package org.picketlink.identity.federation.web.servlets.saml;

import java.io.IOException;
import java.io.InputStream;
import java.security.PrivilegedActionException;
import java.util.ArrayList;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.bind.JAXBElement;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Unmarshaller;
import javax.xml.bind.helpers.DefaultValidationEventHandler;
import org.apache.log4j.Logger;
import org.jboss.security.xacml.core.JBossPDP;
import org.jboss.security.xacml.core.JBossRequestContext;
import org.jboss.security.xacml.core.model.context.RequestType;
import org.jboss.security.xacml.core.model.context.ResponseType;
import org.jboss.security.xacml.interfaces.PolicyDecisionPoint;
import org.jboss.security.xacml.interfaces.ResponseContext;
import org.picketlink.identity.federation.api.saml.v2.response.SAML2Response;
import org.picketlink.identity.federation.core.factories.SOAPFactory;
import org.picketlink.identity.federation.core.factories.XACMLContextFactory;
import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory;
import org.picketlink.identity.federation.core.saml.v2.holders.IssuerInfoHolder;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.JAXBElementMappingUtil;
import org.picketlink.identity.federation.core.saml.v2.util.SOAPSAMLXACMLUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.util.JAXBUtil;
import org.picketlink.identity.federation.org.xmlsoap.schemas.soap.envelope.Body;
import org.picketlink.identity.federation.org.xmlsoap.schemas.soap.envelope.Envelope;
import org.picketlink.identity.federation.org.xmlsoap.schemas.soap.envelope.Fault;
import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
import org.picketlink.identity.federation.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType;
import org.picketlink.identity.federation.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:seam-sp.war:WEB-INF/lib/picketlink-web-1.0.0.jar:org/picketlink/identity/federation/web/servlets/saml/SOAPSAMLXACMLServlet.class */
public class SOAPSAMLXACMLServlet extends HttpServlet {
    private static Logger log = Logger.getLogger(SOAPSAMLXACMLServlet.class);
    private static final long serialVersionUID = 1;
    private boolean trace = log.isTraceEnabled();
    private String policyConfigFileName = null;
    private String issuerId = null;
    private String issuer = null;
    boolean debug = false;
    private transient PolicyDecisionPoint pdp = null;

    public void init(ServletConfig servletConfig) throws ServletException {
        this.issuerId = servletConfig.getInitParameter("issuerID");
        if (this.issuerId == null) {
            this.issuerId = "issue-id:1";
        }
        this.issuer = servletConfig.getInitParameter("issuer");
        if (this.issuer == null) {
            this.issuer = "urn:jboss-identity";
        }
        this.policyConfigFileName = servletConfig.getInitParameter("policyConfigFileName");
        if (this.policyConfigFileName == null) {
            this.policyConfigFileName = "policyConfig.xml";
        }
        try {
            this.debug = Boolean.parseBoolean(servletConfig.getInitParameter("debug"));
        } catch (Exception e) {
            this.debug = false;
        }
        if (this.trace) {
            log.trace("Issuer=" + this.issuer + " :: issuerID=" + this.issuerId);
            log.trace("PolicyConfig File:" + this.policyConfigFileName);
            log.trace("Debug=" + this.debug);
        }
        if (this.debug) {
            SecurityActions.setSystemProperty("jaxb.debug", "true");
        }
        try {
            this.pdp = getPDP();
            super.init(servletConfig);
        } catch (PrivilegedActionException e2) {
            log("Exception loading PDP::", e2);
            throw new ServletException("Unable to load PDP");
        }
    }

    protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        XACMLAuthzDecisionQueryType xACMLAuthzDecisionQueryType = null;
        try {
            try {
                Document document = DocumentUtil.getDocument(httpServletRequest.getInputStream());
                if (this.debug && this.trace) {
                    log.trace("Received SOAP:" + DocumentUtil.asString(document));
                }
                Unmarshaller unmarshaller = JAXBUtil.getUnmarshaller(SOAPSAMLXACMLUtil.getPackage());
                if (this.debug) {
                    unmarshaller.setEventHandler(new DefaultValidationEventHandler());
                }
                Object unmarshal = unmarshaller.unmarshal(DocumentUtil.getNodeAsStream(document));
                if (unmarshal instanceof JAXBElement) {
                    Object value = ((JAXBElement) unmarshal).getValue();
                    if (value instanceof Envelope) {
                        Object obj = ((Envelope) value).getBody().getAny().get(0);
                        if (obj instanceof JAXBElement) {
                            xACMLAuthzDecisionQueryType = (XACMLAuthzDecisionQueryType) ((JAXBElement) obj).getValue();
                        } else if (obj instanceof Element) {
                            xACMLAuthzDecisionQueryType = SOAPSAMLXACMLUtil.getXACMLQueryType((Element) obj);
                        }
                    } else if (value instanceof XACMLAuthzDecisionQueryType) {
                        xACMLAuthzDecisionQueryType = (XACMLAuthzDecisionQueryType) value;
                    }
                }
                if (xACMLAuthzDecisionQueryType == null) {
                    throw new IOException("XACML Request not parsed");
                }
                RequestType request = xACMLAuthzDecisionQueryType.getRequest();
                JBossRequestContext jBossRequestContext = new JBossRequestContext();
                jBossRequestContext.setRequest(request);
                ResponseContext evaluate = this.pdp.evaluate(jBossRequestContext);
                ResponseType responseType = new ResponseType();
                responseType.getResult().add(evaluate.getResult());
                XACMLAuthzDecisionStatementType createXACMLAuthzDecisionStatementType = XACMLContextFactory.createXACMLAuthzDecisionStatementType(request, responseType);
                String create = IDGenerator.create("ID_");
                SAML2Response sAML2Response = new SAML2Response();
                IssuerInfoHolder issuerInfoHolder = new IssuerInfoHolder(this.issuer);
                ArrayList arrayList = new ArrayList();
                arrayList.add(createXACMLAuthzDecisionStatementType);
                Envelope createEnvelope = createEnvelope(JAXBElementMappingUtil.get(sAML2Response.createResponseType(create, issuerInfoHolder, SAMLAssertionFactory.createAssertion(create, issuerInfoHolder.getIssuer(), XMLTimeUtil.getIssueInstant(), (ConditionsType) null, (SubjectType) null, arrayList))));
                httpServletResponse.setContentType("text/xml;charset=utf-8");
                ServletOutputStream outputStream = httpServletResponse.getOutputStream();
                try {
                    if (createEnvelope == null) {
                        throw new IllegalStateException("SOAPEnvelope is null");
                    }
                    JAXBUtil.getMarshaller(SOAPSAMLXACMLUtil.getPackage()).marshal(JAXBElementMappingUtil.get(createEnvelope), outputStream);
                } catch (JAXBException e) {
                    log("marshalling exception", e);
                }
            } catch (Exception e2) {
                String create2 = IDGenerator.create();
                log.error(create2 + "::Exception:", e2);
                Envelope createEnvelope2 = createEnvelope(createFault("Server Error. Reference::" + create2));
                httpServletResponse.setContentType("text/xml;charset=utf-8");
                ServletOutputStream outputStream2 = httpServletResponse.getOutputStream();
                try {
                    if (createEnvelope2 == null) {
                        throw new IllegalStateException("SOAPEnvelope is null");
                    }
                    JAXBUtil.getMarshaller(SOAPSAMLXACMLUtil.getPackage()).marshal(JAXBElementMappingUtil.get(createEnvelope2), outputStream2);
                } catch (JAXBException e3) {
                    log("marshalling exception", e3);
                }
            } catch (JAXBException e4) {
                String create3 = IDGenerator.create();
                log.error(create3 + "::Exception parsing SOAP:", e4);
                Envelope createEnvelope3 = createEnvelope(createFault("Parsing Error. Reference::" + create3));
                httpServletResponse.setContentType("text/xml;charset=utf-8");
                ServletOutputStream outputStream3 = httpServletResponse.getOutputStream();
                try {
                    if (createEnvelope3 == null) {
                        throw new IllegalStateException("SOAPEnvelope is null");
                    }
                    JAXBUtil.getMarshaller(SOAPSAMLXACMLUtil.getPackage()).marshal(JAXBElementMappingUtil.get(createEnvelope3), outputStream3);
                } catch (JAXBException e5) {
                    log("marshalling exception", e5);
                }
            }
        } catch (Throwable th) {
            httpServletResponse.setContentType("text/xml;charset=utf-8");
            ServletOutputStream outputStream4 = httpServletResponse.getOutputStream();
            try {
            } catch (JAXBException e6) {
                log("marshalling exception", e6);
            }
            if (0 == 0) {
                throw new IllegalStateException("SOAPEnvelope is null");
            }
            JAXBUtil.getMarshaller(SOAPSAMLXACMLUtil.getPackage()).marshal(JAXBElementMappingUtil.get((Envelope) null), outputStream4);
            throw th;
        }
    }

    private PolicyDecisionPoint getPDP() throws PrivilegedActionException {
        InputStream resourceAsStream = SecurityActions.getContextClassLoader().getResourceAsStream(this.policyConfigFileName);
        if (resourceAsStream == null) {
            throw new IllegalStateException(this.policyConfigFileName + " could not be located");
        }
        return new JBossPDP(resourceAsStream);
    }

    private Envelope createEnvelope(Object obj) {
        Envelope createEnvelope = SOAPFactory.getObjectFactory().createEnvelope();
        Body createBody = SOAPFactory.getObjectFactory().createBody();
        createBody.getAny().add(obj);
        createEnvelope.setBody(createBody);
        return createEnvelope;
    }

    private JAXBElement<Fault> createFault(String str) {
        Fault createFault = SOAPFactory.getObjectFactory().createFault();
        createFault.setFaultstring(str);
        return SOAPFactory.getObjectFactory().createFault(createFault);
    }
}
