package org.apache.cxf.ws.security.wss4j;

import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.MessageUtils;
import org.apache.cxf.rt.security.utils.SecurityUtils;
import org.apache.cxf.ws.policy.AssertionInfo;
import org.apache.cxf.ws.policy.AssertionInfoMap;
import org.apache.cxf.ws.security.SecurityConstants;
import org.apache.cxf.ws.security.policy.PolicyUtils;
import org.apache.cxf.ws.security.wss4j.policyhandlers.StaxAsymmetricBindingHandler;
import org.apache.cxf.ws.security.wss4j.policyhandlers.StaxSymmetricBindingHandler;
import org.apache.cxf.ws.security.wss4j.policyhandlers.StaxTransportBindingHandler;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.policy.SPConstants;
import org.apache.wss4j.policy.model.AsymmetricBinding;
import org.apache.wss4j.policy.model.SymmetricBinding;
import org.apache.wss4j.policy.model.TransportBinding;
import org.apache.wss4j.stax.ext.WSSSecurityProperties;
import org.apache.xml.security.stax.ext.OutboundSecurityContext;

/* loaded from: input_file:META-INF/repository/fuse-eap-distro-6.3.0.redhat-322.zip:modules/system/layers/fuse/org/apache/cxf/3.1/cxf-rt-ws-security-3.1.5.redhat-630322.jar:org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JStaxOutInterceptor.class */
public class PolicyBasedWSS4JStaxOutInterceptor extends WSS4JStaxOutInterceptor {
    /* JADX WARN: Can't rename method to resolve collision */
    @Override // org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor, org.apache.cxf.interceptor.Interceptor
    public void handleMessage(SoapMessage soapMessage) throws Fault {
        AssertionInfoMap assertionInfoMap = (AssertionInfoMap) soapMessage.get(AssertionInfoMap.class);
        boolean isTrue = MessageUtils.isTrue(soapMessage.getContextualProperty(SecurityConstants.ENABLE_STREAMING_SECURITY));
        if (assertionInfoMap == null || !isTrue) {
            return;
        }
        super.handleMessage(soapMessage);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.cxf.ws.security.wss4j.AbstractWSS4JStaxInterceptor
    public WSSSecurityProperties createSecurityProperties() {
        return new WSSSecurityProperties();
    }

    private void checkAsymmetricBinding(SoapMessage soapMessage, WSSSecurityProperties wSSSecurityProperties) throws WSSecurityException {
        Object securityPropertyValue = SecurityUtils.getSecurityPropertyValue(org.apache.cxf.rt.security.SecurityConstants.SIGNATURE_CRYPTO, soapMessage);
        if (securityPropertyValue == null) {
            securityPropertyValue = SecurityUtils.getSecurityPropertyValue(org.apache.cxf.rt.security.SecurityConstants.SIGNATURE_PROPERTIES, soapMessage);
        }
        Object securityPropertyValue2 = SecurityUtils.getSecurityPropertyValue(org.apache.cxf.rt.security.SecurityConstants.ENCRYPT_CRYPTO, soapMessage);
        if (securityPropertyValue2 == null) {
            securityPropertyValue2 = SecurityUtils.getSecurityPropertyValue(org.apache.cxf.rt.security.SecurityConstants.ENCRYPT_PROPERTIES, soapMessage);
        }
        Crypto encryptionCrypto = getEncryptionCrypto(securityPropertyValue2, soapMessage, wSSSecurityProperties);
        Crypto signatureCrypto = (securityPropertyValue2 == null || !securityPropertyValue2.equals(securityPropertyValue)) ? getSignatureCrypto(securityPropertyValue, soapMessage, wSSSecurityProperties) : encryptionCrypto;
        if (signatureCrypto != null) {
            wSSSecurityProperties.setSignatureCrypto(signatureCrypto);
        }
        if (encryptionCrypto != null) {
            wSSSecurityProperties.setEncryptionCrypto(encryptionCrypto);
        } else if (signatureCrypto != null) {
            wSSSecurityProperties.setEncryptionCrypto(signatureCrypto);
        }
    }

    private void checkTransportBinding(SoapMessage soapMessage, WSSSecurityProperties wSSSecurityProperties) throws WSSecurityException {
        Object securityPropertyValue = SecurityUtils.getSecurityPropertyValue(org.apache.cxf.rt.security.SecurityConstants.SIGNATURE_CRYPTO, soapMessage);
        if (securityPropertyValue == null) {
            securityPropertyValue = SecurityUtils.getSecurityPropertyValue(org.apache.cxf.rt.security.SecurityConstants.SIGNATURE_PROPERTIES, soapMessage);
        }
        Object securityPropertyValue2 = SecurityUtils.getSecurityPropertyValue(org.apache.cxf.rt.security.SecurityConstants.ENCRYPT_CRYPTO, soapMessage);
        if (securityPropertyValue2 == null) {
            securityPropertyValue2 = SecurityUtils.getSecurityPropertyValue(org.apache.cxf.rt.security.SecurityConstants.ENCRYPT_PROPERTIES, soapMessage);
        }
        Crypto encryptionCrypto = getEncryptionCrypto(securityPropertyValue2, soapMessage, wSSSecurityProperties);
        Crypto signatureCrypto = (securityPropertyValue2 == null || !securityPropertyValue2.equals(securityPropertyValue)) ? getSignatureCrypto(securityPropertyValue, soapMessage, wSSSecurityProperties) : encryptionCrypto;
        if (signatureCrypto != null) {
            wSSSecurityProperties.setSignatureCrypto(signatureCrypto);
        }
        if (encryptionCrypto != null) {
            wSSSecurityProperties.setEncryptionCrypto(encryptionCrypto);
        } else if (signatureCrypto != null) {
            wSSSecurityProperties.setEncryptionCrypto(signatureCrypto);
        }
    }

    private void checkSymmetricBinding(SoapMessage soapMessage, WSSSecurityProperties wSSSecurityProperties) throws WSSecurityException {
        Object securityPropertyValue = SecurityUtils.getSecurityPropertyValue(org.apache.cxf.rt.security.SecurityConstants.SIGNATURE_CRYPTO, soapMessage);
        if (securityPropertyValue == null) {
            securityPropertyValue = SecurityUtils.getSecurityPropertyValue(org.apache.cxf.rt.security.SecurityConstants.SIGNATURE_PROPERTIES, soapMessage);
        }
        Object securityPropertyValue2 = SecurityUtils.getSecurityPropertyValue(org.apache.cxf.rt.security.SecurityConstants.ENCRYPT_CRYPTO, soapMessage);
        if (securityPropertyValue2 == null) {
            securityPropertyValue2 = SecurityUtils.getSecurityPropertyValue(org.apache.cxf.rt.security.SecurityConstants.ENCRYPT_PROPERTIES, soapMessage);
        }
        Crypto encryptionCrypto = getEncryptionCrypto(securityPropertyValue2, soapMessage, wSSSecurityProperties);
        Crypto signatureCrypto = (securityPropertyValue2 == null || !securityPropertyValue2.equals(securityPropertyValue)) ? getSignatureCrypto(securityPropertyValue, soapMessage, wSSSecurityProperties) : encryptionCrypto;
        if (isRequestor(soapMessage)) {
            Crypto crypto = encryptionCrypto;
            if (crypto == null) {
                crypto = signatureCrypto;
            }
            if (crypto != null) {
                wSSSecurityProperties.setEncryptionCrypto(crypto);
            }
            Crypto crypto2 = signatureCrypto;
            if (crypto2 == null) {
                crypto2 = encryptionCrypto;
            }
            if (crypto2 != null) {
                wSSSecurityProperties.setSignatureCrypto(crypto2);
                return;
            }
            return;
        }
        Crypto crypto3 = signatureCrypto;
        if (crypto3 == null) {
            crypto3 = encryptionCrypto;
        }
        if (crypto3 != null) {
            wSSSecurityProperties.setEncryptionCrypto(crypto3);
        }
        Crypto crypto4 = encryptionCrypto;
        if (crypto4 == null) {
            crypto4 = signatureCrypto;
        }
        if (crypto4 != null) {
            wSSSecurityProperties.setSignatureCrypto(crypto4);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor
    public void configureProperties(SoapMessage soapMessage, OutboundSecurityContext outboundSecurityContext, WSSSecurityProperties wSSSecurityProperties) throws WSSecurityException {
        AssertionInfoMap assertionInfoMap = (AssertionInfoMap) soapMessage.get(AssertionInfoMap.class);
        AssertionInfo firstAssertionByLocalname = PolicyUtils.getFirstAssertionByLocalname(assertionInfoMap, SPConstants.ASYMMETRIC_BINDING);
        if (firstAssertionByLocalname != null) {
            checkAsymmetricBinding(soapMessage, wSSSecurityProperties);
            firstAssertionByLocalname.setAsserted(true);
        }
        AssertionInfo firstAssertionByLocalname2 = PolicyUtils.getFirstAssertionByLocalname(assertionInfoMap, SPConstants.SYMMETRIC_BINDING);
        if (firstAssertionByLocalname2 != null) {
            checkSymmetricBinding(soapMessage, wSSSecurityProperties);
            firstAssertionByLocalname2.setAsserted(true);
        }
        AssertionInfo firstAssertionByLocalname3 = PolicyUtils.getFirstAssertionByLocalname(assertionInfoMap, SPConstants.TRANSPORT_BINDING);
        if (firstAssertionByLocalname3 != null) {
            checkTransportBinding(soapMessage, wSSSecurityProperties);
            firstAssertionByLocalname3.setAsserted(true);
        }
        super.configureProperties(soapMessage, outboundSecurityContext, wSSSecurityProperties);
        if (firstAssertionByLocalname3 != null) {
            new StaxTransportBindingHandler(wSSSecurityProperties, soapMessage, (TransportBinding) firstAssertionByLocalname3.getAssertion(), outboundSecurityContext).handleBinding();
            return;
        }
        if (firstAssertionByLocalname != null) {
            new StaxAsymmetricBindingHandler(wSSSecurityProperties, soapMessage, (AsymmetricBinding) firstAssertionByLocalname.getAssertion(), outboundSecurityContext).handleBinding();
        } else if (firstAssertionByLocalname2 != null) {
            new StaxSymmetricBindingHandler(wSSSecurityProperties, soapMessage, (SymmetricBinding) firstAssertionByLocalname2.getAssertion(), outboundSecurityContext).handleBinding();
        } else {
            new StaxTransportBindingHandler(wSSSecurityProperties, soapMessage, null, outboundSecurityContext).handleBinding();
        }
    }
}
