package org.forgerock.openam.oauth2.guice;

import com.google.inject.AbstractModule;
import com.google.inject.Provider;
import com.google.inject.Provides;
import com.google.inject.TypeLiteral;
import com.google.inject.assistedinject.FactoryModuleBuilder;
import com.google.inject.multibindings.MapBinder;
import com.google.inject.multibindings.Multibinder;
import com.google.inject.name.Names;
import com.iplanet.services.naming.WebtopNamingQuery;
import com.iplanet.sso.SSOTokenManager;
import com.sun.identity.shared.debug.Debug;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;
import java.util.concurrent.BlockingQueue;
import java.util.concurrent.LinkedBlockingQueue;
import java.util.concurrent.TimeUnit;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Singleton;
import org.forgerock.guice.core.GuiceModule;
import org.forgerock.jaspi.modules.openid.resolvers.service.OpenIdResolverService;
import org.forgerock.jaspi.modules.openid.resolvers.service.OpenIdResolverServiceImpl;
import org.forgerock.json.jose.builders.JwtBuilderFactory;
import org.forgerock.json.jose.common.JwtReconstruction;
import org.forgerock.json.jose.exceptions.InvalidJwtException;
import org.forgerock.json.jose.jws.SignedJwt;
import org.forgerock.oauth2.core.AccessTokenVerifier;
import org.forgerock.oauth2.core.AuthorizationCodeGrantTypeHandler;
import org.forgerock.oauth2.core.AuthorizationCodeRequestValidator;
import org.forgerock.oauth2.core.AuthorizationCodeRequestValidatorImpl;
import org.forgerock.oauth2.core.AuthorizeRequestValidator;
import org.forgerock.oauth2.core.AuthorizeRequestValidatorImpl;
import org.forgerock.oauth2.core.ClientCredentialsGrantTypeHandler;
import org.forgerock.oauth2.core.ClientCredentialsRequestValidator;
import org.forgerock.oauth2.core.ClientCredentialsRequestValidatorImpl;
import org.forgerock.oauth2.core.ClientRegistrationStore;
import org.forgerock.oauth2.core.DeviceCodeGrantTypeHandler;
import org.forgerock.oauth2.core.DuplicateRequestParameterValidator;
import org.forgerock.oauth2.core.GrantTypeHandler;
import org.forgerock.oauth2.core.JwtBearerGrantTypeHandler;
import org.forgerock.oauth2.core.OAuth2ProviderSettingsFactory;
import org.forgerock.oauth2.core.OAuth2Request;
import org.forgerock.oauth2.core.OAuth2RequestFactory;
import org.forgerock.oauth2.core.OAuth2TokenIntrospectionHandler;
import org.forgerock.oauth2.core.PasswordCredentialsGrantTypeHandler;
import org.forgerock.oauth2.core.PasswordCredentialsRequestValidator;
import org.forgerock.oauth2.core.PasswordCredentialsRequestValidatorImpl;
import org.forgerock.oauth2.core.RedirectUriResolver;
import org.forgerock.oauth2.core.ResourceOwnerConsentVerifier;
import org.forgerock.oauth2.core.TokenIntrospectionHandler;
import org.forgerock.oauth2.core.TokenStore;
import org.forgerock.oauth2.core.exceptions.ClientAuthenticationFailureFactory;
import org.forgerock.oauth2.core.exceptions.InvalidGrantException;
import org.forgerock.oauth2.core.exceptions.NotFoundException;
import org.forgerock.oauth2.core.exceptions.ServerException;
import org.forgerock.oauth2.resources.ResourceSetStore;
import org.forgerock.oauth2.restlet.AuthorizeRequestHook;
import org.forgerock.oauth2.restlet.OpenAMClientAuthenticationFailureFactory;
import org.forgerock.oauth2.restlet.RestletFormBodyAccessTokenVerifier;
import org.forgerock.oauth2.restlet.RestletHeaderAccessTokenVerifier;
import org.forgerock.oauth2.restlet.RestletQueryParameterAccessTokenVerifier;
import org.forgerock.oauth2.restlet.TokenRequestHook;
import org.forgerock.oauth2.restlet.resources.ResourceSetRegistrationExceptionFilter;
import org.forgerock.oauth2.restlet.resources.ResourceSetRegistrationHook;
import org.forgerock.openam.audit.context.AMExecutorServiceFactory;
import org.forgerock.openam.blacklist.Blacklist;
import org.forgerock.openam.blacklist.Blacklistable;
import org.forgerock.openam.blacklist.BloomFilterBlacklist;
import org.forgerock.openam.blacklist.CTSBlacklist;
import org.forgerock.openam.blacklist.CachingBlacklist;
import org.forgerock.openam.blacklist.NoOpBlacklist;
import org.forgerock.openam.cts.CTSPersistentStore;
import org.forgerock.openam.cts.adapters.JavaBeanAdapter;
import org.forgerock.openam.cts.adapters.TokenAdapter;
import org.forgerock.openam.cts.api.tokens.TokenIdGenerator;
import org.forgerock.openam.oauth2.AccessTokenProtectionFilter;
import org.forgerock.openam.oauth2.CookieExtractor;
import org.forgerock.openam.oauth2.OAuth2AuditLogger;
import org.forgerock.openam.oauth2.OAuth2GlobalSettings;
import org.forgerock.openam.oauth2.OAuth2UrisFactory;
import org.forgerock.openam.oauth2.OAuth2Utils;
import org.forgerock.openam.oauth2.OAuthTokenStore;
import org.forgerock.openam.oauth2.OpenAMClientRegistrationStore;
import org.forgerock.openam.oauth2.OpenAMTokenStore;
import org.forgerock.openam.oauth2.ResourceSetDescription;
import org.forgerock.openam.oauth2.StatefulTokenStore;
import org.forgerock.openam.oauth2.StatelessCheck;
import org.forgerock.openam.oauth2.StatelessTokenCtsAdapter;
import org.forgerock.openam.oauth2.StatelessTokenMetadata;
import org.forgerock.openam.oauth2.StatelessTokenStore;
import org.forgerock.openam.oauth2.resources.OpenAMResourceSetStore;
import org.forgerock.openam.oauth2.resources.ResourceSetRegistrationEndpoint;
import org.forgerock.openam.oauth2.resources.ResourceSetStoreFactory;
import org.forgerock.openam.oauth2.resources.labels.LabelsGuiceModule;
import org.forgerock.openam.oauth2.validation.ConfirmationKeyValidator;
import org.forgerock.openam.oauth2.validation.OpenIDConnectURLValidator;
import org.forgerock.openam.rest.representations.JacksonRepresentationFactory;
import org.forgerock.openam.rest.service.RestletUtils;
import org.forgerock.openam.shared.concurrency.ThreadMonitor;
import org.forgerock.openam.sm.datalayer.utils.ThreadSafeTokenIdGenerator;
import org.forgerock.openam.tokens.TokenType;
import org.forgerock.openam.utils.OpenAMSettings;
import org.forgerock.openam.utils.OpenAMSettingsImpl;
import org.forgerock.openam.utils.RealmNormaliser;
import org.forgerock.openam.utils.RecoveryCodeGenerator;
import org.forgerock.openidconnect.ClaimsParameterValidator;
import org.forgerock.openidconnect.CodeVerifierValidator;
import org.forgerock.openidconnect.OpenIdConnectAuthorizeRequestValidator;
import org.forgerock.openidconnect.OpenIdConnectClientRegistrationStore;
import org.forgerock.openidconnect.OpenIdConnectTokenStore;
import org.forgerock.openidconnect.OpenIdResourceOwnerConsentVerifier;
import org.forgerock.openidconnect.SubjectTypeValidator;
import org.forgerock.openidconnect.restlet.LoginHintHook;
import org.forgerock.openidconnect.ssoprovider.OpenIdConnectSSOProvider;
import org.restlet.Restlet;

@GuiceModule
/* loaded from: input_file:org/forgerock/openam/oauth2/guice/OAuth2GuiceModule.class */
public class OAuth2GuiceModule extends AbstractModule {

    /* loaded from: input_file:org/forgerock/openam/oauth2/guice/OAuth2GuiceModule$DefaultStatelessCheck.class */
    public static class DefaultStatelessCheck implements StatelessCheck<Boolean> {
        private final OAuth2ProviderSettingsFactory providerSettings;

        @Inject
        public DefaultStatelessCheck(OAuth2ProviderSettingsFactory oAuth2ProviderSettingsFactory) {
            this.providerSettings = oAuth2ProviderSettingsFactory;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // org.forgerock.openam.oauth2.StatelessCheck
        public Boolean byToken(String str) {
            try {
                new JwtReconstruction().reconstructJwt(str, SignedJwt.class);
                return true;
            } catch (InvalidJwtException e) {
                return false;
            }
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // org.forgerock.openam.oauth2.StatelessCheck
        public Boolean byRealm(String str) {
            try {
                return Boolean.valueOf(this.providerSettings.getRealmProviderSettings(str).isStatelessTokensEnabled());
            } catch (NotFoundException | ServerException e) {
                return false;
            }
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // org.forgerock.openam.oauth2.StatelessCheck
        public Boolean byRequest(OAuth2Request oAuth2Request) {
            try {
                return Boolean.valueOf(this.providerSettings.get(oAuth2Request).isStatelessTokensEnabled());
            } catch (NotFoundException | ServerException e) {
                return false;
            }
        }
    }

    /* loaded from: input_file:org/forgerock/openam/oauth2/guice/OAuth2GuiceModule$RealmAgnosticStatefulTokenStore.class */
    public static class RealmAgnosticStatefulTokenStore extends StatefulTokenStore {
        public RealmAgnosticStatefulTokenStore(OAuthTokenStore oAuthTokenStore, OAuth2ProviderSettingsFactory oAuth2ProviderSettingsFactory, OAuth2UrisFactory oAuth2UrisFactory, OpenIdConnectClientRegistrationStore openIdConnectClientRegistrationStore, RealmNormaliser realmNormaliser, SSOTokenManager sSOTokenManager, CookieExtractor cookieExtractor, OAuth2AuditLogger oAuth2AuditLogger, Debug debug, SecureRandom secureRandom, ClientAuthenticationFailureFactory clientAuthenticationFailureFactory, RecoveryCodeGenerator recoveryCodeGenerator, OAuth2Utils oAuth2Utils) {
            super(oAuthTokenStore, oAuth2ProviderSettingsFactory, oAuth2UrisFactory, openIdConnectClientRegistrationStore, realmNormaliser, sSOTokenManager, cookieExtractor, oAuth2AuditLogger, debug, secureRandom, clientAuthenticationFailureFactory, recoveryCodeGenerator, oAuth2Utils);
        }

        @Override // org.forgerock.openam.oauth2.StatefulTokenStore
        protected void validateTokenRealm(String str, OAuth2Request oAuth2Request) throws InvalidGrantException {
        }
    }

    /* loaded from: input_file:org/forgerock/openam/oauth2/guice/OAuth2GuiceModule$RealmAgnosticStatelessTokenStore.class */
    public static class RealmAgnosticStatelessTokenStore extends StatelessTokenStore {
        public RealmAgnosticStatelessTokenStore(StatefulTokenStore statefulTokenStore, JwtBuilderFactory jwtBuilderFactory, OAuth2ProviderSettingsFactory oAuth2ProviderSettingsFactory, Debug debug, OpenIdConnectClientRegistrationStore openIdConnectClientRegistrationStore, RealmNormaliser realmNormaliser, OAuth2UrisFactory oAuth2UrisFactory, Blacklist<Blacklistable> blacklist, CTSPersistentStore cTSPersistentStore, TokenAdapter<StatelessTokenMetadata> tokenAdapter, OAuth2Utils oAuth2Utils) {
            super(statefulTokenStore, jwtBuilderFactory, oAuth2ProviderSettingsFactory, debug, openIdConnectClientRegistrationStore, realmNormaliser, oAuth2UrisFactory, blacklist, cTSPersistentStore, tokenAdapter, oAuth2Utils);
        }

        @Override // org.forgerock.openam.oauth2.StatelessTokenStore
        protected void validateTokenRealm(String str, OAuth2Request oAuth2Request) throws InvalidGrantException {
        }
    }

    protected void configure() {
        bind(RedirectUriResolver.class);
        bind(ResourceOwnerConsentVerifier.class).to(OpenIdResourceOwnerConsentVerifier.class);
        bind(ClientRegistrationStore.class).to(OpenAMClientRegistrationStore.class);
        bind(OpenIdConnectClientRegistrationStore.class).to(OpenAMClientRegistrationStore.class);
        bind(TokenStore.class).to(OpenAMTokenStore.class);
        bind(OpenIdConnectTokenStore.class).to(OpenAMTokenStore.class);
        bind(ClientAuthenticationFailureFactory.class).to(OpenAMClientAuthenticationFailureFactory.class);
        bind(AccessTokenVerifier.class).to(RestletHeaderAccessTokenVerifier.class);
        bind(AccessTokenVerifier.class).annotatedWith(Names.named(AccessTokenVerifier.HEADER)).to(RestletHeaderAccessTokenVerifier.class);
        bind(AccessTokenVerifier.class).annotatedWith(Names.named(AccessTokenVerifier.FORM_BODY)).to(RestletFormBodyAccessTokenVerifier.class);
        bind(AccessTokenVerifier.class).annotatedWith(Names.named(AccessTokenVerifier.QUERY_PARAM)).to(RestletQueryParameterAccessTokenVerifier.class);
        bind(OpenAMSettings.class).toProvider(new Provider<OpenAMSettings>() { // from class: org.forgerock.openam.oauth2.guice.OAuth2GuiceModule.1
            /* renamed from: get, reason: merged with bridge method [inline-methods] */
            public OpenAMSettings m28get() {
                return new OpenAMSettingsImpl("OAuth2Provider", "1.0");
            }
        });
        Multibinder newSetBinder = Multibinder.newSetBinder(binder(), AuthorizeRequestValidator.class);
        newSetBinder.addBinding().to(AuthorizeRequestValidatorImpl.class);
        newSetBinder.addBinding().to(OpenIdConnectAuthorizeRequestValidator.class);
        newSetBinder.addBinding().to(ClaimsParameterValidator.class);
        newSetBinder.addBinding().to(SubjectTypeValidator.class);
        newSetBinder.addBinding().to(CodeVerifierValidator.class);
        newSetBinder.addBinding().to(DuplicateRequestParameterValidator.class);
        newSetBinder.addBinding().to(ConfirmationKeyValidator.class);
        Multibinder newSetBinder2 = Multibinder.newSetBinder(binder(), AuthorizationCodeRequestValidator.class);
        newSetBinder2.addBinding().to(AuthorizationCodeRequestValidatorImpl.class);
        newSetBinder2.addBinding().to(ConfirmationKeyValidator.class);
        Multibinder newSetBinder3 = Multibinder.newSetBinder(binder(), ClientCredentialsRequestValidator.class);
        newSetBinder3.addBinding().to(ClientCredentialsRequestValidatorImpl.class);
        newSetBinder3.addBinding().to(ConfirmationKeyValidator.class);
        Multibinder newSetBinder4 = Multibinder.newSetBinder(binder(), PasswordCredentialsRequestValidator.class);
        newSetBinder4.addBinding().to(PasswordCredentialsRequestValidatorImpl.class);
        newSetBinder4.addBinding().to(ConfirmationKeyValidator.class);
        MapBinder newMapBinder = MapBinder.newMapBinder(binder(), String.class, GrantTypeHandler.class);
        newMapBinder.addBinding("client_credentials").to(ClientCredentialsGrantTypeHandler.class);
        newMapBinder.addBinding("password").to(PasswordCredentialsGrantTypeHandler.class);
        newMapBinder.addBinding("authorization_code").to(AuthorizationCodeGrantTypeHandler.class);
        newMapBinder.addBinding("urn:ietf:params:oauth:grant-type:device_code").to(DeviceCodeGrantTypeHandler.class);
        newMapBinder.addBinding("urn:ietf:params:oauth:grant-type:jwt-bearer").to(JwtBearerGrantTypeHandler.class);
        Multibinder.newSetBinder(binder(), AuthorizeRequestHook.class).addBinding().to(LoginHintHook.class);
        Multibinder.newSetBinder(binder(), TokenRequestHook.class).addBinding().to(LoginHintHook.class);
        install(new FactoryModuleBuilder().implement(ResourceSetStore.class, OpenAMResourceSetStore.class).build(ResourceSetStoreFactory.class));
        bind(TokenIdGenerator.class).to(ThreadSafeTokenIdGenerator.class);
        Multibinder.newSetBinder(binder(), TokenIntrospectionHandler.class).addBinding().to(OAuth2TokenIntrospectionHandler.class);
        Multibinder.newSetBinder(binder(), ResourceSetRegistrationHook.class);
        bind(OpenIDConnectURLValidator.class).toInstance(OpenIDConnectURLValidator.getInstance());
        install(new LabelsGuiceModule());
        bind(new TypeLiteral<StatelessCheck<Boolean>>() { // from class: org.forgerock.openam.oauth2.guice.OAuth2GuiceModule.2
        }).to(DefaultStatelessCheck.class);
        bind(new TypeLiteral<TokenAdapter<StatelessTokenMetadata>>() { // from class: org.forgerock.openam.oauth2.guice.OAuth2GuiceModule.3
        }).to(StatelessTokenCtsAdapter.class);
        bind(OpenIdConnectSSOProvider.class);
    }

    @Singleton
    @Provides
    @Named("jwk-resolver")
    OpenIdResolverService getOpenIdResolverService() {
        return new OpenIdResolverServiceImpl(3000, 3000);
    }

    private BlockingQueue<Runnable> getThreadPoolQueue(int i) {
        return i == -1 ? new LinkedBlockingQueue() : new LinkedBlockingQueue(i);
    }

    @Inject
    @Provides
    public JavaBeanAdapter<ResourceSetDescription> getResourceSetDescriptionAdapter(TokenIdGenerator tokenIdGenerator) {
        return new JavaBeanAdapter<>(ResourceSetDescription.class, tokenIdGenerator);
    }

    @Provides
    @Named(AccessTokenVerifier.REALM_AGNOSTIC_HEADER)
    @Inject
    @Singleton
    AccessTokenVerifier getRealmAgnosticHeaderAccessTokenVerifier(@Named("realm-agnostic-token-store") TokenStore tokenStore) {
        return new RestletHeaderAccessTokenVerifier(tokenStore);
    }

    @Provides
    @Named(AccessTokenVerifier.REALM_AGNOSTIC_FORM_BODY)
    @Inject
    @Singleton
    AccessTokenVerifier getRealmAgnosticFormBodyAccessTokenVerifier(@Named("realm-agnostic-token-store") TokenStore tokenStore) {
        return new RestletFormBodyAccessTokenVerifier(tokenStore);
    }

    @Provides
    @Named(AccessTokenVerifier.REALM_AGNOSTIC_QUERY_PARAM)
    @Inject
    @Singleton
    AccessTokenVerifier getRealmAgnosticQueryParamAccessTokenVerifier(@Named("realm-agnostic-token-store") TokenStore tokenStore) {
        return new RestletQueryParameterAccessTokenVerifier(tokenStore);
    }

    @Provides
    @Named(TokenStore.REALM_AGNOSTIC_TOKEN_STORE)
    @Inject
    @Singleton
    TokenStore getRealmAgnosticTokenStore(OAuthTokenStore oAuthTokenStore, OAuth2ProviderSettingsFactory oAuth2ProviderSettingsFactory, OAuth2UrisFactory oAuth2UrisFactory, OpenIdConnectClientRegistrationStore openIdConnectClientRegistrationStore, RealmNormaliser realmNormaliser, SSOTokenManager sSOTokenManager, CookieExtractor cookieExtractor, OAuth2AuditLogger oAuth2AuditLogger, @Named("OAuth2Provider") Debug debug, SecureRandom secureRandom, ClientAuthenticationFailureFactory clientAuthenticationFailureFactory, JwtBuilderFactory jwtBuilderFactory, Blacklist<Blacklistable> blacklist, CTSPersistentStore cTSPersistentStore, TokenAdapter<StatelessTokenMetadata> tokenAdapter, RecoveryCodeGenerator recoveryCodeGenerator, OAuth2Utils oAuth2Utils) {
        RealmAgnosticStatefulTokenStore realmAgnosticStatefulTokenStore = new RealmAgnosticStatefulTokenStore(oAuthTokenStore, oAuth2ProviderSettingsFactory, oAuth2UrisFactory, openIdConnectClientRegistrationStore, realmNormaliser, sSOTokenManager, cookieExtractor, oAuth2AuditLogger, debug, secureRandom, clientAuthenticationFailureFactory, recoveryCodeGenerator, oAuth2Utils);
        return new OpenAMTokenStore(realmAgnosticStatefulTokenStore, new RealmAgnosticStatelessTokenStore(realmAgnosticStatefulTokenStore, jwtBuilderFactory, oAuth2ProviderSettingsFactory, debug, openIdConnectClientRegistrationStore, realmNormaliser, oAuth2UrisFactory, blacklist, cTSPersistentStore, tokenAdapter, oAuth2Utils), new DefaultStatelessCheck(oAuth2ProviderSettingsFactory));
    }

    @Inject
    @Singleton
    @Provides
    List<AuthorizeRequestValidator> getAuthorizeRequestValidators(Set<AuthorizeRequestValidator> set) {
        return new ArrayList(set);
    }

    @Inject
    @Singleton
    @Provides
    List<AuthorizationCodeRequestValidator> getAuthorizationCodeRequestValidators(Set<AuthorizationCodeRequestValidator> set) {
        return new ArrayList(set);
    }

    @Inject
    @Singleton
    @Provides
    List<ClientCredentialsRequestValidator> getClientCredentialsRequestValidators(Set<ClientCredentialsRequestValidator> set) {
        return new ArrayList(set);
    }

    @Inject
    @Singleton
    @Provides
    List<PasswordCredentialsRequestValidator> getPasswordCredentialsRequestValidators(Set<PasswordCredentialsRequestValidator> set) {
        return new ArrayList(set);
    }

    @Provides
    @Named("resource-set-reg-endpoint")
    @Inject
    @Singleton
    public Restlet createResourceSetRegistrationEndpoint(TokenStore tokenStore, OAuth2RequestFactory oAuth2RequestFactory, JacksonRepresentationFactory jacksonRepresentationFactory) {
        return new ResourceSetRegistrationExceptionFilter(new AccessTokenProtectionFilter(null, tokenStore, oAuth2RequestFactory, RestletUtils.wrap(ResourceSetRegistrationEndpoint.class)), jacksonRepresentationFactory);
    }

    @Provides
    public CTSBlacklist<Blacklistable> getCtsStatelessTokenBlacklist(CTSPersistentStore cTSPersistentStore, AMExecutorServiceFactory aMExecutorServiceFactory, ThreadMonitor threadMonitor, WebtopNamingQuery webtopNamingQuery, OAuth2GlobalSettings oAuth2GlobalSettings) {
        return new CTSBlacklist<>(cTSPersistentStore, TokenType.OAUTH_BLACKLIST, aMExecutorServiceFactory.createScheduledService(1, "OAuthTokenBlacklisting"), threadMonitor, webtopNamingQuery, oAuth2GlobalSettings.getBlacklistPurgeDelay(TimeUnit.MILLISECONDS), oAuth2GlobalSettings.getBlacklistPollInterval(TimeUnit.MILLISECONDS));
    }

    @Singleton
    @Inject
    @Provides
    public static Blacklist<Blacklistable> getStatelessTokenBlacklist(CTSBlacklist<Blacklistable> cTSBlacklist, OAuth2GlobalSettings oAuth2GlobalSettings) {
        if (!oAuth2GlobalSettings.isSessionBlacklistingEnabled()) {
            return new NoOpBlacklist();
        }
        long blacklistPurgeDelay = oAuth2GlobalSettings.getBlacklistPurgeDelay(TimeUnit.MILLISECONDS);
        int blacklistCacheSize = oAuth2GlobalSettings.getBlacklistCacheSize();
        long blacklistPollInterval = oAuth2GlobalSettings.getBlacklistPollInterval(TimeUnit.MILLISECONDS);
        CTSBlacklist<Blacklistable> cTSBlacklist2 = cTSBlacklist;
        if (blacklistCacheSize > 0) {
            cTSBlacklist2 = new CachingBlacklist<>(cTSBlacklist2, blacklistCacheSize, blacklistPurgeDelay);
        }
        if (blacklistPollInterval > 0) {
            cTSBlacklist2 = new BloomFilterBlacklist<>(cTSBlacklist2, blacklistPurgeDelay);
        }
        return cTSBlacklist2;
    }
}
