package org.apache.cxf.sts.operation;

import java.security.Principal;
import java.time.Instant;
import java.time.ZoneOffset;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.xml.namespace.QName;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.helpers.DOMUtils;
import org.apache.cxf.sts.IdentityMapper;
import org.apache.cxf.sts.QNameConstants;
import org.apache.cxf.sts.STSPropertiesMBean;
import org.apache.cxf.sts.claims.ClaimsManager;
import org.apache.cxf.sts.event.AbstractSTSEvent;
import org.apache.cxf.sts.event.STSEventListener;
import org.apache.cxf.sts.request.KeyRequirements;
import org.apache.cxf.sts.request.ReceivedToken;
import org.apache.cxf.sts.request.RequestParser;
import org.apache.cxf.sts.request.RequestRequirements;
import org.apache.cxf.sts.request.TokenRequirements;
import org.apache.cxf.sts.service.EncryptionProperties;
import org.apache.cxf.sts.service.ServiceMBean;
import org.apache.cxf.sts.token.delegation.TokenDelegationHandler;
import org.apache.cxf.sts.token.delegation.TokenDelegationParameters;
import org.apache.cxf.sts.token.delegation.TokenDelegationResponse;
import org.apache.cxf.sts.token.provider.TokenProvider;
import org.apache.cxf.sts.token.provider.TokenProviderParameters;
import org.apache.cxf.sts.token.provider.TokenReference;
import org.apache.cxf.sts.token.realm.Relationship;
import org.apache.cxf.sts.token.realm.RelationshipResolver;
import org.apache.cxf.sts.token.validator.TokenValidator;
import org.apache.cxf.sts.token.validator.TokenValidatorParameters;
import org.apache.cxf.sts.token.validator.TokenValidatorResponse;
import org.apache.cxf.ws.security.sts.provider.STSException;
import org.apache.cxf.ws.security.sts.provider.model.LifetimeType;
import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType;
import org.apache.cxf.ws.security.sts.provider.model.RequestedReferenceType;
import org.apache.cxf.ws.security.sts.provider.model.secext.KeyIdentifierType;
import org.apache.cxf.ws.security.sts.provider.model.secext.ReferenceType;
import org.apache.cxf.ws.security.sts.provider.model.secext.SecurityTokenReferenceType;
import org.apache.cxf.ws.security.sts.provider.model.utility.AttributedDateTime;
import org.apache.cxf.ws.security.tokenstore.TokenStore;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.util.DateUtil;
import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.message.WSSecEncryptedKey;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.stax.securityEvent.SecurityEvent;
import org.apache.xml.security.stax.securityEvent.SecurityEventConstants;
import org.apache.xml.security.stax.securityEvent.TokenSecurityEvent;
import org.apache.xml.security.stax.securityToken.SecurityToken;
import org.w3c.dom.Element;

/* loaded from: input_file:BOOT-INF/lib/cxf-services-sts-core-3.3.6.fuse-780029-redhat-00001.jar:org/apache/cxf/sts/operation/AbstractOperation.class */
public abstract class AbstractOperation {
    public static final QName TOKEN_TYPE = new QName("http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd", "TokenType", "wsse11");
    private static final Logger LOG = LogUtils.getL7dLogger(AbstractOperation.class);
    protected STSPropertiesMBean stsProperties;
    protected boolean encryptIssuedToken;
    protected List<ServiceMBean> services;
    protected TokenStore tokenStore;
    protected STSEventListener eventPublisher;
    protected boolean allowCustomContent;
    protected List<TokenProvider> tokenProviders = new ArrayList();
    protected List<TokenValidator> tokenValidators = new ArrayList();
    protected boolean returnReferences = true;
    protected ClaimsManager claimsManager = new ClaimsManager();
    protected List<TokenDelegationHandler> delegationHandlers = new ArrayList();
    protected TokenWrapper tokenWrapper = new DefaultTokenWrapper();
    protected boolean includeLifetimeElement = true;

    public boolean isAllowCustomContent() {
        return this.allowCustomContent;
    }

    public void setAllowCustomContent(boolean z) {
        this.allowCustomContent = z;
    }

    public TokenWrapper getTokenWrapper() {
        return this.tokenWrapper;
    }

    public void setTokenWrapper(TokenWrapper tokenWrapper) {
        this.tokenWrapper = tokenWrapper;
    }

    public boolean isReturnReferences() {
        return this.returnReferences;
    }

    public void setReturnReferences(boolean z) {
        this.returnReferences = z;
    }

    public TokenStore getTokenStore() {
        return this.tokenStore;
    }

    public void setTokenStore(TokenStore tokenStore) {
        this.tokenStore = tokenStore;
    }

    public void setStsProperties(STSPropertiesMBean sTSPropertiesMBean) {
        this.stsProperties = sTSPropertiesMBean;
    }

    public void setEncryptIssuedToken(boolean z) {
        this.encryptIssuedToken = z;
    }

    public void setServices(List<ServiceMBean> list) {
        this.services = list;
    }

    public void setTokenProviders(List<TokenProvider> list) {
        this.tokenProviders = list;
    }

    public List<TokenDelegationHandler> getDelegationHandlers() {
        return this.delegationHandlers;
    }

    public void setDelegationHandlers(List<TokenDelegationHandler> list) {
        this.delegationHandlers = list;
    }

    public List<TokenProvider> getTokenProviders() {
        return this.tokenProviders;
    }

    public void setTokenValidators(List<TokenValidator> list) {
        this.tokenValidators = list;
    }

    public List<TokenValidator> getTokenValidators() {
        return this.tokenValidators;
    }

    public ClaimsManager getClaimsManager() {
        return this.claimsManager;
    }

    public void setClaimsManager(ClaimsManager claimsManager) {
        this.claimsManager = claimsManager;
    }

    public void setIncludeLifetimeElement(boolean z) {
        this.includeLifetimeElement = z;
    }

    public boolean isIncludeLifetimeElement() {
        return this.includeLifetimeElement;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public RequestRequirements parseRequest(RequestSecurityTokenType requestSecurityTokenType, Map<String, Object> map) {
        if (map == null) {
            throw new STSException("No message context found");
        }
        if (this.stsProperties == null) {
            throw new STSException("No STSProperties object found");
        }
        this.stsProperties.configureProperties();
        RequestParser requestParser = new RequestParser();
        requestParser.setAllowCustomContent(this.allowCustomContent);
        return requestParser.parseRequest(requestSecurityTokenType, map, this.stsProperties, this.claimsManager.getClaimParsers());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void cleanRequest(RequestRequirements requestRequirements) {
        if (requestRequirements.getKeyRequirements() == null || requestRequirements.getKeyRequirements().getEntropy() == null) {
            return;
        }
        requestRequirements.getKeyRequirements().getEntropy().clean();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static RequestedReferenceType createRequestedReference(TokenReference tokenReference, boolean z) {
        RequestedReferenceType createRequestedReferenceType = QNameConstants.WS_TRUST_FACTORY.createRequestedReferenceType();
        SecurityTokenReferenceType createSecurityTokenReferenceType = QNameConstants.WSSE_FACTORY.createSecurityTokenReferenceType();
        String wsse11TokenType = tokenReference.getWsse11TokenType();
        if (wsse11TokenType != null) {
            createSecurityTokenReferenceType.getOtherAttributes().put(TOKEN_TYPE, wsse11TokenType);
        }
        if (tokenReference.isUseKeyIdentifier()) {
            String iDFromReference = XMLUtils.getIDFromReference(tokenReference.getIdentifier());
            KeyIdentifierType createKeyIdentifierType = QNameConstants.WSSE_FACTORY.createKeyIdentifierType();
            createKeyIdentifierType.setValue(iDFromReference);
            String wsseValueType = tokenReference.getWsseValueType();
            if (wsseValueType != null) {
                createKeyIdentifierType.setValueType(wsseValueType);
            }
            createSecurityTokenReferenceType.getAny().add(QNameConstants.WSSE_FACTORY.createKeyIdentifier(createKeyIdentifierType));
        } else if (tokenReference.isUseDirectReference()) {
            String identifier = tokenReference.getIdentifier();
            if (z && identifier.charAt(0) != '#') {
                identifier = "#" + identifier;
            } else if (!z && identifier.charAt(0) == '#') {
                identifier = identifier.substring(1);
            }
            ReferenceType createReferenceType = QNameConstants.WSSE_FACTORY.createReferenceType();
            createReferenceType.setURI(identifier);
            String wsseValueType2 = tokenReference.getWsseValueType();
            if (wsseValueType2 != null) {
                createReferenceType.setValueType(wsseValueType2);
            }
            createSecurityTokenReferenceType.getAny().add(QNameConstants.WSSE_FACTORY.createReference(createReferenceType));
        }
        createRequestedReferenceType.setSecurityTokenReference(createSecurityTokenReferenceType);
        return createRequestedReferenceType;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static RequestedReferenceType createRequestedReference(String str, String str2, boolean z) {
        TokenReference tokenReference = new TokenReference();
        tokenReference.setIdentifier(str);
        if ("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1".equals(str2) || "urn:oasis:names:tc:SAML:1.0:assertion".equals(str2)) {
            tokenReference.setWsse11TokenType("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1");
            tokenReference.setUseKeyIdentifier(true);
            tokenReference.setWsseValueType("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID");
        } else if ("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0".equals(str2) || "urn:oasis:names:tc:SAML:2.0:assertion".equals(str2)) {
            tokenReference.setWsse11TokenType("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0");
            tokenReference.setUseKeyIdentifier(true);
            tokenReference.setWsseValueType("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID");
        } else {
            tokenReference.setUseDirectReference(true);
            tokenReference.setWsseValueType(str2);
        }
        return createRequestedReference(tokenReference, z);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static LifetimeType createLifetime(Instant instant, Instant instant2) {
        AttributedDateTime createAttributedDateTime = QNameConstants.UTIL_FACTORY.createAttributedDateTime();
        AttributedDateTime createAttributedDateTime2 = QNameConstants.UTIL_FACTORY.createAttributedDateTime();
        Instant now = Instant.now();
        Instant instant3 = instant;
        if (instant == null) {
            instant3 = now;
        }
        Instant instant4 = instant2;
        if (instant2 == null) {
            instant4 = now.plusSeconds(300L);
        }
        createAttributedDateTime.setValue(instant3.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
        createAttributedDateTime2.setValue(instant4.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
        if (LOG.isLoggable(Level.FINE)) {
            LOG.fine("Token lifetime creation: " + createAttributedDateTime.getValue());
            LOG.fine("Token lifetime expiration: " + createAttributedDateTime2.getValue());
        }
        LifetimeType createLifetimeType = QNameConstants.WS_TRUST_FACTORY.createLifetimeType();
        createLifetimeType.setCreated(createAttributedDateTime);
        createLifetimeType.setExpires(createAttributedDateTime2);
        return createLifetimeType;
    }

    protected Element encryptSecret(byte[] bArr, EncryptionProperties encryptionProperties, KeyRequirements keyRequirements) throws WSSecurityException {
        String encryptionName = encryptionProperties.getEncryptionName();
        if (encryptionName == null) {
            encryptionName = this.stsProperties.getEncryptionUsername();
        }
        if (encryptionName == null) {
            throw new STSException("No encryption alias is configured", STSException.REQUEST_FAILED);
        }
        String keywrapAlgorithm = keyRequirements.getKeywrapAlgorithm();
        if (keywrapAlgorithm == null) {
            keywrapAlgorithm = encryptionProperties.getKeyWrapAlgorithm();
        } else if (!encryptionProperties.getAcceptedKeyWrapAlgorithms().contains(keywrapAlgorithm)) {
            keywrapAlgorithm = encryptionProperties.getKeyWrapAlgorithm();
            if (LOG.isLoggable(Level.FINE)) {
                LOG.fine("KeyWrapAlgorithm not supported, defaulting to: " + keywrapAlgorithm);
            }
        }
        WSSecEncryptedKey wSSecEncryptedKey = new WSSecEncryptedKey(DOMUtils.getEmptyDocument());
        wSSecEncryptedKey.setUserInfo(encryptionName);
        wSSecEncryptedKey.setKeyIdentifierType(encryptionProperties.getKeyIdentifierType());
        wSSecEncryptedKey.setEphemeralKey(bArr);
        wSSecEncryptedKey.setKeyEncAlgo(keywrapAlgorithm);
        wSSecEncryptedKey.prepare(this.stsProperties.getEncryptionCrypto());
        return wSSecEncryptedKey.getEncryptedKeyElement();
    }

    protected String extractAddressFromAppliesTo(Element element) {
        Element firstChildWithName;
        LOG.fine("Parsing AppliesTo element");
        if (element != null) {
            Element firstChildWithName2 = DOMUtils.getFirstChildWithName(element, "http://www.w3.org/2005/08/addressing", "EndpointReference");
            if (firstChildWithName2 != null) {
                LOG.fine("Found EndpointReference element");
                Element firstChildWithName3 = DOMUtils.getFirstChildWithName(firstChildWithName2, "http://www.w3.org/2005/08/addressing", "Address");
                if (firstChildWithName3 != null) {
                    LOG.fine("Found address element");
                    return firstChildWithName3.getTextContent();
                }
            } else if (element.getNamespaceURI() != null && (firstChildWithName = DOMUtils.getFirstChildWithName(element, element.getNamespaceURI(), "URI")) != null) {
                LOG.fine("Found URI element");
                return firstChildWithName.getTextContent();
            }
        }
        LOG.fine("AppliesTo element does not exist or could not be parsed");
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public TokenProviderParameters createTokenProviderParameters(RequestRequirements requestRequirements, Principal principal, Map<String, Object> map) {
        TokenProviderParameters tokenProviderParameters = new TokenProviderParameters();
        tokenProviderParameters.setStsProperties(this.stsProperties);
        tokenProviderParameters.setPrincipal(principal);
        tokenProviderParameters.setMessageContext(map);
        tokenProviderParameters.setTokenStore(getTokenStore());
        tokenProviderParameters.setEncryptToken(this.encryptIssuedToken);
        KeyRequirements keyRequirements = requestRequirements.getKeyRequirements();
        TokenRequirements tokenRequirements = requestRequirements.getTokenRequirements();
        tokenProviderParameters.setKeyRequirements(keyRequirements);
        tokenProviderParameters.setTokenRequirements(tokenRequirements);
        String extractAddressFromAppliesTo = extractAddressFromAppliesTo(tokenRequirements.getAppliesTo());
        if (LOG.isLoggable(Level.FINE)) {
            LOG.fine("The AppliesTo address that has been received is: " + extractAddressFromAppliesTo);
        }
        tokenProviderParameters.setAppliesToAddress(extractAddressFromAppliesTo);
        if (this.stsProperties.getRealmParser() != null) {
            tokenProviderParameters.setRealm(this.stsProperties.getRealmParser().parseRealm(map));
        }
        tokenProviderParameters.setRequestedPrimaryClaims(tokenRequirements.getPrimaryClaims());
        tokenProviderParameters.setRequestedSecondaryClaims(tokenRequirements.getSecondaryClaims());
        EncryptionProperties encryptionProperties = this.stsProperties.getEncryptionProperties();
        if (extractAddressFromAppliesTo != null) {
            boolean z = false;
            if (this.services != null) {
                Iterator<ServiceMBean> it = this.services.iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    ServiceMBean next = it.next();
                    if (next.isAddressInEndpoints(extractAddressFromAppliesTo)) {
                        EncryptionProperties encryptionProperties2 = next.getEncryptionProperties();
                        if (encryptionProperties2 != null) {
                            encryptionProperties = encryptionProperties2;
                        }
                        if (tokenRequirements.getTokenType() == null) {
                            String tokenType = next.getTokenType();
                            tokenRequirements.setTokenType(tokenType);
                            LOG.fine("Using default token type of: " + tokenType);
                        }
                        if (keyRequirements.getKeyType() == null) {
                            String keyType = next.getKeyType();
                            keyRequirements.setKeyType(keyType);
                            LOG.fine("Using default key type of: " + keyType);
                        }
                        z = true;
                    }
                }
            }
            if (!z) {
                String str = "No service corresponding to " + extractAddressFromAppliesTo + " is known. Check 'services' property configuration in SecurityTokenServiceProvider";
                LOG.log(Level.SEVERE, str);
                throw new STSException(str, STSException.REQUEST_FAILED);
            }
        }
        tokenProviderParameters.setEncryptionProperties(encryptionProperties);
        return tokenProviderParameters;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public TokenValidatorResponse validateReceivedToken(Principal principal, Map<String, Object> map, String str, TokenRequirements tokenRequirements, ReceivedToken receivedToken) {
        receivedToken.setState(ReceivedToken.STATE.NONE);
        TokenRequirements tokenRequirements2 = new TokenRequirements();
        tokenRequirements2.setValidateTarget(receivedToken);
        TokenValidatorParameters tokenValidatorParameters = new TokenValidatorParameters();
        tokenValidatorParameters.setStsProperties(this.stsProperties);
        tokenValidatorParameters.setPrincipal(principal);
        tokenValidatorParameters.setMessageContext(map);
        tokenValidatorParameters.setTokenStore(getTokenStore());
        tokenValidatorParameters.setKeyRequirements(null);
        tokenValidatorParameters.setTokenRequirements(tokenRequirements2);
        tokenValidatorParameters.setToken(receivedToken);
        if (this.tokenValidators.isEmpty()) {
            LOG.fine("No token validators have been configured to validate the received token");
        }
        TokenValidatorResponse tokenValidatorResponse = null;
        Iterator<TokenValidator> it = this.tokenValidators.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            TokenValidator next = it.next();
            if (str == null ? next.canHandleToken(receivedToken) : next.canHandleToken(receivedToken, str)) {
                try {
                    tokenValidatorResponse = next.validateToken(tokenValidatorParameters);
                    receivedToken = tokenValidatorResponse.getToken();
                    receivedToken.setPrincipal(tokenValidatorResponse.getPrincipal());
                    receivedToken.setRoles(tokenValidatorResponse.getRoles());
                    break;
                } catch (RuntimeException e) {
                    LOG.log(Level.WARNING, "Failed to validate the token", (Throwable) e);
                    receivedToken.setState(ReceivedToken.STATE.INVALID);
                }
            }
        }
        if (tokenValidatorResponse == null) {
            LOG.fine("No token validator has been configured to validate the received token");
        }
        return tokenValidatorResponse;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void performDelegationHandling(RequestRequirements requestRequirements, Principal principal, Map<String, Object> map, ReceivedToken receivedToken, Principal principal2, Set<Principal> set) {
        TokenDelegationParameters tokenDelegationParameters = new TokenDelegationParameters();
        tokenDelegationParameters.setStsProperties(this.stsProperties);
        tokenDelegationParameters.setPrincipal(principal);
        tokenDelegationParameters.setMessageContext(map);
        tokenDelegationParameters.setTokenStore(getTokenStore());
        tokenDelegationParameters.setTokenPrincipal(principal2);
        tokenDelegationParameters.setTokenRoles(set);
        KeyRequirements keyRequirements = requestRequirements.getKeyRequirements();
        TokenRequirements tokenRequirements = requestRequirements.getTokenRequirements();
        tokenDelegationParameters.setKeyRequirements(keyRequirements);
        tokenDelegationParameters.setTokenRequirements(tokenRequirements);
        tokenDelegationParameters.setAppliesToAddress(extractAddressFromAppliesTo(tokenRequirements.getAppliesTo()));
        tokenDelegationParameters.setToken(receivedToken);
        TokenDelegationResponse tokenDelegationResponse = null;
        Iterator<TokenDelegationHandler> it = this.delegationHandlers.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            TokenDelegationHandler next = it.next();
            if (next.canHandleToken(receivedToken)) {
                try {
                    tokenDelegationResponse = next.isDelegationAllowed(tokenDelegationParameters);
                    break;
                } catch (RuntimeException e) {
                    LOG.log(Level.WARNING, "", (Throwable) e);
                    throw new STSException("Error in delegation handling", e, STSException.REQUEST_FAILED);
                }
            }
        }
        if (tokenDelegationResponse == null || !tokenDelegationResponse.isDelegationAllowed()) {
            LOG.log(Level.WARNING, "No matching token delegation handler found");
            throw new STSException("No matching token delegation handler found", STSException.REQUEST_FAILED);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void processValidToken(TokenProviderParameters tokenProviderParameters, ReceivedToken receivedToken, TokenValidatorResponse tokenValidatorResponse) {
        Principal principal = tokenValidatorResponse.getPrincipal();
        if (principal != null) {
            String realm = tokenProviderParameters.getRealm();
            String tokenRealm = tokenValidatorResponse.getTokenRealm();
            if (tokenRealm == null || realm == null || tokenRealm.equals(realm)) {
                return;
            }
            RelationshipResolver relationshipResolver = this.stsProperties.getRelationshipResolver();
            Relationship relationship = null;
            if (relationshipResolver != null) {
                relationship = relationshipResolver.resolveRelationship(tokenRealm, realm);
                if (relationship != null) {
                    tokenValidatorResponse.getAdditionalProperties().put(Relationship.class.getName(), relationship);
                }
            }
            if (relationship != null && !relationship.getType().equals(Relationship.FED_TYPE_IDENTITY)) {
                if (relationship.getType().equals(Relationship.FED_TYPE_CLAIMS)) {
                    return;
                }
                LOG.log(Level.SEVERE, "Unknown federation type: " + relationship.getType());
                throw new STSException("Error in providing a token", STSException.BAD_REQUEST);
            }
            IdentityMapper identityMapper = relationship == null ? this.stsProperties.getIdentityMapper() : relationship.getIdentityMapper();
            if (identityMapper != null) {
                receivedToken.setPrincipal(identityMapper.mapPrincipal(tokenRealm, principal, realm));
            } else {
                LOG.log(Level.SEVERE, "No IdentityMapper configured in STSProperties or Relationship");
                throw new STSException("Error in providing a token", STSException.REQUEST_FAILED);
            }
        }
    }

    public void setEventListener(STSEventListener sTSEventListener) {
        this.eventPublisher = sTSEventListener;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void publishEvent(AbstractSTSEvent abstractSTSEvent) {
        if (this.eventPublisher != null) {
            this.eventPublisher.handleSTSEvent(abstractSTSEvent);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static SecurityToken findInboundSecurityToken(SecurityEventConstants.Event event, Map<String, Object> map) throws XMLSecurityException {
        List<SecurityEvent> list = (List) map.get(SecurityEvent.class.getName() + ".in");
        if (list == null) {
            return null;
        }
        for (SecurityEvent securityEvent : list) {
            if (event == securityEvent.getSecurityEventType()) {
                return ((TokenSecurityEvent) securityEvent).getSecurityToken();
            }
        }
        return null;
    }
}
