package com.sun.xml.ws.security.trust.sts;

import com.sun.xml.ws.api.security.trust.BaseSTS;
import com.sun.xml.ws.api.security.trust.WSTrustContract;
import com.sun.xml.ws.api.security.trust.WSTrustException;
import com.sun.xml.ws.api.security.trust.config.STSConfiguration;
import com.sun.xml.ws.policy.PolicyAssertion;
import com.sun.xml.ws.policy.impl.bindings.AppliesTo;
import com.sun.xml.ws.security.impl.IssuedTokenContextImpl;
import com.sun.xml.ws.security.impl.policy.Constants;
import com.sun.xml.ws.security.trust.WSTrustConstants;
import com.sun.xml.ws.security.trust.WSTrustElementFactory;
import com.sun.xml.ws.security.trust.WSTrustFactory;
import com.sun.xml.ws.security.trust.WSTrustVersion;
import com.sun.xml.ws.security.trust.elements.BaseSTSRequest;
import com.sun.xml.ws.security.trust.elements.BaseSTSResponse;
import com.sun.xml.ws.security.trust.elements.RequestSecurityToken;
import com.sun.xml.ws.security.trust.impl.DefaultSTSConfiguration;
import com.sun.xml.ws.security.trust.impl.DefaultTrustSPMetadata;
import com.sun.xml.ws.security.trust.util.WSTrustUtil;
import com.sun.xml.wss.SecurityEnvironment;
import com.sun.xml.wss.SubjectAccessor;
import com.sun.xml.wss.XWSSecurityException;
import java.util.Iterator;
import javax.xml.namespace.QName;
import javax.xml.transform.Source;
import javax.xml.transform.TransformerException;
import javax.xml.ws.WebServiceException;
import javax.xml.ws.handler.MessageContext;

/* loaded from: input_file:com/sun/xml/ws/security/trust/sts/BaseSTSImpl.class */
public abstract class BaseSTSImpl implements BaseSTS {
    public static final int DEFAULT_TIMEOUT = 36000;
    public static final String DEFAULT_ISSUER = "SampleSunSTS";
    public static final String STS_CONFIGURATION = "STSConfiguration";
    public static final String DEFAULT_IMPL = "com.sun.xml.ws.security.trust.impl.IssueSamlTokenContractImpl";
    public static final String DEFAULT_APPLIESTO = "default";
    public static final String APPLIES_TO = "AppliesTo";
    public static final String LIFETIME = "LifeTime";
    public static final String ALIAS = "CertAlias";
    public static final String CONTRACT = "Contract";
    public static final String ISSUER = "Issuer";
    public static final String TOKEN_TYPE = "TokenType";
    public static final String KEY_TYPE = "KeyType";
    public static final String SERVICE_PROVIDERS = "ServiceProviders";
    protected WSTrustVersion wstVer = WSTrustVersion.WS_TRUST_10;
    public static final String ENCRYPT_KEY = "encryptIssuedKey";
    private static final QName Q_EK = new QName("", ENCRYPT_KEY);
    public static final String ENCRYPT_TOKEN = "encryptIssuedToken";
    private static final QName Q_ET = new QName("", ENCRYPT_TOKEN);
    public static final String END_POINT = "endPoint";
    private static final QName Q_EP = new QName("", END_POINT);

    @Override // com.sun.xml.ws.api.security.trust.BaseSTS
    public Source invoke(Source source) {
        STSConfiguration configuration = getConfiguration();
        Source source2 = null;
        try {
            WSTrustElementFactory newInstance = WSTrustElementFactory.newInstance(this.wstVer);
            RequestSecurityToken createRSTFrom = newInstance.createRSTFrom(source);
            String str = null;
            AppliesTo appliesTo = createRSTFrom.getAppliesTo();
            if (appliesTo != null) {
                str = WSTrustUtil.getAppliesToURI(appliesTo);
            }
            if (str == null) {
                str = "default";
            }
            if (createRSTFrom.getRequestType().toString().equals(this.wstVer.getIssueRequestTypeURI())) {
                source2 = issue(configuration, str, newInstance, createRSTFrom);
            } else if (createRSTFrom.getRequestType().toString().equals(this.wstVer.getCancelRequestTypeURI())) {
                source2 = cancel(configuration, str, newInstance, createRSTFrom);
            } else if (createRSTFrom.getRequestType().toString().equals(this.wstVer.getRenewRequestTypeURI())) {
                source2 = renew(configuration, str, newInstance, createRSTFrom);
            } else if (createRSTFrom.getRequestType().toString().equals(this.wstVer.getValidateRequestTypeURI())) {
                source2 = validate(configuration, str, newInstance, createRSTFrom);
            }
            return source2;
        } catch (Exception e) {
            throw new WebServiceException(e);
        }
    }

    protected abstract MessageContext getMessageContext();

    STSConfiguration getConfiguration() {
        WSTrustVersion wSTrustVersion;
        MessageContext messageContext = getMessageContext();
        SecurityEnvironment securityEnvironment = (SecurityEnvironment) messageContext.get(WSTrustConstants.SECURITY_ENVIRONMENT);
        WSTrustVersion wSTrustVersion2 = (WSTrustVersion) messageContext.get(WSTrustConstants.WST_VERSION);
        if (wSTrustVersion2 != null) {
            this.wstVer = wSTrustVersion2;
        }
        STSConfiguration runtimeSTSConfiguration = WSTrustFactory.getRuntimeSTSConfiguration();
        if (runtimeSTSConfiguration != null) {
            if (runtimeSTSConfiguration.getCallbackHandler() == null) {
                runtimeSTSConfiguration.getOtherOptions().put(WSTrustConstants.SECURITY_ENVIRONMENT, securityEnvironment);
            }
            if (wSTrustVersion2 == null && (wSTrustVersion = (WSTrustVersion) runtimeSTSConfiguration.getOtherOptions().get(WSTrustConstants.WST_VERSION)) != null) {
                this.wstVer = wSTrustVersion;
            }
            runtimeSTSConfiguration.getOtherOptions().put(WSTrustConstants.WST_VERSION, this.wstVer);
            return runtimeSTSConfiguration;
        }
        DefaultSTSConfiguration defaultSTSConfiguration = new DefaultSTSConfiguration();
        defaultSTSConfiguration.getOtherOptions().put(WSTrustConstants.SECURITY_ENVIRONMENT, securityEnvironment);
        Iterator it = (Iterator) messageContext.get(Constants.SUN_TRUST_SERVER_SECURITY_POLICY_NS);
        if (it == null) {
            throw new WebServiceException("STS configuration information is not available");
        }
        while (it.hasNext()) {
            PolicyAssertion policyAssertion = (PolicyAssertion) it.next();
            if (STS_CONFIGURATION.equals(policyAssertion.getName().getLocalPart())) {
                defaultSTSConfiguration.setEncryptIssuedToken(Boolean.parseBoolean(policyAssertion.getAttributeValue(Q_ET)));
                defaultSTSConfiguration.setEncryptIssuedKey(Boolean.parseBoolean(policyAssertion.getAttributeValue(Q_EK)));
                Iterator<PolicyAssertion> nestedAssertionsIterator = policyAssertion.getNestedAssertionsIterator();
                while (nestedAssertionsIterator.hasNext()) {
                    PolicyAssertion next = nestedAssertionsIterator.next();
                    if (LIFETIME.equals(next.getName().getLocalPart())) {
                        defaultSTSConfiguration.setIssuedTokenTimeout(Integer.parseInt(next.getValue()));
                    } else if (CONTRACT.equals(next.getName().getLocalPart())) {
                        defaultSTSConfiguration.setType(next.getValue());
                    } else if ("Issuer".equals(next.getName().getLocalPart())) {
                        defaultSTSConfiguration.setIssuer(next.getValue());
                    } else if (SERVICE_PROVIDERS.equals(next.getName().getLocalPart())) {
                        Iterator<PolicyAssertion> nestedAssertionsIterator2 = next.getNestedAssertionsIterator();
                        while (nestedAssertionsIterator2.hasNext()) {
                            PolicyAssertion next2 = nestedAssertionsIterator2.next();
                            String attributeValue = next2.getAttributeValue(Q_EP);
                            if (attributeValue == null) {
                                attributeValue = next2.getAttributeValue(new QName("", END_POINT.toLowerCase()));
                            }
                            DefaultTrustSPMetadata defaultTrustSPMetadata = new DefaultTrustSPMetadata(attributeValue);
                            Iterator<PolicyAssertion> nestedAssertionsIterator3 = next2.getNestedAssertionsIterator();
                            while (nestedAssertionsIterator3.hasNext()) {
                                PolicyAssertion next3 = nestedAssertionsIterator3.next();
                                if (ALIAS.equals(next3.getName().getLocalPart())) {
                                    defaultTrustSPMetadata.setCertAlias(next3.getValue());
                                } else if ("TokenType".equals(next3.getName().getLocalPart())) {
                                    defaultTrustSPMetadata.setTokenType(next3.getValue());
                                } else if ("KeyType".equals(next3.getName().getLocalPart())) {
                                    defaultTrustSPMetadata.setKeyType(next3.getValue());
                                }
                            }
                            defaultSTSConfiguration.addTrustSPMetadata(defaultTrustSPMetadata, attributeValue);
                        }
                    }
                }
            }
        }
        defaultSTSConfiguration.getOtherOptions().put(WSTrustConstants.WST_VERSION, this.wstVer);
        return defaultSTSConfiguration;
    }

    private Source issue(STSConfiguration sTSConfiguration, String str, WSTrustElementFactory wSTrustElementFactory, BaseSTSRequest baseSTSRequest) throws WSTrustException, TransformerException {
        WSTrustContract<BaseSTSRequest, BaseSTSResponse> newWSTrustContract = WSTrustFactory.newWSTrustContract(sTSConfiguration, str);
        IssuedTokenContextImpl issuedTokenContextImpl = new IssuedTokenContextImpl();
        try {
            issuedTokenContextImpl.setRequestorSubject(SubjectAccessor.getRequesterSubject(getMessageContext()));
            return wSTrustElementFactory.toSource(newWSTrustContract.issue(baseSTSRequest, issuedTokenContextImpl));
        } catch (XWSSecurityException e) {
            throw new WSTrustException("error getting subject", e);
        }
    }

    private Source cancel(STSConfiguration sTSConfiguration, String str, WSTrustElementFactory wSTrustElementFactory, BaseSTSRequest baseSTSRequest) {
        return null;
    }

    private Source renew(STSConfiguration sTSConfiguration, String str, WSTrustElementFactory wSTrustElementFactory, RequestSecurityToken requestSecurityToken) throws WSTrustException {
        return wSTrustElementFactory.toSource(WSTrustFactory.newWSTrustContract(sTSConfiguration, str).renew(requestSecurityToken, new IssuedTokenContextImpl()));
    }

    private Source validate(STSConfiguration sTSConfiguration, String str, WSTrustElementFactory wSTrustElementFactory, BaseSTSRequest baseSTSRequest) throws WSTrustException {
        return wSTrustElementFactory.toSource(WSTrustFactory.newWSTrustContract(sTSConfiguration, str).validate(baseSTSRequest, new IssuedTokenContextImpl()));
    }
}
