package org.apache.wss4j.dom.action;

import javax.security.auth.callback.CallbackHandler;
import org.apache.wss4j.common.ConfigurationConstants;
import org.apache.wss4j.common.SecurityActionToken;
import org.apache.wss4j.common.SignatureActionToken;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.saml.SAMLCallback;
import org.apache.wss4j.common.saml.SAMLUtil;
import org.apache.wss4j.common.saml.SamlAssertionWrapper;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.handler.WSHandler;
import org.apache.wss4j.dom.saml.WSSecSignatureSAML;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;

/* loaded from: input_file:META-INF/repository/fuse-eap-distro-6.3.0.redhat-324.zip:modules/system/layers/fuse/org/apache/ws/security/2.1/wss4j-ws-security-dom-2.1.7.jar:org/apache/wss4j/dom/action/SAMLTokenSignedAction.class */
public class SAMLTokenSignedAction implements Action {
    private static final Logger LOG = LoggerFactory.getLogger(SAMLTokenSignedAction.class);

    @Override // org.apache.wss4j.dom.action.Action
    public void execute(WSHandler wSHandler, SecurityActionToken securityActionToken, Document document, RequestData requestData) throws WSSecurityException {
        Crypto crypto = null;
        try {
            crypto = wSHandler.loadSignatureCrypto(requestData);
        } catch (Exception e) {
            if (LOG.isDebugEnabled()) {
                LOG.debug(e.getMessage(), e);
            }
        }
        CallbackHandler callbackHandler = wSHandler.getCallbackHandler(ConfigurationConstants.SAML_CALLBACK_CLASS, ConfigurationConstants.SAML_CALLBACK_REF, requestData);
        if (callbackHandler == null) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noSAMLCallbackHandler");
        }
        SAMLCallback sAMLCallback = new SAMLCallback();
        SAMLUtil.doSAMLCallback(callbackHandler, sAMLCallback);
        SamlAssertionWrapper samlAssertionWrapper = new SamlAssertionWrapper(sAMLCallback);
        if (sAMLCallback.isSignAssertion()) {
            samlAssertionWrapper.signAssertion(sAMLCallback.getIssuerKeyName(), sAMLCallback.getIssuerKeyPassword(), sAMLCallback.getIssuerCrypto(), sAMLCallback.isSendKeyValue(), sAMLCallback.getCanonicalizationAlgorithm(), sAMLCallback.getSignatureAlgorithm(), sAMLCallback.getSignatureDigestAlgorithm());
        }
        WSSecSignatureSAML wSSecSignatureSAML = new WSSecSignatureSAML();
        wSSecSignatureSAML.setIdAllocator(requestData.getWssConfig().getIdAllocator());
        wSSecSignatureSAML.setAddInclusivePrefixes(requestData.isAddInclusivePrefixes());
        wSSecSignatureSAML.setUserInfo(requestData.getUsername(), wSHandler.getPasswordCB(requestData.getUsername(), 16, wSHandler.getPasswordCallbackHandler(requestData), requestData).getPassword());
        SignatureActionToken signatureActionToken = null;
        if (securityActionToken instanceof SignatureActionToken) {
            signatureActionToken = (SignatureActionToken) securityActionToken;
        }
        if (signatureActionToken == null) {
            signatureActionToken = requestData.getSignatureToken();
        }
        if (signatureActionToken.getKeyIdentifierId() != 0) {
            wSSecSignatureSAML.setKeyIdentifierType(signatureActionToken.getKeyIdentifierId());
        }
        if (signatureActionToken.getSignatureAlgorithm() != null) {
            wSSecSignatureSAML.setSignatureAlgorithm(signatureActionToken.getSignatureAlgorithm());
        }
        if (signatureActionToken.getDigestAlgorithm() != null) {
            wSSecSignatureSAML.setDigestAlgo(signatureActionToken.getDigestAlgorithm());
        }
        if (signatureActionToken.getC14nAlgorithm() != null) {
            wSSecSignatureSAML.setSigCanonicalization(signatureActionToken.getC14nAlgorithm());
        }
        if (signatureActionToken.getParts().size() > 0) {
            wSSecSignatureSAML.getParts().addAll(signatureActionToken.getParts());
        }
        try {
            wSSecSignatureSAML.build(document, crypto, samlAssertionWrapper, sAMLCallback.getIssuerCrypto(), sAMLCallback.getIssuerKeyName(), sAMLCallback.getIssuerKeyPassword(), requestData.getSecHeader());
            requestData.getSignatureValues().add(wSSecSignatureSAML.getSignatureValue());
        } catch (WSSecurityException e2) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e2, "empty", new Object[]{"Error when signing the SAML token: "});
        }
    }
}
