package org.jboss.wsf.stack.cxf.jaspi;

import javax.security.auth.Subject;
import javax.security.auth.message.AuthException;
import javax.security.auth.message.AuthStatus;
import javax.security.auth.message.config.ServerAuthContext;
import javax.xml.namespace.QName;
import javax.xml.soap.SOAPMessage;
import org.apache.cxf.binding.soap.Soap12;
import org.apache.cxf.binding.soap.SoapBinding;
import org.apache.cxf.binding.soap.SoapFault;
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.binding.soap.interceptor.SoapPreProtocolOutInterceptor;
import org.apache.cxf.endpoint.Endpoint;
import org.apache.cxf.interceptor.InterceptorChain;
import org.apache.cxf.interceptor.OutgoingChainInterceptor;
import org.apache.cxf.message.Message;
import org.apache.cxf.message.MessageImpl;
import org.jboss.security.auth.message.GenericMessageInfo;

/* loaded from: input_file:org/jboss/wsf/stack/cxf/jaspi/JaspiServerAuthenticator.class */
public class JaspiServerAuthenticator {
    public static final String JASPI_SECURITY_DOMAIN = "jaspi.security.domain";
    private final ServerAuthContext sctx;

    public JaspiServerAuthenticator(ServerAuthContext serverAuthContext) {
        this.sctx = serverAuthContext;
    }

    public void validateRequest(SoapMessage soapMessage) {
        GenericMessageInfo genericMessageInfo = new GenericMessageInfo((SOAPMessage) soapMessage.getContent(SOAPMessage.class), (Object) null);
        try {
            AuthStatus validateRequest = this.sctx.validateRequest(genericMessageInfo, (Subject) null, (Subject) null);
            if (genericMessageInfo.getResponseMessage() == null || soapMessage.getExchange().isOneWay()) {
                return;
            }
            Endpoint endpoint = (Endpoint) soapMessage.getExchange().get(Endpoint.class);
            MessageImpl messageImpl = new MessageImpl();
            messageImpl.setExchange(soapMessage.getExchange());
            Message createMessage = endpoint.getBinding().createMessage(messageImpl);
            soapMessage.getExchange().setOutMessage(createMessage);
            createMessage.setContent(SOAPMessage.class, genericMessageInfo.getResponseMessage());
            if (AuthStatus.SEND_CONTINUE == validateRequest) {
                createMessage.put(Message.RESPONSE_CODE, 303);
            }
            if (AuthStatus.SEND_FAILURE == validateRequest) {
                createMessage.put(Message.RESPONSE_CODE, 500);
            }
            soapMessage.getInterceptorChain().abort();
            InterceptorChain outInterceptorChain = OutgoingChainInterceptor.getOutInterceptorChain(soapMessage.getExchange());
            createMessage.setInterceptorChain(outInterceptorChain);
            outInterceptorChain.doInterceptStartingAfter(createMessage, SoapPreProtocolOutInterceptor.class.getName());
        } catch (AuthException e) {
            if (!isSOAP12(soapMessage)) {
                throw new SoapFault(e.getMessage(), new QName("", "jaspi AuthException"));
            }
            throw new SoapFault(e.getMessage(), Soap12.getInstance().getReceiver());
        }
    }

    public void secureResponse(SoapMessage soapMessage) {
        GenericMessageInfo genericMessageInfo = new GenericMessageInfo((SOAPMessage) soapMessage.getExchange().getInMessage().get(SOAPMessage.class), (SOAPMessage) soapMessage.getContent(SOAPMessage.class));
        try {
            AuthStatus secureResponse = this.sctx.secureResponse(genericMessageInfo, (Subject) null);
            if (genericMessageInfo.getResponseMessage() == null || soapMessage.getExchange().isOneWay()) {
                return;
            }
            if (AuthStatus.SEND_CONTINUE == secureResponse) {
                soapMessage.put(Message.RESPONSE_CODE, 303);
            }
            if (AuthStatus.SEND_FAILURE == secureResponse) {
                soapMessage.put(Message.RESPONSE_CODE, 500);
            }
        } catch (AuthException e) {
            if (!isSOAP12(soapMessage)) {
                throw new SoapFault(e.getMessage(), new QName("", "jaspi AuthException"));
            }
            throw new SoapFault(e.getMessage(), Soap12.getInstance().getReceiver());
        }
    }

    private boolean isSOAP12(Message message) {
        return (message.getExchange().getBinding() instanceof SoapBinding) && message.getExchange().getBinding().getSoapVersion() == Soap12.getInstance();
    }
}
