package org.picketlink.identity.federation.core.wstrust;

import javax.xml.bind.Binder;
import javax.xml.bind.JAXBElement;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
import javax.xml.bind.Unmarshaller;
import javax.xml.transform.Source;
import javax.xml.transform.dom.DOMSource;
import org.apache.log4j.Logger;
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.saml.v2.common.SAMLDocumentHolder;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.util.JAXBUtil;
import org.picketlink.identity.federation.core.wstrust.wrappers.BaseRequestSecurityToken;
import org.picketlink.identity.federation.core.wstrust.wrappers.BaseRequestSecurityTokenResponse;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
import org.picketlink.identity.federation.ws.trust.ObjectFactory;
import org.picketlink.identity.federation.ws.trust.RequestSecurityTokenResponseCollectionType;
import org.picketlink.identity.federation.ws.trust.RequestSecurityTokenType;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:org/picketlink/identity/federation/core/wstrust/WSTrustJAXBFactory.class */
public class WSTrustJAXBFactory {
    private Marshaller marshaller;
    private Unmarshaller unmarshaller;
    private Binder<Node> binder;
    private final ObjectFactory objectFactory;
    private static Logger log = Logger.getLogger(WSTrustJAXBFactory.class);
    private static final WSTrustJAXBFactory instance = new WSTrustJAXBFactory();
    private boolean trace = log.isTraceEnabled();
    private ThreadLocal<SAMLDocumentHolder> holders = new ThreadLocal<>();

    private WSTrustJAXBFactory() {
        try {
            this.marshaller = JAXBUtil.getMarshaller(getPackages());
            this.unmarshaller = JAXBUtil.getUnmarshaller(getPackages());
            this.binder = JAXBUtil.getJAXBContext(getPackages()).createBinder();
            this.objectFactory = new ObjectFactory();
        } catch (JAXBException e) {
            throw new RuntimeException(e.getMessage(), e);
        }
    }

    public static WSTrustJAXBFactory getInstance() {
        return instance;
    }

    private String getPackages() {
        return "org.picketlink.identity.federation.ws.addressing:org.picketlink.identity.federation.ws.policy:org.picketlink.identity.federation.ws.trust:org.picketlink.identity.federation.ws.wss.secext:org.picketlink.identity.federation.ws.wss.utility";
    }

    public BaseRequestSecurityToken parseRequestSecurityToken(Source source) throws ParsingException {
        Node node = ((DOMSource) source).getNode();
        Document ownerDocument = node instanceof Document ? (Document) node : node.getOwnerDocument();
        try {
            Node findNodeByNameNS = findNodeByNameNS(ownerDocument, "RequestSecurityToken", WSTrustConstants.BASE_NAMESPACE);
            if (findNodeByNameNS == null) {
                throw new RuntimeException("Request Security Token node not found");
            }
            RequestSecurityTokenType requestSecurityTokenType = (RequestSecurityTokenType) ((JAXBElement) this.binder.unmarshal(findNodeByNameNS)).getValue();
            this.holders.set(new SAMLDocumentHolder(new SAML2SecurityToken(requestSecurityTokenType), ownerDocument));
            return new RequestSecurityToken(requestSecurityTokenType);
        } catch (JAXBException e) {
            throw new ParsingException((Throwable) e);
        }
    }

    public BaseRequestSecurityTokenResponse parseRequestSecurityTokenResponse(Source source) {
        Element element = null;
        Node node = ((DOMSource) source).getNode();
        Node findNodeByNameNS = findNodeByNameNS(node instanceof Document ? (Document) node : node.getOwnerDocument(), "RequestedSecurityToken", WSTrustConstants.BASE_NAMESPACE);
        if (findNodeByNameNS != null) {
            element = (Element) findNodeByNameNS.getFirstChild();
        }
        try {
            Object unmarshal = this.unmarshaller.unmarshal(source);
            if (!(unmarshal instanceof JAXBElement)) {
                throw new RuntimeException("Invalid response type: " + unmarshal.getClass().getName());
            }
            JAXBElement jAXBElement = (JAXBElement) this.unmarshaller.unmarshal(source);
            if (!jAXBElement.getDeclaredType().equals(RequestSecurityTokenResponseCollectionType.class)) {
                throw new RuntimeException("Invalid response type: " + jAXBElement.getDeclaredType());
            }
            RequestSecurityTokenResponseCollection requestSecurityTokenResponseCollection = new RequestSecurityTokenResponseCollection((RequestSecurityTokenResponseCollectionType) jAXBElement.getValue());
            if (element != null) {
                requestSecurityTokenResponseCollection.getRequestSecurityTokenResponses().get(0).getRequestedSecurityToken().setAny(element);
            }
            return requestSecurityTokenResponseCollection;
        } catch (Exception e) {
            throw new RuntimeException("Failed to unmarshall security token response", e);
        }
    }

    public Source marshallRequestSecurityToken(RequestSecurityToken requestSecurityToken) {
        Element element = null;
        String uri = requestSecurityToken.getRequestType().toString();
        if (uri.equalsIgnoreCase(WSTrustConstants.VALIDATE_REQUEST) && requestSecurityToken.getValidateTarget() != null) {
            element = (Element) requestSecurityToken.getValidateTarget().getAny();
            requestSecurityToken.getValidateTarget().setAny(null);
        } else if (uri.equalsIgnoreCase(WSTrustConstants.RENEW_REQUEST) && requestSecurityToken.getRenewTarget() != null) {
            element = (Element) requestSecurityToken.getRenewTarget().getAny();
            requestSecurityToken.getRenewTarget().setAny(null);
        } else if (uri.equalsIgnoreCase(WSTrustConstants.CANCEL_REQUEST) && requestSecurityToken.getCancelTarget() != null) {
            element = (Element) requestSecurityToken.getCancelTarget().getAny();
            requestSecurityToken.getCancelTarget().setAny(null);
        }
        try {
            Document createDocument = DocumentUtil.createDocument();
            this.marshaller.marshal(this.objectFactory.createRequestSecurityToken(requestSecurityToken.getDelegate()), createDocument);
            if (element != null) {
                Node node = null;
                if (uri.equalsIgnoreCase(WSTrustConstants.VALIDATE_REQUEST)) {
                    node = findNodeByNameNS(createDocument, "ValidateTarget", WSTrustConstants.BASE_NAMESPACE);
                } else if (uri.equalsIgnoreCase(WSTrustConstants.RENEW_REQUEST)) {
                    node = findNodeByNameNS(createDocument, "RenewTarget", WSTrustConstants.BASE_NAMESPACE);
                } else if (uri.equalsIgnoreCase(WSTrustConstants.CANCEL_REQUEST)) {
                    node = findNodeByNameNS(createDocument, "CancelTarget", WSTrustConstants.BASE_NAMESPACE);
                }
                if (node == null) {
                    throw new RuntimeException("Unsupported request type:" + uri);
                }
                node.appendChild(createDocument.importNode(element, true));
            }
            return DocumentUtil.getXMLSource(createDocument);
        } catch (Exception e) {
            throw new RuntimeException("Failed to marshall security token request", e);
        }
    }

    public Source marshallRequestSecurityTokenResponse(RequestSecurityTokenResponseCollection requestSecurityTokenResponseCollection) {
        if (requestSecurityTokenResponseCollection.getRequestSecurityTokenResponses().size() == 0) {
            throw new IllegalArgumentException("The response collection must contain at least one response");
        }
        Element element = null;
        RequestSecurityTokenResponse requestSecurityTokenResponse = requestSecurityTokenResponseCollection.getRequestSecurityTokenResponses().get(0);
        if (requestSecurityTokenResponse.getRequestedSecurityToken() != null) {
            element = (Element) requestSecurityTokenResponse.getRequestedSecurityToken().getAny();
            requestSecurityTokenResponse.getRequestedSecurityToken().setAny(null);
        }
        try {
            Document createDocument = DocumentUtil.createDocument();
            this.marshaller.marshal(this.objectFactory.createRequestSecurityTokenResponseCollection(requestSecurityTokenResponseCollection.getDelegate()), createDocument);
            if (element != null) {
                findNodeByNameNS(createDocument, "RequestedSecurityToken", WSTrustConstants.BASE_NAMESPACE).appendChild(createDocument.importNode(element, true));
            }
            if (this.trace) {
                log.trace("Final RSTR doc:" + DocumentUtil.asString(createDocument));
            }
            return DocumentUtil.getXMLSource(createDocument);
        } catch (Exception e) {
            throw new RuntimeException("Failed to marshall security token response", e);
        }
    }

    public SAMLDocumentHolder getSAMLDocumentHolderOnThread() {
        return this.holders.get();
    }

    private Node findNodeByNameNS(Document document, String str, String str2) {
        NodeList elementsByTagNameNS = document.getElementsByTagNameNS(str2, str);
        if (elementsByTagNameNS == null || elementsByTagNameNS.getLength() == 0) {
            return null;
        }
        return elementsByTagNameNS.item(0);
    }
}
