package org.apache.wss4j.stax.validate;

import java.util.Date;
import java.util.GregorianCalendar;
import javax.xml.datatype.XMLGregorianCalendar;
import org.apache.wss4j.binding.wsu10.TimestampType;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.util.DateUtil;
import org.apache.wss4j.stax.ext.WSSConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:META-INF/repository/fuse-eap-distro-6.3.0.redhat-322.zip:modules/system/layers/fuse/org/apache/ws/security/2.1/wss4j-ws-security-stax-2.1.7.jar:org/apache/wss4j/stax/validate/TimestampValidatorImpl.class */
public class TimestampValidatorImpl implements TimestampValidator {
    private static final transient Logger LOG = LoggerFactory.getLogger(TimestampValidatorImpl.class);

    @Override // org.apache.wss4j.stax.validate.TimestampValidator
    public void validate(TimestampType timestampType, TokenContext tokenContext) throws WSSecurityException {
        if (timestampType.getCreated() == null) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, "missingCreated");
        }
        try {
            Date date = null;
            if (timestampType.getCreated() != null) {
                try {
                    XMLGregorianCalendar newXMLGregorianCalendar = WSSConstants.datatypeFactory.newXMLGregorianCalendar(timestampType.getCreated().getValue());
                    LOG.debug("Timestamp created: " + newXMLGregorianCalendar);
                    date = newXMLGregorianCalendar.toGregorianCalendar().getTime();
                } catch (IllegalArgumentException e) {
                    throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, e);
                }
            }
            Date date2 = null;
            if (timestampType.getExpires() != null) {
                try {
                    XMLGregorianCalendar newXMLGregorianCalendar2 = WSSConstants.datatypeFactory.newXMLGregorianCalendar(timestampType.getExpires().getValue());
                    LOG.debug("Timestamp expires: " + newXMLGregorianCalendar2);
                    date2 = newXMLGregorianCalendar2.toGregorianCalendar().getTime();
                } catch (IllegalArgumentException e2) {
                    throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, e2);
                }
            } else if (tokenContext.getWssSecurityProperties().isRequireTimestampExpires()) {
                throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, "invalidTimestamp", new Object[]{"The received Timestamp does not contain an expires Element"});
            }
            Date date3 = new Date();
            int intValue = tokenContext.getWssSecurityProperties().getTimestampTTL().intValue();
            int intValue2 = tokenContext.getWssSecurityProperties().getTimeStampFutureTTL().intValue();
            if (date2 != null && tokenContext.getWssSecurityProperties().isStrictTimestampCheck() && date2.before(date3)) {
                LOG.debug("Time now: " + WSSConstants.datatypeFactory.newXMLGregorianCalendar(new GregorianCalendar()).toXMLFormat());
                throw new WSSecurityException(WSSecurityException.ErrorCode.MESSAGE_EXPIRED, "invalidTimestamp", new Object[]{"The security semantics of the message have expired"});
            }
            if (date == null || DateUtil.verifyCreated(date, intValue, intValue2)) {
                return;
            }
            LOG.debug("Time now: " + WSSConstants.datatypeFactory.newXMLGregorianCalendar(new GregorianCalendar()).toXMLFormat());
            throw new WSSecurityException(WSSecurityException.ErrorCode.MESSAGE_EXPIRED, "invalidTimestamp", new Object[]{"The security semantics of the message have expired"});
        } catch (IllegalArgumentException e3) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, e3);
        }
    }
}
