package org.jboss.wsf.stack.cxf.jaspi;

import java.util.Map;
import java.util.Properties;
import javax.security.auth.message.config.AuthConfigFactory;
import javax.security.auth.message.config.ServerAuthConfig;
import org.apache.cxf.Bus;
import org.apache.cxf.endpoint.Client;
import org.apache.cxf.jaxws.EndpointImpl;
import org.jboss.security.auth.callback.JBossCallbackHandler;
import org.jboss.security.auth.login.AuthenticationInfo;
import org.jboss.security.auth.login.BaseAuthenticationInfo;
import org.jboss.security.auth.login.JASPIAuthenticationInfo;
import org.jboss.security.config.ApplicationPolicy;
import org.jboss.security.config.SecurityConfiguration;
import org.jboss.wsf.spi.deployment.Deployment;
import org.jboss.wsf.spi.deployment.Endpoint;
import org.jboss.wsf.spi.metadata.webservices.JBossWebservicesMetaData;
import org.jboss.wsf.spi.security.JASPIAuthenticationProvider;
import org.jboss.wsf.stack.cxf.jaspi.client.JaspiClientAuthenticator;
import org.jboss.wsf.stack.cxf.jaspi.client.JaspiClientInInterceptor;
import org.jboss.wsf.stack.cxf.jaspi.client.JaspiClientOutInterceptor;
import org.jboss.wsf.stack.cxf.jaspi.config.JBossWSAuthConfigProvider;
import org.jboss.wsf.stack.cxf.jaspi.interceptor.JaspiSeverInInterceptor;
import org.jboss.wsf.stack.cxf.jaspi.interceptor.JaspiSeverOutInterceptor;
import org.jboss.wsf.stack.cxf.jaspi.log.Loggers;

/* loaded from: input_file:wildfly-10.1.0.Final/modules/system/layers/base/org/jboss/ws/jaxws-client/main/jbossws-cxf-jaspi-5.1.5.Final.jar:org/jboss/wsf/stack/cxf/jaspi/DefaultJASPIAuthenticationProvider.class */
public class DefaultJASPIAuthenticationProvider implements JASPIAuthenticationProvider {
    @Override // org.jboss.wsf.spi.security.JASPIAuthenticationProvider
    public boolean enableClientAuthentication(Object obj, Map<String, String> map) {
        if (!(obj instanceof Client)) {
            Loggers.ROOT_LOGGER.cannotEnableJASPIAuthentication(obj.getClass().getSimpleName());
            return false;
        }
        Client client = (Client) obj;
        String str = map.get("jaspi.security.domain");
        if (str == null) {
            return false;
        }
        ApplicationPolicy applicationPolicy = SecurityConfiguration.getApplicationPolicy(str);
        if (applicationPolicy == null) {
            Loggers.ROOT_LOGGER.noApplicationPolicy(str);
            return false;
        }
        BaseAuthenticationInfo authenticationInfo = applicationPolicy.getAuthenticationInfo();
        if (authenticationInfo == null || (authenticationInfo instanceof AuthenticationInfo)) {
            Loggers.ROOT_LOGGER.noJaspiApplicationPolicy(str);
            return false;
        }
        JASPIAuthenticationInfo jASPIAuthenticationInfo = (JASPIAuthenticationInfo) authenticationInfo;
        String str2 = "localhost " + client.getEndpoint().getEndpointInfo().getName().toString();
        AuthConfigFactory factory = AuthConfigFactory.getFactory();
        new JBossWSAuthConfigProvider(new Properties(), factory);
        try {
            JaspiClientAuthenticator jaspiClientAuthenticator = new JaspiClientAuthenticator(factory.getConfigProvider("soap", str2, null).getClientAuthConfig("soap", str2, new JBossCallbackHandler()), str, jASPIAuthenticationInfo);
            client.getInInterceptors().add(new JaspiClientInInterceptor(jaspiClientAuthenticator));
            client.getOutInterceptors().add(new JaspiClientOutInterceptor(jaspiClientAuthenticator));
            return false;
        } catch (Exception e) {
            Loggers.DEPLOYMENT_LOGGER.cannotCreateServerAuthContext(str, e);
            return false;
        }
    }

    @Override // org.jboss.wsf.spi.security.JASPIAuthenticationProvider
    public boolean enableServerAuthentication(Deployment deployment, JBossWebservicesMetaData jBossWebservicesMetaData) {
        String str = null;
        if (jBossWebservicesMetaData != null) {
            str = jBossWebservicesMetaData.getProperty("jaspi.security.domain");
        }
        if (str == null) {
            return false;
        }
        ApplicationPolicy applicationPolicy = SecurityConfiguration.getApplicationPolicy(str);
        if (applicationPolicy == null) {
            Loggers.ROOT_LOGGER.noApplicationPolicy(str);
            return false;
        }
        BaseAuthenticationInfo authenticationInfo = applicationPolicy.getAuthenticationInfo();
        if (authenticationInfo == null || (authenticationInfo instanceof AuthenticationInfo)) {
            Loggers.ROOT_LOGGER.noJaspiApplicationPolicy(str);
            return false;
        }
        JASPIAuthenticationInfo jASPIAuthenticationInfo = (JASPIAuthenticationInfo) authenticationInfo;
        String str2 = "localhost " + deployment.getService().getContextRoot();
        AuthConfigFactory factory = AuthConfigFactory.getFactory();
        new JBossWSAuthConfigProvider(new Properties(), factory);
        try {
            ServerAuthConfig serverAuthConfig = factory.getConfigProvider("soap", str2, null).getServerAuthConfig("soap", str2, new JBossCallbackHandler());
            Properties properties = new Properties();
            properties.put("security-domain", str);
            properties.put("jaspi-policy", jASPIAuthenticationInfo);
            Bus bus = (Bus) deployment.getAttachment(Bus.class);
            properties.put(Bus.class, bus);
            JaspiServerAuthenticator jaspiServerAuthenticator = new JaspiServerAuthenticator(serverAuthConfig.getAuthContext(deployment.getSimpleName(), null, properties));
            bus.getInInterceptors().add(new JaspiSeverInInterceptor(jaspiServerAuthenticator));
            bus.getOutInterceptors().add(new JaspiSeverOutInterceptor(jaspiServerAuthenticator));
            return true;
        } catch (Exception e) {
            Loggers.DEPLOYMENT_LOGGER.cannotCreateServerAuthContext(str, e);
            return false;
        }
    }

    @Override // org.jboss.wsf.spi.security.JASPIAuthenticationProvider
    public boolean enableServerAuthentication(Object obj, Endpoint endpoint) {
        if (!(obj instanceof EndpointImpl)) {
            Loggers.ROOT_LOGGER.cannotEnableJASPIAuthentication(obj.getClass().getSimpleName());
            return false;
        }
        EndpointImpl endpointImpl = (EndpointImpl) obj;
        String str = (String) endpointImpl.getProperties().get("jaspi.security.domain");
        if (str == null) {
            return false;
        }
        ApplicationPolicy applicationPolicy = SecurityConfiguration.getApplicationPolicy(str);
        if (applicationPolicy == null) {
            Loggers.ROOT_LOGGER.noApplicationPolicy(str);
            return false;
        }
        BaseAuthenticationInfo authenticationInfo = applicationPolicy.getAuthenticationInfo();
        if (authenticationInfo == null || (authenticationInfo instanceof AuthenticationInfo)) {
            Loggers.ROOT_LOGGER.noJaspiApplicationPolicy(str);
            return false;
        }
        JASPIAuthenticationInfo jASPIAuthenticationInfo = (JASPIAuthenticationInfo) authenticationInfo;
        String str2 = "localhost " + endpoint.getService().getContextRoot();
        AuthConfigFactory factory = AuthConfigFactory.getFactory();
        new JBossWSAuthConfigProvider(new Properties(), factory);
        try {
            ServerAuthConfig serverAuthConfig = factory.getConfigProvider("soap", str2, null).getServerAuthConfig("soap", str2, new JBossCallbackHandler());
            Properties properties = new Properties();
            properties.put("security-domain", str);
            properties.put("jaspi-policy", jASPIAuthenticationInfo);
            properties.put(javax.xml.ws.Endpoint.class, endpointImpl);
            JaspiServerAuthenticator jaspiServerAuthenticator = new JaspiServerAuthenticator(serverAuthConfig.getAuthContext(endpointImpl.getBeanName(), null, properties));
            endpointImpl.getInInterceptors().add(new JaspiSeverInInterceptor(jaspiServerAuthenticator));
            endpointImpl.getOutInterceptors().add(new JaspiSeverOutInterceptor(jaspiServerAuthenticator));
            return true;
        } catch (Exception e) {
            Loggers.DEPLOYMENT_LOGGER.cannotCreateServerAuthContext(str, e);
            return false;
        }
    }
}
