package org.forgerock.openam.oauth2.rest;

import com.iplanet.am.util.SystemProperties;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.iplanet.sso.SSOTokenManager;
import com.sun.identity.common.ISLocaleContext;
import com.sun.identity.idm.AMIdentity;
import com.sun.identity.idm.IdRepoException;
import com.sun.identity.idm.IdType;
import com.sun.identity.security.AdminTokenAction;
import com.sun.identity.shared.debug.Debug;
import com.sun.identity.sm.DNMapper;
import com.sun.identity.sm.SMSException;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.text.DateFormat;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.Iterator;
import java.util.Locale;
import java.util.Map;
import java.util.ResourceBundle;
import javax.inject.Inject;
import javax.inject.Named;
import org.apache.commons.lang.StringUtils;
import org.forgerock.json.JsonValue;
import org.forgerock.json.resource.ActionRequest;
import org.forgerock.json.resource.ActionResponse;
import org.forgerock.json.resource.BadRequestException;
import org.forgerock.json.resource.CollectionResourceProvider;
import org.forgerock.json.resource.CreateRequest;
import org.forgerock.json.resource.DeleteRequest;
import org.forgerock.json.resource.ForbiddenException;
import org.forgerock.json.resource.InternalServerErrorException;
import org.forgerock.json.resource.NotFoundException;
import org.forgerock.json.resource.PatchRequest;
import org.forgerock.json.resource.PermanentException;
import org.forgerock.json.resource.QueryRequest;
import org.forgerock.json.resource.QueryResourceHandler;
import org.forgerock.json.resource.QueryResponse;
import org.forgerock.json.resource.ReadRequest;
import org.forgerock.json.resource.ResourceException;
import org.forgerock.json.resource.ResourceResponse;
import org.forgerock.json.resource.Responses;
import org.forgerock.json.resource.ServiceUnavailableException;
import org.forgerock.json.resource.UpdateRequest;
import org.forgerock.json.resource.http.HttpContext;
import org.forgerock.oauth2.core.OAuth2ProviderSettings;
import org.forgerock.oauth2.core.OAuth2ProviderSettingsFactory;
import org.forgerock.oauth2.core.OAuth2Request;
import org.forgerock.oauth2.core.exceptions.ServerException;
import org.forgerock.oauth2.core.exceptions.UnauthorizedClientException;
import org.forgerock.openam.cts.api.fields.OAuthTokenField;
import org.forgerock.openam.cts.exceptions.CoreTokenException;
import org.forgerock.openam.oauth2.IdentityManager;
import org.forgerock.openam.oauth2.OAuth2Constants;
import org.forgerock.openam.oauth2.OAuthTokenStore;
import org.forgerock.openam.rest.RestUtils;
import org.forgerock.openam.tokens.CoreTokenField;
import org.forgerock.openam.utils.OpenAMSettings;
import org.forgerock.openam.utils.Time;
import org.forgerock.openidconnect.Client;
import org.forgerock.openidconnect.ClientDAO;
import org.forgerock.services.context.Context;
import org.forgerock.util.AsyncFunction;
import org.forgerock.util.promise.Promise;
import org.forgerock.util.promise.Promises;
import org.forgerock.util.query.QueryFilter;

@Deprecated
/* loaded from: input_file:org/forgerock/openam/oauth2/rest/TokenResource.class */
public class TokenResource implements CollectionResourceProvider {
    public static final String EXPIRE_TIME_KEY = "expireTime";
    public static final String INDEFINITELY = "Indefinitely";
    public static final String INDEFINITE_TOKEN_STRING_PROPERTY_NAME = "indefiniteTokenString";
    private final ClientDAO clientDao;
    private final OAuthTokenStore tokenStore;
    private final OAuth2ProviderSettingsFactory oAuth2ProviderSettingsFactory;
    private final Debug debug;
    private static AMIdentity adminUserId;
    private final OpenAMSettings authServiceSettings;
    private final IdentityManager identityManager;
    public static final CoreTokenField USERNAME_FIELD = OAuthTokenField.USER_NAME.getField();
    public static final CoreTokenField REALM_FIELD = OAuthTokenField.REALM.getField();
    private static final String[] RESOURCE_OWNER_HIDDEN_FIELDS = {"id", "parent", "auditTrackingId", "authGrantId", "refreshToken"};
    private static SSOToken token = (SSOToken) AccessController.doPrivileged((PrivilegedAction) AdminTokenAction.getInstance());
    private static String adminUser = SystemProperties.get("com.sun.identity.authentication.super.user");

    @Inject
    public TokenResource(OAuthTokenStore oAuthTokenStore, ClientDAO clientDAO, IdentityManager identityManager, OAuth2ProviderSettingsFactory oAuth2ProviderSettingsFactory, OpenAMSettings openAMSettings, @Named("frRest") Debug debug) {
        this.tokenStore = oAuthTokenStore;
        this.clientDao = clientDAO;
        this.identityManager = identityManager;
        this.oAuth2ProviderSettingsFactory = oAuth2ProviderSettingsFactory;
        this.authServiceSettings = openAMSettings;
        this.debug = debug;
    }

    public Promise<ResourceResponse, ResourceException> createInstance(Context context, CreateRequest createRequest) {
        return RestUtils.generateUnsupportedOperation();
    }

    public Promise<ResourceResponse, ResourceException> readInstance(Context context, String str, ReadRequest readRequest) {
        return readToken(context, str);
    }

    public Promise<ResourceResponse, ResourceException> updateInstance(Context context, String str, UpdateRequest updateRequest) {
        return RestUtils.generateUnsupportedOperation();
    }

    public Promise<ResourceResponse, ResourceException> deleteInstance(final Context context, final String str, DeleteRequest deleteRequest) {
        return readToken(context, str).thenAsync(new AsyncFunction<ResourceResponse, ResourceResponse, ResourceException>() { // from class: org.forgerock.openam.oauth2.rest.TokenResource.1
            /* renamed from: apply, reason: merged with bridge method [inline-methods] */
            public Promise<ResourceResponse, ResourceException> m35apply(final ResourceResponse resourceResponse) throws ResourceException {
                return TokenResource.this.deleteToken(context, str, false).thenAsync(new AsyncFunction<Void, ResourceResponse, ResourceException>() { // from class: org.forgerock.openam.oauth2.rest.TokenResource.1.1
                    /* renamed from: apply, reason: merged with bridge method [inline-methods] */
                    public Promise<ResourceResponse, ResourceException> m36apply(Void r3) {
                        return Promises.newResultPromise(resourceResponse);
                    }
                });
            }
        });
    }

    public Promise<ResourceResponse, ResourceException> patchInstance(Context context, String str, PatchRequest patchRequest) {
        return RestUtils.generateUnsupportedOperation();
    }

    public Promise<ActionResponse, ResourceException> actionCollection(Context context, ActionRequest actionRequest) {
        return RestUtils.generateUnsupportedOperation();
    }

    public Promise<ActionResponse, ResourceException> actionInstance(Context context, String str, ActionRequest actionRequest) {
        String action = actionRequest.getAction();
        if ("revoke".equalsIgnoreCase(action)) {
            return deleteToken(context, str, true).thenAsync(new AsyncFunction<Void, ActionResponse, ResourceException>() { // from class: org.forgerock.openam.oauth2.rest.TokenResource.2
                /* renamed from: apply, reason: merged with bridge method [inline-methods] */
                public Promise<ActionResponse, ResourceException> m37apply(Void r3) {
                    return Promises.newResultPromise(Responses.newActionResponse(JsonValue.json(JsonValue.object(new Map.Entry[0]))));
                }
            });
        }
        if ("revokeTokens".equalsIgnoreCase(action)) {
            return revokeTokens(str, actionRequest).thenAsync(new AsyncFunction<Void, ActionResponse, ResourceException>() { // from class: org.forgerock.openam.oauth2.rest.TokenResource.3
                /* renamed from: apply, reason: merged with bridge method [inline-methods] */
                public Promise<ActionResponse, ResourceException> m38apply(Void r3) {
                    return Promises.newResultPromise(Responses.newActionResponse(JsonValue.json(JsonValue.object(new Map.Entry[0]))));
                }
            });
        }
        if (this.debug.errorEnabled()) {
            this.debug.error("TokenResource :: ACTION : Unsupported action request performed, " + action + " on " + str);
        }
        return RestUtils.generateUnsupportedOperation();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Promise<Void, ResourceException> deleteToken(Context context, String str, boolean z) {
        try {
            AMIdentity uid = getUid(context);
            JsonValue token2 = getToken(str);
            String attributeValue = getAttributeValue(token2, "userName");
            if (attributeValue == null || attributeValue.isEmpty()) {
                if (this.debug.errorEnabled()) {
                    this.debug.error("TokenResource :: DELETE : No username associated with token with ID, " + str + ".");
                }
                throw new PermanentException(404, "Not Found", (Throwable) null);
            }
            String attributeValue2 = getAttributeValue(token2, "grant_type");
            if (attributeValue2 == null || !attributeValue2.equalsIgnoreCase("client_credentials")) {
                if (!uid.equals(this.identityManager.getResourceOwnerIdentity(attributeValue, getAttributeValue(token2, "realm"))) && !uid.equals(adminUserId)) {
                    if (this.debug.errorEnabled()) {
                        this.debug.error("TokenResource :: DELETE : Only the resource owner or an administrator may perform a delete on the token with ID, " + str + ".");
                    }
                    throw new PermanentException(401, "Unauthorized", (Throwable) null);
                }
                if (z) {
                    deleteAccessTokensRefreshToken(token2);
                }
                this.tokenStore.delete(str);
            } else {
                if (z) {
                    deleteAccessTokensRefreshToken(token2);
                }
                this.tokenStore.delete(str);
            }
            return Promises.newResultPromise((Object) null);
        } catch (ResourceException e) {
            return e.asPromise();
        } catch (UnauthorizedClientException e2) {
            this.debug.error("TokenResource :: DELETE : Requesting user is unauthorized.");
            return new PermanentException(401, "Unauthorized", e2).asPromise();
        } catch (SSOException e3) {
            this.debug.error("TokenResource :: DELETE : Unable to retrieve identity of the requesting user. Unauthorized.");
            return new PermanentException(401, "Unauthorized", e3).asPromise();
        } catch (CoreTokenException e4) {
            return new ServiceUnavailableException(e4.getMessage(), e4).asPromise();
        } catch (IdRepoException e5) {
            this.debug.error("TokenResource :: DELETE : Unable to retrieve identity of the requesting user. Unauthorized.");
            return new PermanentException(401, "Unauthorized", e5).asPromise();
        }
    }

    private Promise<Void, ResourceException> revokeTokens(String str, ActionRequest actionRequest) {
        try {
            JsonValue token2 = getToken(str);
            if (StringUtils.isEmpty(getAttributeValue(token2, "userName"))) {
                this.debug.error("TokenResource :: revokeTokens : No username associated with token with ID, " + str + ".");
                throw new NotFoundException("Not Found", (Throwable) null);
            }
            String asString = actionRequest.getContent().get("client_id").asString();
            if (StringUtils.isEmpty(asString)) {
                this.debug.error("TokenResource :: revokeTokens : No clientId provided");
                throw new BadRequestException("Missing clientId", (Throwable) null);
            }
            if (!getAttributeValue(token2, OAuthTokenField.CLIENT_ID.getOAuthField()).equalsIgnoreCase(asString)) {
                this.debug.error("TokenResource :: revokeTokens : clientIds do not match");
                throw new ForbiddenException("Unauthorized", (Throwable) null);
            }
            deleteAccessTokensRefreshToken(token2);
            this.tokenStore.delete(str);
            return Promises.newResultPromise((Object) null);
        } catch (CoreTokenException e) {
            return new ServiceUnavailableException(e.getMessage(), e).asPromise();
        } catch (ResourceException e2) {
            return e2.asPromise();
        }
    }

    private JsonValue getToken(String str) throws CoreTokenException, NotFoundException {
        JsonValue read = this.tokenStore.read(str);
        if (read != null) {
            return read;
        }
        this.debug.error("TokenResource :: No token with ID, " + str + " found");
        throw new NotFoundException("Token Not Found", (Throwable) null);
    }

    private void deleteAccessTokensRefreshToken(JsonValue jsonValue) throws CoreTokenException {
        String attributeValue;
        if (!"access_token".equals(getAttributeValue(jsonValue, "tokenName")) || (attributeValue = getAttributeValue(jsonValue, "refreshToken")) == null) {
            return;
        }
        this.tokenStore.delete(attributeValue);
    }

    private String getAttributeValue(JsonValue jsonValue, String str) {
        Collection<String> attributeAsSet = getAttributeAsSet(jsonValue, str);
        if (attributeAsSet == null || attributeAsSet.isEmpty()) {
            return null;
        }
        return attributeAsSet.iterator().next();
    }

    private Collection<String> getAttributeAsSet(JsonValue jsonValue, String str) {
        JsonValue jsonValue2 = jsonValue.get(str);
        if (jsonValue2 != null) {
            return jsonValue2.asCollection(String.class);
        }
        return null;
    }

    public Promise<QueryResponse, ResourceException> queryCollection(Context context, QueryRequest queryRequest, QueryResourceHandler queryResourceHandler) {
        try {
            ArrayList arrayList = new ArrayList();
            try {
                AMIdentity uid = getUid(context);
                if (!uid.equals(adminUserId)) {
                    arrayList.add(QueryFilter.equalTo(USERNAME_FIELD, uid.getName()));
                    arrayList.add(QueryFilter.equalTo(REALM_FIELD, DNMapper.orgNameToRealmName(uid.getRealm())));
                }
                String queryId = queryRequest.getQueryId();
                boolean z = false;
                for (String str : (queryId.equals("access_token") ? "tokenName=access_token" : queryId).split(",")) {
                    String[] split = str.split("=");
                    if (split.length == 2) {
                        if (OAuthTokenField.USER_NAME.getOAuthField().equals(split[0])) {
                            z = true;
                        }
                        arrayList.add(QueryFilter.equalTo(getOAuth2TokenField(split[0]), split[1]));
                    }
                }
                if (adminUserId.equals(uid)) {
                    if (!z) {
                        return new BadRequestException("userName field MUST be set in _queryId").asPromise();
                    }
                } else if (z) {
                    return new BadRequestException("userName field MUST NOT be set in _queryId").asPromise();
                }
                return handleResponse(queryResourceHandler, this.tokenStore.query(QueryFilter.and(arrayList)), context, uid);
            } catch (Exception e) {
                if (this.debug.errorEnabled()) {
                    this.debug.error("TokenResource :: QUERY : Unable to query collection as no UID discovered for requesting user.");
                }
                return new PermanentException(401, "Unauthorized", e).asPromise();
            }
        } catch (UnauthorizedClientException e2) {
            this.debug.error("TokenResource :: QUERY : Unable to query collection as the client is not authorized.", e2);
            return new PermanentException(401, e2.getMessage(), e2).asPromise();
        } catch (CoreTokenException e3) {
            this.debug.error("TokenResource :: QUERY : Unable to query collection as the token store is not available.", e3);
            return new ServiceUnavailableException(e3.getMessage(), e3).asPromise();
        } catch (NotFoundException e4) {
            this.debug.error("TokenResource :: QUERY : Unable to query collection as realm does not have OAuth 2 provider.", e4);
            return e4.asPromise();
        } catch (InternalServerErrorException e5) {
            this.debug.error("TokenResource :: QUERY : Unable to query collection as writing the response failed.", e5);
            return e5.asPromise();
        }
    }

    private CoreTokenField getOAuth2TokenField(String str) {
        for (OAuthTokenField oAuthTokenField : OAuthTokenField.values()) {
            if (oAuthTokenField.getOAuthField().equals(str)) {
                return oAuthTokenField.getField();
            }
        }
        throw new IllegalArgumentException("I don't understand the OAuth 2.0 field called " + str);
    }

    private Promise<QueryResponse, ResourceException> handleResponse(QueryResourceHandler queryResourceHandler, JsonValue jsonValue, Context context, AMIdentity aMIdentity) throws UnauthorizedClientException, CoreTokenException, InternalServerErrorException, NotFoundException {
        JsonValue content = Responses.newResourceResponse("result", "1", jsonValue).getContent();
        String headerAsString = context.asContext(HttpContext.class).getHeaderAsString("accept-language");
        Iterator it = content.iterator();
        while (it.hasNext()) {
            JsonValue jsonValue2 = (JsonValue) it.next();
            Client client = getClient(jsonValue2);
            jsonValue2.put(EXPIRE_TIME_KEY, getExpiryDate(jsonValue2, context));
            jsonValue2.put(OAuth2Constants.ShortClientAttributeNames.DISPLAY_NAME.getType(), getClientName(client));
            jsonValue2.put(OAuth2Constants.ShortClientAttributeNames.SCOPES.getType(), getScopes(client, jsonValue2, headerAsString));
            queryResourceHandler.handleResource(resource(jsonValue2, aMIdentity));
        }
        return Promises.newResultPromise(Responses.newQueryResponse());
    }

    private String getClientName(Client client) throws UnauthorizedClientException {
        return client.get(OAuth2Constants.ShortClientAttributeNames.DISPLAY_NAME.getType()).get(0).asString();
    }

    private String getScopes(Client client, JsonValue jsonValue, String str) throws UnauthorizedClientException {
        JsonValue jsonValue2 = client.get(OAuth2Constants.ShortClientAttributeNames.SCOPES.getType());
        Collection<String> attributeAsSet = getAttributeAsSet(jsonValue, "scope");
        Locale localeObjFromAcceptLangHeader = com.sun.identity.shared.locale.Locale.getLocaleObjFromAcceptLangHeader(str);
        ArrayList arrayList = new ArrayList();
        Iterator<String> it = attributeAsSet.iterator();
        while (it.hasNext()) {
            arrayList.add(getDisplayName(it.next(), jsonValue2, localeObjFromAcceptLangHeader));
        }
        return StringUtils.join(arrayList, ",");
    }

    private String getDisplayName(String str, JsonValue jsonValue, Locale locale) {
        String str2 = null;
        Iterator it = jsonValue.iterator();
        while (it.hasNext()) {
            JsonValue jsonValue2 = (JsonValue) it.next();
            if (jsonValue2.asString().contains("|")) {
                String[] split = jsonValue2.asString().split("\\|");
                if (split.length == 3) {
                    String str3 = split[0];
                    String str4 = split[1];
                    String str5 = split[2];
                    String language = com.sun.identity.shared.locale.Locale.getLocale(str4).getLanguage();
                    if (language.equalsIgnoreCase("en")) {
                        str2 = str5;
                    }
                    if (locale.getLanguage().equals(language) && str3.equals(str)) {
                        return str5;
                    }
                } else {
                    continue;
                }
            }
        }
        return str2 != null ? str2 : str;
    }

    private Client getClient(JsonValue jsonValue) throws UnauthorizedClientException {
        return this.clientDao.read(getAttributeValue(jsonValue, "clientID"), getRequest(getAttributeValue(jsonValue, "realm")));
    }

    private OAuth2Request getRequest(String str) {
        return OAuth2Request.forRealm(str);
    }

    private String getExpiryDate(JsonValue jsonValue, Context context) throws CoreTokenException, InternalServerErrorException, NotFoundException {
        try {
            OAuth2ProviderSettings realmProviderSettings = this.oAuth2ProviderSettingsFactory.getRealmProviderSettings(getAttributeValue(jsonValue, "realm"));
            try {
                boolean isDefined = jsonValue.isDefined("refreshToken");
                if (isDefined && realmProviderSettings.issueRefreshTokensOnRefreshingToken()) {
                    return getIndefinitelyString(context);
                }
                JsonValue read = this.tokenStore.read(getAttributeValue(jsonValue, "refreshToken"));
                if (!isDefined || read == null) {
                    return getDateFormat(context).format(new Date(Long.parseLong(getAttributeValue(jsonValue, EXPIRE_TIME_KEY))));
                }
                long parseLong = Long.parseLong(getAttributeValue(read, EXPIRE_TIME_KEY));
                return parseLong == -1 ? getIndefinitelyString(context) : getDateFormat(context).format(new Date(parseLong));
            } catch (ServerException | SMSException | SSOException e) {
                throw new InternalServerErrorException(e);
            }
        } catch (org.forgerock.oauth2.core.exceptions.NotFoundException e2) {
            throw new NotFoundException(e2.getMessage());
        }
    }

    private DateFormat getDateFormat(Context context) throws SSOException, SMSException {
        new SimpleDateFormat();
        return SimpleDateFormat.getDateTimeInstance(2, 3, getLocale(context));
    }

    private Promise<ResourceResponse, ResourceException> readToken(Context context, String str) {
        try {
            AMIdentity uid = getUid(context);
            try {
                JsonValue read = this.tokenStore.read(str);
                if (read == null) {
                    if (this.debug.errorEnabled()) {
                        this.debug.error("TokenResource :: READ : No token found with ID, " + str);
                    }
                    throw new NotFoundException("Could not find valid token with given ID");
                }
                JsonValue jsonValue = read.get(EXPIRE_TIME_KEY);
                if (Time.currentTimeMillis() > (jsonValue.isNumber() ? jsonValue.asLong().longValue() : Long.parseLong((String) jsonValue.asCollection(String.class).iterator().next()))) {
                    throw new NotFoundException("Could not find valid token with given ID");
                }
                String attributeValue = getAttributeValue(read, "grant_type");
                if (attributeValue != null && attributeValue.equalsIgnoreCase("client_credentials")) {
                    return Promises.newResultPromise(resource(read, uid));
                }
                String attributeValue2 = getAttributeValue(read, "realm");
                String attributeValue3 = getAttributeValue(read, "userName");
                if (attributeValue3 == null || attributeValue3.isEmpty()) {
                    if (this.debug.errorEnabled()) {
                        this.debug.error("TokenResource :: READ : No token found with ID, " + str);
                    }
                    throw new NotFoundException("Could not find valid token with given ID");
                }
                AMIdentity resourceOwnerIdentity = this.identityManager.getResourceOwnerIdentity(attributeValue3, attributeValue2);
                if (uid.equals(adminUserId) || uid.equals(resourceOwnerIdentity)) {
                    return Promises.newResultPromise(resource(read, uid));
                }
                if (this.debug.errorEnabled()) {
                    this.debug.error("TokenResource :: READ : Only the resource owner or an administrator may perform a read on the token with ID, " + str + ".");
                }
                throw new PermanentException(401, "Unauthorized", (Throwable) null);
            } catch (CoreTokenException e) {
                if (this.debug.errorEnabled()) {
                    this.debug.error("TokenResource :: READ : No token found with ID, " + str);
                }
                throw new NotFoundException("Could not find valid token with given ID", e);
            }
        } catch (UnauthorizedClientException e2) {
            this.debug.error("TokenResource :: READ : Unable to query collection as the client is not authorized.", e2);
            return new PermanentException(401, "Unauthorized", e2).asPromise();
        } catch (SSOException e3) {
            this.debug.error("TokenResource :: READ : Unable to query collection as the IdRepo failed to return a valid user.", e3);
            return new PermanentException(401, "Unauthorized", e3).asPromise();
        } catch (ResourceException e4) {
            return e4.asPromise();
        } catch (IdRepoException e5) {
            this.debug.error("TokenResource :: READ : Unable to query collection as the IdRepo failed to return a valid user.", e5);
            return new PermanentException(401, "Unauthorized", e5).asPromise();
        }
    }

    private ResourceResponse resource(JsonValue jsonValue, AMIdentity aMIdentity) {
        String str = (String) jsonValue.get("id").asList(String.class).get(0);
        if (!adminUserId.equals(aMIdentity)) {
            str = null;
            for (String str2 : RESOURCE_OWNER_HIDDEN_FIELDS) {
                jsonValue.remove(str2);
            }
        }
        return Responses.newResourceResponse(str, String.valueOf(jsonValue.getObject().hashCode()), jsonValue);
    }

    private String getCookieFromServerContext(Context context) {
        return RestUtils.getCookieFromServerContext(context);
    }

    private AMIdentity getUid(Context context) throws SSOException, IdRepoException, UnauthorizedClientException {
        SSOToken createSSOToken = SSOTokenManager.getInstance().createSSOToken(getCookieFromServerContext(context));
        return this.identityManager.getResourceOwnerIdentity(createSSOToken.getProperty("UserToken"), createSSOToken.getProperty("Organization"));
    }

    public String getIndefinitelyString(Context context) {
        try {
            return ResourceBundle.getBundle("TokenResource", getLocale(context)).getString(INDEFINITE_TOKEN_STRING_PROPERTY_NAME);
        } catch (SSOException | SMSException e) {
            this.debug.error("Error retrieving resource bundle: TokenResource");
            return INDEFINITELY;
        }
    }

    private Locale getLocale(Context context) throws SSOException, SMSException {
        ISLocaleContext iSLocaleContext = new ISLocaleContext();
        iSLocaleContext.setLocale(context.asContext(HttpContext.class));
        return iSLocaleContext.getLocale();
    }

    static {
        adminUserId = null;
        if (adminUser != null) {
            adminUserId = new AMIdentity(token, adminUser, IdType.USER, "/", (String) null);
        }
    }
}
