package org.apache.wss4j.dom.engine;

import java.util.Collections;
import java.util.LinkedList;
import java.util.List;
import javax.security.auth.callback.CallbackHandler;
import javax.xml.namespace.QName;
import org.apache.wss4j.common.bsp.BSPRule;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.WSDocInfo;
import org.apache.wss4j.dom.callback.CallbackLookup;
import org.apache.wss4j.dom.callback.DOMCallbackLookup;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.handler.WSHandlerResult;
import org.apache.wss4j.dom.processor.Processor;
import org.apache.wss4j.dom.saml.DOMSAMLUtil;
import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;

/* loaded from: input_file:META-INF/repository/fuse-eap-distro-6.3.0.redhat-389.zip:modules/system/layers/fuse/org/apache/ws/security/2.1/wss4j-ws-security-dom-2.1.7.jar:org/apache/wss4j/dom/engine/WSSecurityEngine.class */
public class WSSecurityEngine {
    private static final Logger LOG = LoggerFactory.getLogger(WSSecurityEngine.class);
    private WSSConfig wssConfig;
    private boolean doDebug;
    private CallbackLookup callbackLookup;

    public final WSSConfig getWssConfig() {
        if (this.wssConfig == null) {
            this.wssConfig = WSSConfig.getNewInstance();
        }
        return this.wssConfig;
    }

    public final WSSConfig setWssConfig(WSSConfig wSSConfig) {
        WSSConfig wSSConfig2 = this.wssConfig;
        this.wssConfig = wSSConfig;
        return wSSConfig2;
    }

    public void setCallbackLookup(CallbackLookup callbackLookup) {
        this.callbackLookup = callbackLookup;
    }

    public CallbackLookup getCallbackLookup() {
        return this.callbackLookup;
    }

    public WSHandlerResult processSecurityHeader(Document document, String str, CallbackHandler callbackHandler, Crypto crypto) throws WSSecurityException {
        return processSecurityHeader(document, str, callbackHandler, crypto, crypto);
    }

    public WSHandlerResult processSecurityHeader(Document document, String str, CallbackHandler callbackHandler, Crypto crypto, Crypto crypto2) throws WSSecurityException {
        this.doDebug = LOG.isDebugEnabled();
        if (this.doDebug) {
            LOG.debug("enter processSecurityHeader()");
        }
        if (str == null) {
            str = "";
        }
        WSHandlerResult wSHandlerResult = null;
        Element securityHeader = WSSecurityUtil.getSecurityHeader(document, str);
        if (securityHeader != null) {
            if (this.doDebug) {
                LOG.debug("Processing WS-Security header for '" + str + "' actor.");
            }
            wSHandlerResult = processSecurityHeader(securityHeader, str, callbackHandler, crypto, crypto2);
        }
        return wSHandlerResult;
    }

    public WSHandlerResult processSecurityHeader(Element element, String str, CallbackHandler callbackHandler, Crypto crypto, Crypto crypto2) throws WSSecurityException {
        RequestData requestData = new RequestData();
        requestData.setActor(str);
        requestData.setWssConfig(getWssConfig());
        requestData.setDecCrypto(crypto2);
        requestData.setSigVerCrypto(crypto);
        requestData.setCallbackHandler(callbackHandler);
        return processSecurityHeader(element, requestData);
    }

    public WSHandlerResult processSecurityHeader(Document document, RequestData requestData) throws WSSecurityException {
        if (requestData.getActor() == null) {
            requestData.setActor("");
        }
        String actor = requestData.getActor();
        WSHandlerResult wSHandlerResult = null;
        Element securityHeader = WSSecurityUtil.getSecurityHeader(document, actor);
        if (securityHeader != null) {
            if (this.doDebug) {
                LOG.debug("Processing WS-Security header for '" + actor + "' actor.");
            }
            wSHandlerResult = processSecurityHeader(securityHeader, requestData);
        }
        return wSHandlerResult;
    }

    public WSHandlerResult processSecurityHeader(Element element, RequestData requestData) throws WSSecurityException {
        if (element == null) {
            return new WSHandlerResult(null, Collections.emptyList(), Collections.emptyMap());
        }
        if (requestData.getWssConfig() == null) {
            requestData.setWssConfig(getWssConfig());
        }
        WSDocInfo wSDocInfo = new WSDocInfo(element.getOwnerDocument());
        CallbackLookup callbackLookup = this.callbackLookup;
        if (callbackLookup == null) {
            callbackLookup = new DOMCallbackLookup(element.getOwnerDocument());
        }
        wSDocInfo.setCallbackLookup(callbackLookup);
        wSDocInfo.setCrypto(requestData.getSigVerCrypto());
        wSDocInfo.setSecurityHeader(element);
        WSSConfig wssConfig = getWssConfig();
        Node firstChild = element.getFirstChild();
        LinkedList linkedList = new LinkedList();
        boolean z = false;
        while (firstChild != null) {
            Node nextSibling = firstChild.getNextSibling();
            if (1 == firstChild.getNodeType()) {
                QName qName = new QName(firstChild.getNamespaceURI(), firstChild.getLocalName());
                if (z && qName.equals(WSConstants.TIMESTAMP)) {
                    requestData.getBSPEnforcer().handleBSPRule(BSPRule.R3227);
                } else if (qName.equals(WSConstants.TIMESTAMP)) {
                    z = true;
                }
                Processor processor = wssConfig.getProcessor(qName);
                if (processor != null) {
                    List<WSSecurityEngineResult> handleToken = processor.handleToken((Element) firstChild, requestData, wSDocInfo);
                    if (!handleToken.isEmpty()) {
                        linkedList.addAll(0, handleToken);
                    }
                } else if (this.doDebug) {
                    LOG.debug("Unknown Element: " + firstChild.getLocalName() + " " + firstChild.getNamespaceURI());
                }
            }
            firstChild = (firstChild.getNextSibling() != null || nextSibling == null || nextSibling.getParentNode() == null) ? firstChild.getNextSibling() : nextSibling;
        }
        WSHandlerResult wSHandlerResult = new WSHandlerResult(requestData.getActor(), linkedList, wSDocInfo.getActionResults());
        if (requestData.isValidateSamlSubjectConfirmation()) {
            DOMSAMLUtil.validateSAMLResults(wSHandlerResult, requestData.getTlsCerts(), callbackLookup.getSOAPBody());
        }
        wSDocInfo.clear();
        return wSHandlerResult;
    }
}
