package org.picketlink.identity.federation.core.wstrust;

import java.io.InputStream;
import java.util.Iterator;
import java.util.List;
import javax.annotation.Resource;
import javax.xml.bind.JAXBElement;
import javax.xml.transform.Source;
import javax.xml.transform.dom.DOMSource;
import javax.xml.ws.Provider;
import javax.xml.ws.Service;
import javax.xml.ws.ServiceMode;
import javax.xml.ws.WebServiceContext;
import javax.xml.ws.WebServiceException;
import javax.xml.ws.WebServiceProvider;
import org.apache.log4j.Logger;
import org.picketlink.identity.federation.core.constants.PicketLinkFederationConstants;
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.handler.config.Handler;
import org.picketlink.identity.federation.core.handler.config.Handlers;
import org.picketlink.identity.federation.core.util.JAXBUtil;
import org.picketlink.identity.federation.core.wstrust.confighandlers.STSConfigHandler;
import org.picketlink.identity.federation.core.wstrust.wrappers.BaseRequestSecurityToken;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenCollection;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
import org.w3c.dom.Document;

@ServiceMode(Service.Mode.PAYLOAD)
@WebServiceProvider(serviceName = "PicketLinkSTS", portName = "PicketLinkSTSPort", targetNamespace = "urn:picketlink:identity-federation:sts", wsdlLocation = "WEB-INF/wsdl/PicketLinkSTS.wsdl")
/* loaded from: input_file:WEB-INF/lib/picketlink-fed-core-1.0.4.final.jar:org/picketlink/identity/federation/core/wstrust/PicketLinkSTS.class */
public class PicketLinkSTS implements Provider<Source> {
    private static Logger logger = Logger.getLogger(PicketLinkSTS.class);

    @Resource
    protected WebServiceContext context;
    protected STSConfiguration config;

    @Override // javax.xml.ws.Provider
    public Source invoke(Source source) {
        if (this.config == null) {
            try {
                if (logger.isInfoEnabled()) {
                    logger.info("Loading STS configuration");
                }
                this.config = getConfiguration();
            } catch (ConfigurationException e) {
                throw new WebServiceException("Encountered configuration exception:", e);
            }
        }
        try {
            BaseRequestSecurityToken parseRequestSecurityToken = WSTrustJAXBFactory.getInstance().parseRequestSecurityToken(source);
            if (parseRequestSecurityToken instanceof RequestSecurityToken) {
                return handleTokenRequest((RequestSecurityToken) parseRequestSecurityToken);
            }
            if (parseRequestSecurityToken instanceof RequestSecurityTokenCollection) {
                return handleTokenRequestCollection((RequestSecurityTokenCollection) parseRequestSecurityToken);
            }
            throw new WebServiceException("Invalid security token request");
        } catch (WSTrustException e2) {
            throw new RuntimeException(e2);
        }
    }

    protected Source handleTokenRequest(RequestSecurityToken requestSecurityToken) {
        WSTrustRequestHandler requestHandler = this.config.getRequestHandler();
        String uri = requestSecurityToken.getRequestType().toString();
        if (logger.isDebugEnabled()) {
            logger.debug("STS received request of type " + uri);
        }
        try {
            if (uri.equals(WSTrustConstants.ISSUE_REQUEST)) {
                return new DOMSource(requestHandler.postProcess((Document) ((DOMSource) marshallResponse(requestHandler.issue(requestSecurityToken, this.context.getUserPrincipal()))).getNode(), requestSecurityToken));
            }
            if (uri.equals(WSTrustConstants.RENEW_REQUEST)) {
                return new DOMSource(requestHandler.postProcess((Document) ((DOMSource) marshallResponse(requestHandler.renew(requestSecurityToken, this.context.getUserPrincipal()))).getNode(), requestSecurityToken));
            }
            if (uri.equals(WSTrustConstants.CANCEL_REQUEST)) {
                return marshallResponse(requestHandler.cancel(requestSecurityToken, this.context.getUserPrincipal()));
            }
            if (uri.equals(WSTrustConstants.VALIDATE_REQUEST)) {
                return marshallResponse(requestHandler.validate(requestSecurityToken, this.context.getUserPrincipal()));
            }
            throw new WSTrustException("Invalid request type: " + uri);
        } catch (WSTrustException e) {
            throw new WebServiceException("Exception in handling token request: " + e.getMessage(), e);
        }
    }

    protected Source handleTokenRequestCollection(RequestSecurityTokenCollection requestSecurityTokenCollection) {
        String uri = requestSecurityTokenCollection.getRequestSecurityTokens().get(0).getRequestType().toString();
        if (logger.isDebugEnabled()) {
            logger.debug("STS received requests of type " + uri);
        }
        WSTrustRequestHandler requestHandler = this.config.getRequestHandler();
        try {
            if (uri.equals(WSTrustConstants.BATCH_ISSUE_REQUEST)) {
                RequestSecurityTokenResponseCollection requestSecurityTokenResponseCollection = new RequestSecurityTokenResponseCollection();
                Iterator<RequestSecurityToken> it = requestSecurityTokenCollection.getRequestSecurityTokens().iterator();
                while (it.hasNext()) {
                    requestSecurityTokenResponseCollection.addRequestSecurityTokenResponse(requestHandler.issue(it.next(), this.context.getUserPrincipal()));
                }
                Source marshallRequestSecurityTokenResponse = WSTrustJAXBFactory.getInstance().marshallRequestSecurityTokenResponse(requestSecurityTokenResponseCollection);
                requestHandler.postProcess((Document) ((DOMSource) marshallRequestSecurityTokenResponse).getNode(), (RequestSecurityToken[]) requestSecurityTokenCollection.getRequestSecurityTokens().toArray(new RequestSecurityToken[0]));
                return marshallRequestSecurityTokenResponse;
            }
            if (uri.equals(WSTrustConstants.BATCH_RENEW_REQUEST)) {
                RequestSecurityTokenResponseCollection requestSecurityTokenResponseCollection2 = new RequestSecurityTokenResponseCollection();
                Iterator<RequestSecurityToken> it2 = requestSecurityTokenCollection.getRequestSecurityTokens().iterator();
                while (it2.hasNext()) {
                    requestSecurityTokenResponseCollection2.addRequestSecurityTokenResponse(requestHandler.renew(it2.next(), this.context.getUserPrincipal()));
                }
                Source marshallRequestSecurityTokenResponse2 = WSTrustJAXBFactory.getInstance().marshallRequestSecurityTokenResponse(requestSecurityTokenResponseCollection2);
                requestHandler.postProcess((Document) ((DOMSource) marshallRequestSecurityTokenResponse2).getNode(), (RequestSecurityToken[]) requestSecurityTokenCollection.getRequestSecurityTokens().toArray(new RequestSecurityToken[0]));
                return marshallRequestSecurityTokenResponse2;
            }
            if (uri.equals(WSTrustConstants.BATCH_CANCEL_REQUEST)) {
                RequestSecurityTokenResponseCollection requestSecurityTokenResponseCollection3 = new RequestSecurityTokenResponseCollection();
                Iterator<RequestSecurityToken> it3 = requestSecurityTokenCollection.getRequestSecurityTokens().iterator();
                while (it3.hasNext()) {
                    requestSecurityTokenResponseCollection3.addRequestSecurityTokenResponse(requestHandler.cancel(it3.next(), this.context.getUserPrincipal()));
                }
                return WSTrustJAXBFactory.getInstance().marshallRequestSecurityTokenResponse(requestSecurityTokenResponseCollection3);
            }
            if (!uri.equals(WSTrustConstants.BATCH_VALIDATE_REQUEST)) {
                throw new WSTrustException("Invalid request type: " + uri);
            }
            RequestSecurityTokenResponseCollection requestSecurityTokenResponseCollection4 = new RequestSecurityTokenResponseCollection();
            Iterator<RequestSecurityToken> it4 = requestSecurityTokenCollection.getRequestSecurityTokens().iterator();
            while (it4.hasNext()) {
                requestSecurityTokenResponseCollection4.addRequestSecurityTokenResponse(requestHandler.validate(it4.next(), this.context.getUserPrincipal()));
            }
            return WSTrustJAXBFactory.getInstance().marshallRequestSecurityTokenResponse(requestSecurityTokenResponseCollection4);
        } catch (WSTrustException e) {
            throw new WebServiceException("Exception in handling token request: " + e.getMessage(), e);
        }
    }

    protected Source marshallResponse(RequestSecurityTokenResponse requestSecurityTokenResponse) {
        RequestSecurityTokenResponseCollection requestSecurityTokenResponseCollection = new RequestSecurityTokenResponseCollection();
        requestSecurityTokenResponseCollection.addRequestSecurityTokenResponse(requestSecurityTokenResponse);
        return WSTrustJAXBFactory.getInstance().marshallRequestSecurityTokenResponse(requestSecurityTokenResponseCollection);
    }

    protected STSConfiguration getConfiguration() throws ConfigurationException {
        STSConfiguration sTSConfiguration = null;
        try {
            JAXBElement jAXBElement = (JAXBElement) unmarshall(PicketLinkSTSConstants.CONFIG_HANDLER_FILE);
            if (jAXBElement == null) {
                throw new RuntimeException("picketlink-sts-confighandlers.xml not found ");
            }
            List<Handler> handler = ((Handlers) jAXBElement.getValue()).getHandler();
            ClassLoader contextClassLoader = SecurityActions.getContextClassLoader();
            if (handler != null) {
                for (Handler handler2 : handler) {
                    STSConfigHandler sTSConfigHandler = (STSConfigHandler) contextClassLoader.loadClass(handler2.getClazz()).newInstance();
                    sTSConfigHandler.setOptions(handler2.getOption());
                    sTSConfiguration = sTSConfigHandler.getConfiguration();
                    if (sTSConfiguration != null) {
                        break;
                    }
                }
            }
            if (sTSConfiguration != null) {
                return sTSConfiguration;
            }
            logger.warn("Configuration handlers returned null. Using default configuration values");
            return new PicketLinkSTSConfiguration();
        } catch (Exception e) {
            throw new ConfigurationException("Error parsing the configuration file:", e);
        }
    }

    private Object unmarshall(String str) throws Exception {
        String[] strArr = {PicketLinkFederationConstants.SCHEMA_IDFED, PicketLinkFederationConstants.SCHEMA_IDFED_HANDLER};
        InputStream resourceAsStream = SecurityActions.getContextClassLoader().getResourceAsStream(str);
        if (resourceAsStream == null) {
            throw new RuntimeException("Inputstream not null for config file:" + str);
        }
        return JAXBUtil.getValidatingUnmarshaller(new String[]{"org.picketlink.identity.federation.core.config", "org.picketlink.identity.federation.core.handler.config"}, strArr).unmarshal(resourceAsStream);
    }
}
