package org.picketlink.trust.jbossws.handler;

import java.security.Principal;
import javax.security.jacc.PolicyContext;
import javax.security.jacc.PolicyContextException;
import javax.servlet.http.HttpServletRequest;
import javax.xml.namespace.QName;
import javax.xml.soap.SOAPBodyElement;
import javax.xml.soap.SOAPElement;
import javax.xml.soap.SOAPException;
import javax.xml.soap.SOAPFactory;
import javax.xml.soap.SOAPMessage;
import javax.xml.ws.handler.MessageContext;
import javax.xml.ws.handler.soap.SOAPMessageContext;
import org.opensaml.soap.wstrust.RequestSecurityToken;
import org.picketlink.identity.federation.core.util.SOAPUtil;
import org.picketlink.trust.jbossws.Util;

/* loaded from: input_file:eap7/api-jars/picketlink-wildfly8-2.5.5.SP1.jar:org/picketlink/trust/jbossws/handler/SamlRequestSecurityTokenHandler.class */
public class SamlRequestSecurityTokenHandler extends AbstractPicketLinkTrustHandler {
    private SOAPFactory factory = null;

    @Override // org.picketlink.trust.jbossws.handler.AbstractPicketLinkTrustHandler
    protected boolean handleInbound(MessageContext messageContext) {
        String userPrincipalName = getUserPrincipalName(messageContext);
        SOAPMessage message = ((SOAPMessageContext) messageContext).getMessage();
        try {
            SOAPBodyElement sOAPBodyElement = (SOAPBodyElement) Util.findElement(message.getSOAPPart().getEnvelope(), new QName("http://docs.oasis-open.org/ws-sx/ws-trust/200512", RequestSecurityToken.ELEMENT_LOCAL_NAME));
            if (sOAPBodyElement != null) {
                sOAPBodyElement.addChildElement(createUsernameToken(userPrincipalName));
            }
        } catch (SOAPException e) {
            logger.jbossWSUnableToCreateBinaryToken(e);
        }
        if (!logger.isTraceEnabled()) {
            return true;
        }
        logger.trace("SOAPMessage(SamlRequestSecurityTokenHandler)=" + SOAPUtil.soapMessageAsString(message));
        return true;
    }

    private SOAPElement createUsernameToken(String str) throws SOAPException {
        if (this.factory == null) {
            this.factory = SOAPFactory.newInstance();
        }
        SOAPElement createElement = this.factory.createElement("UsernameToken", "wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
        SOAPElement createElement2 = this.factory.createElement("Username", "wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
        createElement2.addTextNode(str);
        createElement.addChildElement(createElement2);
        return createElement;
    }

    private HttpServletRequest getHttpRequest(MessageContext messageContext) {
        HttpServletRequest httpServletRequest = (HttpServletRequest) messageContext.get(MessageContext.SERVLET_REQUEST);
        if (httpServletRequest == null) {
            try {
                httpServletRequest = (HttpServletRequest) PolicyContext.getContext("javax.servlet.http.HttpServletRequest");
            } catch (PolicyContextException e) {
                return null;
            }
        }
        return httpServletRequest;
    }

    protected String getUserPrincipalName(MessageContext messageContext) {
        HttpServletRequest httpRequest = getHttpRequest(messageContext);
        if (httpRequest == null) {
            logger.warn("Cannot get HttpRequest, ignoring " + SamlRequestSecurityTokenHandler.class.getName());
            return null;
        }
        Principal userPrincipal = httpRequest.getUserPrincipal();
        if (userPrincipal != null) {
            return userPrincipal.getName();
        }
        logger.warn("Cannot get Principal, ignoring " + SamlRequestSecurityTokenHandler.class.getName());
        return null;
    }
}
