Enabled";
        public static final String TOKEN_GENERATOR_IMPL_CLASS = "TokenGeneratorImplClass";
        public static final String CLAIMS_RETRIEVER_IMPL_CLASS = "ClaimsRetrieverImplClass";
        public static final String CONSUMER_DIALECT_URI = "ConsumerDialectURI";
        public static final String SIGNATURE_ALGORITHM = "SignatureAlgorithm";
        public static final String SECURITY_CONTEXT_TTL = "AuthorizationContextTTL";
        public static final String ENABLE_ASSERTIONS = "EnableAssertions";
        public static final String ENABLE_ASSERTIONS_USERNAME = "UserName";
        public static final String ENABLE_ACCESS_TOKEN_PARTITIONING = "EnableAccessTokenPartitioning";
        public static final String ACCESS_TOKEN_PARTITIONING_DOMAINS = "AccessTokenPartitioningDomains";
        public static final String OPENID_CONNECT = "OpenIDConnect";
        public static final String OPENID_CONNECT_IDTOKEN_BUILDER = "IDTokenBuilder";
        public static final String OPENID_CONNECT_IDTOKEN_SUB_CLAIM = "IDTokenSubjectClaim";
        public static final String OPENID_CONNECT_IDTOKEN_ISSUER_ID = "IDTokenIssuerID";
        public static final String OPENID_CONNECT_IDTOKEN_EXPIRATION = "IDTokenExpiration";
        public static final String OPENID_CONNECT_SKIP_USER_CONSENT = "SkipUserConsent";
        public static final String OPENID_CONNECT_USERINFO_ENDPOINT_CLAIM_DIALECT = "UserInfoEndpointClaimDialect";
        public static final String OPENID_CONNECT_USERINFO_ENDPOINT_CLAIM_RETRIEVER = "UserInfoEndpointClaimRetriever";
        public static final String OPENID_CONNECT_USERINFO_ENDPOINT_REQUEST_VALIDATOR = "UserInfoEndpointRequestValidator";
        public static final String OPENID_CONNECT_USERINFO_ENDPOINT_ACCESS_TOKEN_VALIDATOR = "UserInfoEndpointAccessTokenValidator";
        public static final String OPENID_CONNECT_USERINFO_ENDPOINT_RESPONSE_BUILDER = "UserInfoEndpointResponseBuilder";
        public static final String OPENID_CONNECT_IDTOKEN_CUSTOM_CLAIM_CALLBACK_HANDLER = "IDTokenCustomClaimsCallBackHandler";
        public static final String SUPPORTED_CLAIMS = "OpenIDConnectClaims";
        private static final String OAUTH_CALLBACK_HANDLERS = "OAuthCallbackHandlers";
        private static final String OAUTH_CALLBACK_HANDLER = "OAuthCallbackHandler";
        private static final String CALLBACK_CLASS = "Class";
        private static final String CALLBACK_PRIORITY = "Priority";
        private static final String CALLBACK_PROPERTIES = "Properties";
        private static final String CALLBACK_PROPERTY = "Property";
        private static final String CALLBACK_ATTR_NAME = "Name";
        private static final String TOKEN_VALIDATORS = "TokenValidators";
        private static final String TOKEN_VALIDATOR = "TokenValidator";
        private static final String TOKEN_TYPE_ATTR = "type";
        private static final String TOKEN_CLASS_ATTR = "class";
        private static final String SCOPE_VALIDATOR = "OAuthScopeValidator";
        private static final String SCOPE_CLASS_ATTR = "class";
        private static final String SKIP_SCOPE_ATTR = "scopesToSkip";
        private static final String TIMESTAMP_SKEW = "TimestampSkew";
        private static final String AUTHORIZATION_CODE_DEFAULT_VALIDITY_PERIOD = "AuthorizationCodeDefaultValidityPeriod";
        private static final String USER_ACCESS_TOKEN_DEFAULT_VALIDITY_PERIOD = "UserAccessTokenDefaultValidityPeriod";
        private static final String APPLICATION_ACCESS_TOKEN_VALIDATION_PERIOD = "AccessTokenDefaultValidityPeriod";
        private static final String REFRESH_TOKEN_VALIDITY_PERIOD = "RefreshTokenValidityPeriod";
        private static final String ENABLE_CACHE = "EnableOAuthCache";
        private static final String RENEW_REFRESH_TOKEN_FOR_REFRESH_GRANT = "RenewRefreshTokenForRefreshGrant";
        private static final String TOKEN_PERSISTENCE_PROCESSOR = "TokenPersistenceProcessor";
        private static final String SUPPORTED_GRANT_TYPES = "SupportedGrantTypes";
        private static final String SUPPORTED_GRANT_TYPE = "SupportedGrantType";
        private static final String GRANT_TYPE_NAME = "GrantTypeName";
        private static final String GRANT_TYPE_HANDLER_IMPL_CLASS = "GrantTypeHandlerImplClass";
        private static final String GRANT_TYPE_VALIDATOR_IMPL_CLASS = "GrantTypeValidatorImplClass";
        private static final String CLIENT_AUTH_HANDLERS = "ClientAuthHandlers";
        private static final String CLIENT_AUTH_HANDLER_IMPL_CLASS = "ClientAuthHandler";
        private static final String STRICT_CLIENT_AUTHENTICATION = "StrictClientCredentialValidation";
        private static final String CLIENT_AUTH_CLASS = "Class";
        private static final String DEFAULT_CLIENT_AUTHENTICATOR = "org.wso2.carbon.identity.oauth2.token.handlers.clientauth.BasicAuthClientAuthHandler";
        private static final String CLIENT_AUTH_PROPERTY = "Property";
        private static final String CLIENT_AUTH_NAME = "Name";
        private static final String SUPPORTED_RESP_TYPES = "SupportedResponseTypes";
        private static final String SUPPORTED_RESP_TYPE = "SupportedResponseType";
        private static final String RESP_TYPE_NAME = "ResponseTypeName";
        private static final String RESP_TYPE_HANDLER_IMPL_CLASS = "ResponseTypeHandlerImplClass";
        private static final String SAML2_GRANT = "SAML2Grant";
        private static final String SAML2_TOKEN_HANDLER = "SAML2TokenHandler";

        private ConfigElements() {
        }
    }

    private OAuthServerConfiguration() {
        buildOAuthServerConfiguration();
    }

    public static OAuthServerConfiguration getInstance() {
        CarbonUtils.checkSecurity();
        if (instance == null) {
            synchronized (OAuthServerConfiguration.class) {
                if (instance == null) {
                    instance = new OAuthServerConfiguration();
                }
            }
        }
        return instance;
    }

    private void buildOAuthServerConfiguration() {
        try {
            OMElement configElement = IdentityConfigParser.getInstance().getConfigElement(CONFIG_ELEM_OAUTH);
            if (configElement == null) {
                warnOnFaultyConfiguration("OAuth element is not available.");
                return;
            }
            parseOAuthCallbackHandlers(configElement.getFirstChildWithName(getQNameWithIdentityNS("OAuthCallbackHandlers")));
            parseTokenValidators(configElement.getFirstChildWithName(getQNameWithIdentityNS("TokenValidators")));
            OMElement firstChildWithName = configElement.getFirstChildWithName(getQNameWithIdentityNS("OAuthScopeValidator"));
            if (firstChildWithName != null) {
                parseScopeValidator(firstChildWithName);
            }
            parseDefaultValidityPeriods(configElement);
            parseCachingConfiguration(configElement);
            parseRefreshTokenRenewalConfiguration(configElement);
            parseTokenPersistenceProcessorConfig(configElement);
            parseSupportedGrantTypesConfig(configElement);
            parseSupportedResponseTypesConfig(configElement);
            parseSupportedClientAuthHandlersConfig(configElement.getFirstChildWithName(getQNameWithIdentityNS("ClientAuthHandlers")));
            parseSAML2GrantConfig(configElement);
            parseAuthorizationContextTokenGeneratorConfig(configElement);
            parseEnableAssertionsUserNameConfig(configElement);
            parseAccessTokenPartitioningConfig(configElement);
            parseAccessTokenPartitioningDomainsConfig(configElement);
            parseOpenIDConnectConfig(configElement);
        } catch (ServerConfigurationException e) {
            log.error("Error when reading the OAuth Configurations. OAuth related functionality might be affected.", e);
        }
    }

    public Set<OAuthCallbackHandlerMetaData> getCallbackHandlerMetaData() {
        return this.callbackHandlerMetaData;
    }

    public long getAuthorizationCodeValidityPeriodInSeconds() {
        return this.authorizationCodeValidityPeriodInSeconds;
    }

    public long getUserAccessTokenValidityPeriodInSeconds() {
        return this.userAccessTokenValidityPeriodInSeconds;
    }

    public long getApplicationAccessTokenValidityPeriodInSeconds() {
        return this.applicationAccessTokenValidityPeriodInSeconds;
    }

    public long getRefreshTokenValidityPeriodInSeconds() {
        return this.refreshTokenValidityPeriodInSeconds;
    }

    public long getTimeStampSkewInSeconds() {
        return this.timeStampSkewInSeconds;
    }

    public boolean isCacheEnabled() {
        return this.cacheEnabled;
    }

    public boolean isRefreshTokenRenewalEnabled() {
        return this.isRefreshTokenRenewalEnabled;
    }

    public Map<String, AuthorizationGrantHandler> getSupportedGrantTypes() {
        if (this.supportedGrantTypes == null) {
            synchronized (this) {
                if (this.supportedGrantTypes == null) {
                    this.supportedGrantTypes = new Hashtable();
                    for (Map.Entry<String, String> entry : this.supportedGrantTypeClassNames.entrySet()) {
                        AuthorizationGrantHandler authorizationGrantHandler = null;
                        try {
                            try {
                                try {
                                    authorizationGrantHandler = (AuthorizationGrantHandler) Class.forName(entry.getValue()).newInstance();
                                    authorizationGrantHandler.init();
                                } catch (ClassNotFoundException e) {
                                    log.error("Cannot find class: " + entry.getValue());
                                }
                            } catch (IllegalAccessException e2) {
                                log.error("Illegal access to " + entry.getValue());
                            }
                        } catch (InstantiationException e3) {
                            log.error("Error instantiating " + entry.getValue());
                        } catch (IdentityOAuth2Exception e4) {
                            log.error("Error while initializing " + entry.getValue());
                        }
                        this.supportedGrantTypes.put(entry.getKey(), authorizationGrantHandler);
                    }
                }
            }
        }
        return this.supportedGrantTypes;
    }

    /* JADX WARN: Multi-variable type inference failed */
    public Map<String, Class<? extends OAuthValidator<HttpServletRequest>>> getSupportedGrantTypeValidators() {
        if (this.supportedGrantTypeValidators == null) {
            synchronized (this) {
                if (this.supportedGrantTypeValidators == null) {
                    this.supportedGrantTypeValidators = new Hashtable();
                    this.supportedGrantTypeValidators.put(GrantType.PASSWORD.toString(), PasswordValidator.class);
                    this.supportedGrantTypeValidators.put(GrantType.CLIENT_CREDENTIALS.toString(), ClientCredentialValidator.class);
                    this.supportedGrantTypeValidators.put(GrantType.AUTHORIZATION_CODE.toString(), AuthorizationCodeValidator.class);
                    this.supportedGrantTypeValidators.put(GrantType.REFRESH_TOKEN.toString(), RefreshTokenValidator.class);
                    this.supportedGrantTypeValidators.put(org.wso2.carbon.identity.oauth.common.GrantType.SAML20_BEARER.toString(), SAML2GrantValidator.class);
                    if (this.supportedGrantTypeValidatorNames != null) {
                        for (Map.Entry<String, String> entry : this.supportedGrantTypeValidatorNames.entrySet()) {
                            try {
                                this.supportedGrantTypeValidators.put(entry.getKey(), Class.forName(entry.getValue()));
                            } catch (ClassCastException e) {
                                log.error("Cannot cast class: " + entry.getValue(), e);
                            } catch (ClassNotFoundException e2) {
                                log.error("Cannot find class: " + entry.getValue(), e2);
                            }
                        }
                    }
                }
            }
        }
        return this.supportedGrantTypeValidators;
    }

    public Map<String, ResponseTypeHandler> getSupportedResponseTypes() {
        if (this.supportedResponseTypes == null) {
            synchronized (this) {
                if (this.supportedResponseTypes == null) {
                    this.supportedResponseTypes = new Hashtable();
                    for (Map.Entry<String, String> entry : this.supportedResponseTypeClassNames.entrySet()) {
                        ResponseTypeHandler responseTypeHandler = null;
                        try {
                            try {
                                try {
                                    responseTypeHandler = (ResponseTypeHandler) Class.forName(entry.getValue()).newInstance();
                                    responseTypeHandler.init();
                                } catch (ClassNotFoundException e) {
                                    log.error("Cannot find class: " + entry.getValue());
                                }
                            } catch (IllegalAccessException e2) {
                                log.error("Illegal access to " + entry.getValue());
                            }
                        } catch (InstantiationException e3) {
                            log.error("Error instantiating " + entry.getValue());
                        } catch (IdentityOAuth2Exception e4) {
                            log.error("Error while initializing " + entry.getValue());
                        }
                        this.supportedResponseTypes.put(entry.getKey(), responseTypeHandler);
                    }
                }
            }
        }
        return this.supportedResponseTypes;
    }

    public String[] getSupportedClaims() {
        return this.supportedClaims;
    }

    public List<ClientAuthenticationHandler> getSupportedClientAuthHandlers() {
        if (this.supportedClientAuthHandlers == null) {
            synchronized (this) {
                if (this.supportedClientAuthHandlers == null) {
                    this.supportedClientAuthHandlers = new ArrayList();
                    for (Map.Entry<String, Properties> entry : this.supportedClientAuthHandlerData.entrySet()) {
                        try {
                            try {
                                ClientAuthenticationHandler clientAuthenticationHandler = (ClientAuthenticationHandler) Class.forName(entry.getKey()).newInstance();
                                clientAuthenticationHandler.init(entry.getValue());
                                this.supportedClientAuthHandlers.add(clientAuthenticationHandler);
                            } catch (ClassNotFoundException e) {
                                log.error("Cannot find class: " + entry);
                            } catch (IllegalAccessException e2) {
                                log.error("Illegal access to " + entry);
                            }
                        } catch (InstantiationException e3) {
                            log.error("Error instantiating " + entry);
                        } catch (IdentityOAuth2Exception e4) {
                            log.error("Error while initializing " + entry);
                        }
                    }
                }
            }
        }
        return this.supportedClientAuthHandlers;
    }

    public SAML2TokenCallbackHandler getSAML2TokenCallbackHandler() {
        if (this.saml2TokenCallbackHandlerName == null || this.saml2TokenCallbackHandlerName.equals("")) {
            return null;
        }
        if (this.saml2TokenCallbackHandler == null) {
            synchronized (SAML2TokenCallbackHandler.class) {
                if (this.saml2TokenCallbackHandler == null) {
                    try {
                        try {
                            this.saml2TokenCallbackHandler = (SAML2TokenCallbackHandler) Thread.currentThread().getContextClassLoader().loadClass(this.saml2TokenCallbackHandlerName).newInstance();
                        } catch (InstantiationException e) {
                            log.error("Error while instantiating the SAML2TokenCallbackHandler ", e);
                        }
                    } catch (ClassNotFoundException e2) {
                        log.error("Error while instantiating the SAML2TokenCallbackHandler ", e2);
                    } catch (IllegalAccessException e3) {
                        log.error("Error while instantiating the SAML2TokenCallbackHandler ", e3);
                    }
                }
            }
        }
        return this.saml2TokenCallbackHandler;
    }

    public Map<String, String> getTokenValidatorClassNames() {
        return this.tokenValidatorClassNames;
    }

    public boolean isAccessTokenPartitioningEnabled() {
        return this.accessTokenPartitioningEnabled;
    }

    public boolean isUserNameAssertionEnabled() {
        return this.assertionsUserNameEnabled;
    }

    public String getAccessTokenPartitioningDomains() {
        return this.accessTokenPartitioningDomains;
    }

    private QName getQNameWithIdentityNS(String str) {
        return new QName("http://wso2.org/projects/carbon/carbon.xml", str);
    }

    public boolean isAuthContextTokGenEnabled() {
        return this.isAuthContextTokGenEnabled;
    }

    public String getTokenGeneratorImplClass() {
        return this.tokenGeneratorImplClass;
    }

    public String getSignatureAlgorithm() {
        return this.signatureAlgorithm;
    }

    public String getConsumerDialectURI() {
        return this.consumerDialectURI;
    }

    public String getClaimsRetrieverImplClass() {
        return this.claimsRetrieverImplClass;
    }

    public String getAuthorizationContextTTL() {
        return this.authContextTTL;
    }

    public TokenPersistenceProcessor getPersistenceProcessor() throws IdentityOAuth2Exception {
        if (this.persistenceProcessor == null) {
            synchronized (this) {
                if (this.persistenceProcessor == null) {
                    try {
                        this.persistenceProcessor = (TokenPersistenceProcessor) getClass().getClassLoader().loadClass(this.tokenPersistenceProcessorClassName).newInstance();
                        if (log.isDebugEnabled()) {
                            log.debug("An instance of " + this.tokenPersistenceProcessorClassName + " is created for OAuthServerConfiguration.");
                        }
                    } catch (Exception e) {
                        log.error("Error when instantiating the TokenPersistenceProcessor : " + this.tokenPersistenceProcessorClassName + ". Defaulting to PlainTextPersistenceProcessor", e);
                        this.persistenceProcessor = new PlainTextPersistenceProcessor();
                    }
                }
            }
        }
        return this.persistenceProcessor;
    }

    public IDTokenBuilder getOpenIDConnectIDTokenBuilder() {
        if (this.openIDConnectIDTokenBuilder == null) {
            synchronized (IDTokenBuilder.class) {
                if (this.openIDConnectIDTokenBuilder == null) {
                    try {
                        this.openIDConnectIDTokenBuilder = (IDTokenBuilder) Thread.currentThread().getContextClassLoader().loadClass(this.openIDConnectIDTokenBuilderClassName).newInstance();
                    } catch (ClassNotFoundException e) {
                        log.error("Error while instantiating the IDTokenBuilder ", e);
                    } catch (IllegalAccessException e2) {
                        log.error("Error while instantiating the IDTokenBuilder ", e2);
                    } catch (InstantiationException e3) {
                        log.error("Error while instantiating the IDTokenBuilder ", e3);
                    }
                }
            }
        }
        return this.openIDConnectIDTokenBuilder;
    }

    public CustomClaimsCallbackHandler getOpenIDConnectCustomClaimsCallbackHandler() {
        if (this.openidConnectIDTokenCustomClaimsCallbackHandler == null) {
            synchronized (CustomClaimsCallbackHandler.class) {
                if (this.openidConnectIDTokenCustomClaimsCallbackHandler == null) {
                    try {
                        this.openidConnectIDTokenCustomClaimsCallbackHandler = (CustomClaimsCallbackHandler) Thread.currentThread().getContextClassLoader().loadClass(this.openIDConnectIDTokenCustomClaimsHanlderClassName).newInstance();
                    } catch (ClassNotFoundException e) {
                        log.error("Error while instantiating the IDTokenBuilder ", e);
                    } catch (IllegalAccessException e2) {
                        log.error("Error while instantiating the IDTokenBuilder ", e2);
                    } catch (InstantiationException e3) {
                        log.error("Error while instantiating the IDTokenBuilder ", e3);
                    }
                }
            }
        }
        return this.openidConnectIDTokenCustomClaimsCallbackHandler;
    }

    public String getOpenIDConnectIDTokenIssuerIdentifier() {
        return this.openIDConnectIDTokenIssuerIdentifier;
    }

    public String getOpenIDConnectIDTokenSubjectClaim() {
        return this.openIDConnectIDTokenSubClaim;
    }

    public boolean getOpenIDConnectSkipeUserConsentConfig() {
        return "true".equalsIgnoreCase(this.openIDConnectSkipUserConsent);
    }

    public String getOpenIDConnectIDTokenExpiration() {
        return this.openIDConnectIDTokenExpiration;
    }

    public String getOpenIDConnectUserInfoEndpointClaimDialect() {
        return this.openIDConnectUserInfoEndpointClaimDialect;
    }

    public String getOpenIDConnectUserInfoEndpointClaimRetriever() {
        return this.openIDConnectUserInfoEndpointClaimRetriever;
    }

    public String getOpenIDConnectUserInfoEndpointRequestValidator() {
        return this.openIDConnectUserInfoEndpointRequestValidator;
    }

    public String getOpenIDConnectUserInfoEndpointAccessTokenValidator() {
        return this.openIDConnectUserInfoEndpointAccessTokenValidator;
    }

    public String getOpenIDConnectUserInfoEndpointResponseBuilder() {
        return this.openIDConnectUserInfoEndpointResponseBuilder;
    }

    private void parseOAuthCallbackHandlers(OMElement oMElement) {
        if (oMElement == null) {
            warnOnFaultyConfiguration("OAuthCallbackHandlers element is not available.");
            return;
        }
        Iterator childrenWithLocalName = oMElement.getChildrenWithLocalName("OAuthCallbackHandler");
        int i = 0;
        if (childrenWithLocalName != null) {
            while (childrenWithLocalName.hasNext()) {
                OAuthCallbackHandlerMetaData buildAuthzCallbackHandlerMetadata = buildAuthzCallbackHandlerMetadata((OMElement) childrenWithLocalName.next());
                if (buildAuthzCallbackHandlerMetadata != null) {
                    this.callbackHandlerMetaData.add(buildAuthzCallbackHandlerMetadata);
                    if (log.isDebugEnabled()) {
                        log.debug("OAuthCallbackHandlerMetadata was added. Class : " + buildAuthzCallbackHandlerMetadata.getClassName());
                    }
                    i++;
                }
            }
        }
        if (i <= 0) {
            warnOnFaultyConfiguration("No OAuthCallbackHandler elements were found.");
        }
    }

    private void parseTokenValidators(OMElement oMElement) {
        Iterator childrenWithLocalName;
        if (oMElement == null || (childrenWithLocalName = oMElement.getChildrenWithLocalName("TokenValidator")) == null) {
            return;
        }
        while (childrenWithLocalName.hasNext()) {
            OMElement oMElement2 = (OMElement) childrenWithLocalName.next();
            if (oMElement2 != null) {
                this.tokenValidatorClassNames.put(oMElement2.getAttributeValue(new QName("type")), oMElement2.getAttributeValue(new QName("class")));
            }
        }
    }

    private void parseScopeValidator(OMElement oMElement) {
        String attributeValue = oMElement.getAttributeValue(new QName("class"));
        String attributeValue2 = oMElement.getAttributeValue(new QName("scopesToSkip"));
        try {
            OAuth2ScopeValidator oAuth2ScopeValidator = (OAuth2ScopeValidator) Thread.currentThread().getContextClassLoader().loadClass(attributeValue).newInstance();
            if (attributeValue2 != null && !"".equals(attributeValue2)) {
                oAuth2ScopeValidator.setScopesToSkip(new HashSet(Arrays.asList(attributeValue2.split(" "))));
            }
            setoAuth2ScopeValidator(oAuth2ScopeValidator);
        } catch (ClassNotFoundException e) {
            log.error("Class not found in build path " + attributeValue, e);
        } catch (IllegalAccessException e2) {
            log.error("Class access error " + attributeValue, e2);
        } catch (InstantiationException e3) {
            log.error("Class initialization error " + attributeValue, e3);
        }
    }

    private void warnOnFaultyConfiguration(String str) {
        log.warn("Error in OAuth Configuration. " + str);
    }

    private OAuthCallbackHandlerMetaData buildAuthzCallbackHandlerMetadata(OMElement oMElement) {
        String attributeValue = oMElement.getAttributeValue(new QName("Class"));
        if (attributeValue == null) {
            log.error("Mandatory attribute \"Class\" is not present in the AuthorizationCallbackHandler element. AuthorizationCallbackHandler will not be registered.");
            return null;
        }
        int i = 1;
        OMElement firstChildWithName = oMElement.getFirstChildWithName(getQNameWithIdentityNS("Priority"));
        if (firstChildWithName != null) {
            i = Integer.parseInt(firstChildWithName.getText());
        }
        if (log.isDebugEnabled()) {
            log.debug("Priority level of : " + i + " is set for the AuthorizationCallbackHandler with the class : " + attributeValue);
        }
        OMElement firstChildWithName2 = oMElement.getFirstChildWithName(getQNameWithIdentityNS("Properties"));
        Properties properties = null;
        if (firstChildWithName2 != null) {
            Iterator childrenWithLocalName = firstChildWithName2.getChildrenWithLocalName("Property");
            properties = new Properties();
            if (log.isDebugEnabled()) {
                log.debug("Registering Properties for AuthorizationCallbackHandler class : " + attributeValue);
            }
            while (childrenWithLocalName.hasNext()) {
                OMElement oMElement2 = (OMElement) childrenWithLocalName.next();
                String attributeValue2 = oMElement2.getAttributeValue(new QName("Name"));
                String text = oMElement2.getText();
                properties.put(attributeValue2, text);
                if (log.isDebugEnabled()) {
                    log.debug("Property name : " + attributeValue2 + ", Property Value : " + text);
                }
            }
        }
        return new OAuthCallbackHandlerMetaData(attributeValue, properties, i);
    }

    private void parseDefaultValidityPeriods(OMElement oMElement) {
        OMElement firstChildWithName = oMElement.getFirstChildWithName(getQNameWithIdentityNS("AuthorizationCodeDefaultValidityPeriod"));
        if (firstChildWithName != null) {
            this.authorizationCodeValidityPeriodInSeconds = Long.parseLong(firstChildWithName.getText());
        }
        OMElement firstChildWithName2 = oMElement.getFirstChildWithName(getQNameWithIdentityNS("UserAccessTokenDefaultValidityPeriod"));
        if (firstChildWithName2 != null) {
            this.userAccessTokenValidityPeriodInSeconds = Long.parseLong(firstChildWithName2.getText());
        }
        OMElement firstChildWithName3 = oMElement.getFirstChildWithName(getQNameWithIdentityNS("AccessTokenDefaultValidityPeriod"));
        if (firstChildWithName3 != null) {
            this.applicationAccessTokenValidityPeriodInSeconds = Long.parseLong(firstChildWithName3.getText());
        }
        OMElement firstChildWithName4 = oMElement.getFirstChildWithName(getQNameWithIdentityNS("RefreshTokenValidityPeriod"));
        if (firstChildWithName4 != null) {
            this.refreshTokenValidityPeriodInSeconds = Long.parseLong(firstChildWithName4.getText().trim());
        }
        OMElement firstChildWithName5 = oMElement.getFirstChildWithName(getQNameWithIdentityNS("TimestampSkew"));
        if (firstChildWithName5 != null) {
            this.timeStampSkewInSeconds = Long.parseLong(firstChildWithName5.getText());
        }
        if (log.isDebugEnabled()) {
            if (firstChildWithName == null) {
                log.debug("\"Authorization Code Default Timeout\" element was not available in identity.xml. Continuing with the default value.");
            }
            if (firstChildWithName2 == null) {
                log.debug("\"Access Token Default Timeout\" element was not available in from identity.xml. Continuing with the default value.");
            }
            if (firstChildWithName4 == null) {
                log.debug("\"Refresh Token Default Timeout\" element was not available in from identity.xml. Continuing with the default value.");
            }
            if (firstChildWithName5 == null) {
                log.debug("\"Default Timestamp Skew\" element was not available in from identity.xml. Continuing with the default value.");
            }
            if (log.isDebugEnabled()) {
                log.debug("Authorization Code Default Timeout is set to : " + this.authorizationCodeValidityPeriodInSeconds + "ms.");
                log.debug("User Access Token Default Timeout is set to " + this.userAccessTokenValidityPeriodInSeconds + "ms.");
                log.debug("Application Access Token Default Timeout is set to " + this.applicationAccessTokenValidityPeriodInSeconds + "ms.");
                log.debug("Refresh Token validity period is set to " + this.refreshTokenValidityPeriodInSeconds + "s.");
                log.debug("Default TimestampSkew is set to " + this.timeStampSkewInSeconds + "ms.");
            }
        }
    }

    private void parseCachingConfiguration(OMElement oMElement) {
        OMElement firstChildWithName = oMElement.getFirstChildWithName(getQNameWithIdentityNS("EnableOAuthCache"));
        if (firstChildWithName != null) {
            this.cacheEnabled = Boolean.parseBoolean(firstChildWithName.getText());
        }
        if (log.isDebugEnabled()) {
            log.debug("Enable OAuth Cache was set to : " + this.cacheEnabled);
        }
    }

    private void parseRefreshTokenRenewalConfiguration(OMElement oMElement) {
        OMElement firstChildWithName = oMElement.getFirstChildWithName(getQNameWithIdentityNS("RenewRefreshTokenForRefreshGrant"));
        if (firstChildWithName != null) {
            this.isRefreshTokenRenewalEnabled = Boolean.parseBoolean(firstChildWithName.getText());
        }
        if (log.isDebugEnabled()) {
            log.debug("RenewRefreshTokenForRefreshGrant was set to : " + this.isRefreshTokenRenewalEnabled);
        }
    }

    private void parseAccessTokenPartitioningConfig(OMElement oMElement) {
        OMElement firstChildWithName = oMElement.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.ENABLE_ACCESS_TOKEN_PARTITIONING));
        if (firstChildWithName != null) {
            this.accessTokenPartitioningEnabled = Boolean.parseBoolean(firstChildWithName.getText());
        }
        if (log.isDebugEnabled()) {
            log.debug("Enable OAuth Access Token Partitioning was set to : " + this.accessTokenPartitioningEnabled);
        }
    }

    private void parseAccessTokenPartitioningDomainsConfig(OMElement oMElement) {
        OMElement firstChildWithName = oMElement.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.ACCESS_TOKEN_PARTITIONING_DOMAINS));
        if (firstChildWithName != null) {
            this.accessTokenPartitioningDomains = firstChildWithName.getText();
        }
        if (log.isDebugEnabled()) {
            log.debug("Enable OAuth Access Token Partitioning Domains was set to : " + this.accessTokenPartitioningDomains);
        }
    }

    private void parseEnableAssertionsUserNameConfig(OMElement oMElement) {
        OMElement firstChildWithName;
        OMElement firstChildWithName2 = oMElement.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.ENABLE_ASSERTIONS));
        if (firstChildWithName2 != null && (firstChildWithName = firstChildWithName2.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.ENABLE_ASSERTIONS_USERNAME))) != null) {
            this.assertionsUserNameEnabled = Boolean.parseBoolean(firstChildWithName.getText());
        }
        if (log.isDebugEnabled()) {
            log.debug("Enable Assertions-UserName was set to : " + this.assertionsUserNameEnabled);
        }
    }

    private void parseTokenPersistenceProcessorConfig(OMElement oMElement) {
        OMElement firstChildWithName = oMElement.getFirstChildWithName(getQNameWithIdentityNS("TokenPersistenceProcessor"));
        if (firstChildWithName != null && !firstChildWithName.getText().trim().equals("")) {
            this.tokenPersistenceProcessorClassName = firstChildWithName.getText().trim();
        }
        if (log.isDebugEnabled()) {
            log.debug("Token Persistence Processor was set to : " + this.tokenPersistenceProcessorClassName);
        }
    }

    private void parseSupportedGrantTypesConfig(OMElement oMElement) {
        OMElement firstChildWithName = oMElement.getFirstChildWithName(getQNameWithIdentityNS("SupportedGrantTypes"));
        if (firstChildWithName != null) {
            Iterator childrenWithName = firstChildWithName.getChildrenWithName(getQNameWithIdentityNS("SupportedGrantType"));
            while (childrenWithName.hasNext()) {
                OMElement oMElement2 = (OMElement) childrenWithName.next();
                OMElement firstChildWithName2 = oMElement2.getFirstChildWithName(getQNameWithIdentityNS("GrantTypeName"));
                String text = firstChildWithName2 != null ? firstChildWithName2.getText() : null;
                OMElement firstChildWithName3 = oMElement2.getFirstChildWithName(getQNameWithIdentityNS("GrantTypeHandlerImplClass"));
                String text2 = firstChildWithName3 != null ? firstChildWithName3.getText() : null;
                if (!StringUtils.isEmpty(text) && !StringUtils.isEmpty(text2)) {
                    this.supportedGrantTypeClassNames.put(text, text2);
                    OMElement firstChildWithName4 = oMElement2.getFirstChildWithName(getQNameWithIdentityNS("GrantTypeValidatorImplClass"));
                    String text3 = firstChildWithName4 != null ? firstChildWithName4.getText() : null;
                    if (!StringUtils.isEmpty(text3)) {
                        this.supportedGrantTypeValidatorNames.put(text, text3);
                    }
                }
            }
        } else {
            log.warn("'SupportedGrantTypes' element not configured in identity.xml. Therefore instantiating default grant type handlers");
            Hashtable hashtable = new Hashtable(5);
            hashtable.put(GrantType.AUTHORIZATION_CODE.toString(), AUTHORIZATION_CODE_GRANT_HANDLER_CLASS);
            hashtable.put(GrantType.CLIENT_CREDENTIALS.toString(), CLIENT_CREDENTIALS_GRANT_HANDLER_CLASS);
            hashtable.put(GrantType.PASSWORD.toString(), PASSWORD_GRANT_HANDLER_CLASS);
            hashtable.put(GrantType.REFRESH_TOKEN.toString(), REFRESH_TOKEN_GRANT_HANDLER_CLASS);
            hashtable.put(org.wso2.carbon.identity.oauth.common.GrantType.SAML20_BEARER.toString(), SAML20_BEARER_GRANT_HANDLER_CLASS);
            hashtable.put(org.wso2.carbon.identity.oauth.common.GrantType.IWA_NTLM.toString(), IWA_NTLM_BEARER_GRANT_HANDLER_CLASS);
            this.supportedGrantTypeClassNames.putAll(hashtable);
        }
        if (log.isDebugEnabled()) {
            for (Map.Entry<String, String> entry : this.supportedGrantTypeClassNames.entrySet()) {
                log.debug(entry.getKey().toString() + "supported by" + entry.getValue().toString());
            }
        }
    }

    private void parseSupportedResponseTypesConfig(OMElement oMElement) {
        OMElement firstChildWithName = oMElement.getFirstChildWithName(getQNameWithIdentityNS("SupportedResponseTypes"));
        if (firstChildWithName != null) {
            Iterator childrenWithName = firstChildWithName.getChildrenWithName(getQNameWithIdentityNS("SupportedResponseType"));
            while (childrenWithName.hasNext()) {
                OMElement oMElement2 = (OMElement) childrenWithName.next();
                OMElement firstChildWithName2 = oMElement2.getFirstChildWithName(getQNameWithIdentityNS("ResponseTypeName"));
                String text = firstChildWithName2 != null ? firstChildWithName2.getText() : null;
                OMElement firstChildWithName3 = oMElement2.getFirstChildWithName(getQNameWithIdentityNS("ResponseTypeHandlerImplClass"));
                String text2 = firstChildWithName3 != null ? firstChildWithName3.getText() : null;
                if (text != null && !text.equals("") && text2 != null && !text2.equals("")) {
                    this.supportedResponseTypeClassNames.put(text, text2);
                }
            }
        } else {
            log.warn("'SupportedResponseTypes' element not configured in identity.xml. Therefore instantiating default response type handlers");
            Hashtable hashtable = new Hashtable(2);
            hashtable.put(ResponseType.CODE.toString(), "org.wso2.carbon.identity.oauth2.authz.handlers.CodeResponseTypeHandler");
            hashtable.put(ResponseType.TOKEN.toString(), "org.wso2.carbon.identity.oauth2.authz.handlers.TokenResponseTypeHandler");
            this.supportedResponseTypeClassNames.putAll(hashtable);
        }
        if (log.isDebugEnabled()) {
            for (Map.Entry<String, String> entry : this.supportedResponseTypeClassNames.entrySet()) {
                log.debug(entry.getKey().toString() + "supported by" + entry.getValue().toString());
            }
        }
    }

    private void parseSupportedClientAuthHandlersConfig(OMElement oMElement) {
        if (oMElement != null) {
            Iterator childrenWithLocalName = oMElement.getChildrenWithLocalName("ClientAuthHandler");
            while (childrenWithLocalName.hasNext()) {
                OMElement oMElement2 = (OMElement) childrenWithLocalName.next();
                Iterator childrenWithLocalName2 = oMElement2.getChildrenWithLocalName("Property");
                Properties properties = null;
                while (childrenWithLocalName2.hasNext()) {
                    properties = new Properties();
                    OMElement oMElement3 = (OMElement) childrenWithLocalName2.next();
                    String attributeValue = oMElement3.getAttributeValue(new QName("Name"));
                    String text = oMElement3.getText();
                    properties.put(attributeValue, text);
                    if (log.isDebugEnabled()) {
                        log.debug("Property name : " + attributeValue + ", Property Value : " + text);
                    }
                }
                String attributeValue2 = oMElement2.getAttributeValue(new QName("Class"));
                if (StringUtils.isEmpty(attributeValue2)) {
                    log.error("Mandatory attribute \"Class\" is not present in the ClientAuthHandler element. ");
                    return;
                } else if (properties != null) {
                    this.supportedClientAuthHandlerData.put(attributeValue2, properties);
                } else {
                    this.supportedClientAuthHandlerData.put(attributeValue2, new Properties());
                }
            }
        } else {
            log.warn("'SupportedClientAuthMethods' element not configured in identity.xml. Therefore instantiating default client authentication handlers");
            Hashtable hashtable = new Hashtable(1);
            hashtable.put("org.wso2.carbon.identity.oauth2.token.handlers.clientauth.BasicAuthClientAuthHandler", new Properties());
            this.supportedClientAuthHandlerData.putAll(hashtable);
        }
        if (log.isDebugEnabled()) {
            Iterator<Map.Entry<String, Properties>> it = this.supportedClientAuthHandlerData.entrySet().iterator();
            while (it.hasNext()) {
                log.debug("Supported client authentication method " + it.next().getKey());
            }
        }
    }

    private void parseSAML2GrantConfig(OMElement oMElement) {
        OMElement firstChildWithName = oMElement.getFirstChildWithName(getQNameWithIdentityNS("SAML2Grant"));
        OMElement oMElement2 = null;
        if (firstChildWithName != null) {
            oMElement2 = firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS("SAML2TokenHandler"));
        }
        if (oMElement2 == null || oMElement2.getText().trim().equals("")) {
            return;
        }
        this.saml2TokenCallbackHandlerName = oMElement2.getText().trim();
    }

    private void parseAuthorizationContextTokenGeneratorConfig(OMElement oMElement) {
        OMElement firstChildWithName;
        String trim;
        OMElement firstChildWithName2 = oMElement.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.AUTHORIZATION_CONTEXT_TOKEN_GENERATION));
        if (firstChildWithName2 != null && (firstChildWithName = firstChildWithName2.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.ENABLED))) != null && (trim = firstChildWithName.getText().trim()) != null && JavaUtils.isTrueExplicitly(trim)) {
            this.isAuthContextTokGenEnabled = true;
            if (firstChildWithName2.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.TOKEN_GENERATOR_IMPL_CLASS)) != null) {
                this.tokenGeneratorImplClass = firstChildWithName2.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.TOKEN_GENERATOR_IMPL_CLASS)).getText().trim();
            }
            if (firstChildWithName2.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.CLAIMS_RETRIEVER_IMPL_CLASS)) != null) {
                this.claimsRetrieverImplClass = firstChildWithName2.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.CLAIMS_RETRIEVER_IMPL_CLASS)).getText().trim();
            }
            if (firstChildWithName2.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.CONSUMER_DIALECT_URI)) != null) {
                this.consumerDialectURI = firstChildWithName2.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.CONSUMER_DIALECT_URI)).getText().trim();
            }
            if (firstChildWithName2.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.SIGNATURE_ALGORITHM)) != null) {
                this.signatureAlgorithm = firstChildWithName2.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.SIGNATURE_ALGORITHM)).getText().trim();
            }
            if (firstChildWithName2.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.SECURITY_CONTEXT_TTL)) != null) {
                this.authContextTTL = firstChildWithName2.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.SECURITY_CONTEXT_TTL)).getText().trim();
            }
        }
        if (log.isDebugEnabled()) {
            if (this.isAuthContextTokGenEnabled) {
                log.debug("JWT Generation is enabled");
            } else {
                log.debug("JWT Generation is disabled");
            }
        }
    }

    private void parseOpenIDConnectConfig(OMElement oMElement) {
        OMElement firstChildWithName = oMElement.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT));
        if (firstChildWithName != null) {
            if (firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_IDTOKEN_BUILDER)) != null) {
                this.openIDConnectIDTokenBuilderClassName = firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_IDTOKEN_BUILDER)).getText().trim();
            }
            if (firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_IDTOKEN_CUSTOM_CLAIM_CALLBACK_HANDLER)) != null) {
                this.openIDConnectIDTokenCustomClaimsHanlderClassName = firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_IDTOKEN_CUSTOM_CLAIM_CALLBACK_HANDLER)).getText().trim();
            }
            if (firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_IDTOKEN_SUB_CLAIM)) != null) {
                this.openIDConnectIDTokenSubClaim = firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_IDTOKEN_SUB_CLAIM)).getText().trim();
            }
            if (firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_SKIP_USER_CONSENT)) != null) {
                this.openIDConnectSkipUserConsent = firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_SKIP_USER_CONSENT)).getText().trim();
            }
            if (firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_IDTOKEN_ISSUER_ID)) != null) {
                this.openIDConnectIDTokenIssuerIdentifier = firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_IDTOKEN_ISSUER_ID)).getText().trim();
            }
            if (firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_IDTOKEN_EXPIRATION)) != null) {
                this.openIDConnectIDTokenExpiration = firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_IDTOKEN_EXPIRATION)).getText().trim();
            }
            if (firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_USERINFO_ENDPOINT_CLAIM_DIALECT)) != null) {
                this.openIDConnectUserInfoEndpointClaimDialect = firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_USERINFO_ENDPOINT_CLAIM_DIALECT)).getText().trim();
            }
            if (firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_USERINFO_ENDPOINT_CLAIM_RETRIEVER)) != null) {
                this.openIDConnectUserInfoEndpointClaimRetriever = firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_USERINFO_ENDPOINT_CLAIM_RETRIEVER)).getText().trim();
            }
            if (firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_USERINFO_ENDPOINT_REQUEST_VALIDATOR)) != null) {
                this.openIDConnectUserInfoEndpointRequestValidator = firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_USERINFO_ENDPOINT_REQUEST_VALIDATOR)).getText().trim();
            }
            if (firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_USERINFO_ENDPOINT_ACCESS_TOKEN_VALIDATOR)) != null) {
                this.openIDConnectUserInfoEndpointAccessTokenValidator = firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_USERINFO_ENDPOINT_ACCESS_TOKEN_VALIDATOR)).getText().trim();
            }
            if (firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_USERINFO_ENDPOINT_RESPONSE_BUILDER)) != null) {
                this.openIDConnectUserInfoEndpointResponseBuilder = firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_USERINFO_ENDPOINT_RESPONSE_BUILDER)).getText().trim();
            }
            if (firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.SUPPORTED_CLAIMS)) != null) {
                String trim = firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.SUPPORTED_CLAIMS)).getText().trim();
                if (log.isDebugEnabled()) {
                    log.debug("Supported Claims : " + trim);
                }
                if (trim == null || trim.equals("")) {
                    return;
                }
                this.supportedClaims = trim.split(",");
            }
        }
    }

    public OAuth2ScopeValidator getoAuth2ScopeValidator() {
        return this.oAuth2ScopeValidator;
    }

    public void setoAuth2ScopeValidator(OAuth2ScopeValidator oAuth2ScopeValidator) {
        this.oAuth2ScopeValidator = oAuth2ScopeValidator;
    }
}
