package org.jboss.identity.federation.api.wstrust;

import java.net.URI;
import java.security.Principal;
import java.security.PublicKey;
import org.jboss.identity.federation.api.wstrust.plugins.saml.SAMLUtil;
import org.jboss.identity.federation.core.wstrust.RequestSecurityToken;
import org.jboss.identity.federation.core.wstrust.RequestSecurityTokenResponse;
import org.jboss.identity.federation.ws.policy.AppliesTo;
import org.jboss.identity.federation.ws.trust.RequestedSecurityTokenType;

/* loaded from: input_file:org/jboss/identity/federation/api/wstrust/StandardRequestHandler.class */
public class StandardRequestHandler implements WSTrustRequestHandler {
    private STSConfiguration configuration;

    @Override // org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler
    public void initialize(STSConfiguration sTSConfiguration) {
        this.configuration = sTSConfiguration;
    }

    @Override // org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler
    public RequestSecurityTokenResponse issue(RequestSecurityToken requestSecurityToken, Principal principal) throws WSTrustException {
        String parseAppliesTo;
        SecurityTokenProvider securityTokenProvider = null;
        AppliesTo appliesTo = requestSecurityToken.getAppliesTo();
        PublicKey publicKey = null;
        if (appliesTo != null && (parseAppliesTo = WSTrustUtil.parseAppliesTo(appliesTo)) != null) {
            securityTokenProvider = this.configuration.getProviderForService(parseAppliesTo);
            requestSecurityToken.setTokenType(URI.create(this.configuration.getTokenTypeForService(parseAppliesTo)));
            publicKey = this.configuration.getServiceProviderPublicKey(parseAppliesTo);
        }
        if (securityTokenProvider == null && requestSecurityToken.getTokenType() != null) {
            securityTokenProvider = this.configuration.getProviderForTokenType(requestSecurityToken.getTokenType().toString());
        } else if (appliesTo == null && requestSecurityToken.getTokenType() == null) {
            throw new WSTrustException("Either AppliesTo or TokenType must be present in a security token request");
        }
        if (securityTokenProvider == null) {
            throw new WSTrustException("Unable to find a token provider for the token request");
        }
        WSTrustRequestContext wSTrustRequestContext = new WSTrustRequestContext(requestSecurityToken, principal);
        wSTrustRequestContext.setTokenIssuer(this.configuration.getSTSName());
        if (requestSecurityToken.getLifetime() == null && this.configuration.getIssuedTokenTimeout() != 0) {
            requestSecurityToken.setLifetime(WSTrustUtil.createDefaultLifetime(this.configuration.getIssuedTokenTimeout()));
        }
        wSTrustRequestContext.setSTSKeyPair(this.configuration.getSTSKeyPair());
        wSTrustRequestContext.setServiceProviderPublicKey(publicKey);
        securityTokenProvider.issueToken(wSTrustRequestContext);
        if (wSTrustRequestContext.getSecurityToken() == null) {
            throw new WSTrustException("Token issued by provider " + securityTokenProvider.getClass().getName() + " is null");
        }
        RequestedSecurityTokenType requestedSecurityTokenType = new RequestedSecurityTokenType();
        requestedSecurityTokenType.setAny(wSTrustRequestContext.getSecurityToken().getTokenValue());
        RequestSecurityTokenResponse requestSecurityTokenResponse = new RequestSecurityTokenResponse();
        if (requestSecurityToken.getContext() != null) {
            requestSecurityTokenResponse.setContext(requestSecurityToken.getContext());
        }
        requestSecurityTokenResponse.setTokenType(requestSecurityToken.getTokenType());
        requestSecurityTokenResponse.setLifetime(requestSecurityToken.getLifetime());
        requestSecurityTokenResponse.setAppliesTo(appliesTo);
        requestSecurityTokenResponse.setRequestedSecurityToken(requestedSecurityTokenType);
        if (wSTrustRequestContext.getAttachedReference() != null) {
            requestSecurityTokenResponse.setRequestedAttachedReference(wSTrustRequestContext.getAttachedReference());
        }
        if (wSTrustRequestContext.getUnattachedReference() != null) {
            requestSecurityTokenResponse.setRequestedUnattachedReference(wSTrustRequestContext.getUnattachedReference());
        }
        return requestSecurityTokenResponse;
    }

    @Override // org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler
    public RequestSecurityTokenResponse renew(RequestSecurityToken requestSecurityToken, Principal principal) throws WSTrustException {
        throw new UnsupportedOperationException();
    }

    @Override // org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler
    public RequestSecurityTokenResponse validate(RequestSecurityToken requestSecurityToken, Principal principal) throws WSTrustException {
        if (requestSecurityToken.getTokenType() == null) {
            requestSecurityToken.setTokenType(URI.create(WSTrustConstants.STATUS_TYPE));
        }
        SecurityTokenProvider providerForTokenType = this.configuration.getProviderForTokenType(SAMLUtil.SAML2_TOKEN_TYPE);
        WSTrustRequestContext wSTrustRequestContext = new WSTrustRequestContext(requestSecurityToken, principal);
        wSTrustRequestContext.setSTSKeyPair(this.configuration.getSTSKeyPair());
        providerForTokenType.validateToken(wSTrustRequestContext);
        RequestSecurityTokenResponse requestSecurityTokenResponse = new RequestSecurityTokenResponse();
        if (requestSecurityToken.getContext() != null) {
            requestSecurityTokenResponse.setContext(requestSecurityToken.getContext());
        }
        requestSecurityTokenResponse.setTokenType(requestSecurityToken.getTokenType());
        requestSecurityTokenResponse.setStatus(wSTrustRequestContext.getStatus());
        return requestSecurityTokenResponse;
    }

    @Override // org.jboss.identity.federation.api.wstrust.WSTrustRequestHandler
    public RequestSecurityTokenResponse cancel(RequestSecurityToken requestSecurityToken, Principal principal) throws WSTrustException {
        throw new UnsupportedOperationException();
    }
}
