package org.picketlink.identity.federation.core.sts;

import java.io.File;
import java.net.URL;
import java.security.AccessController;
import java.security.PrivilegedAction;
import javax.xml.namespace.QName;
import org.apache.commons.lang.StringUtils;
import org.picketlink.common.ErrorCodes;
import org.picketlink.common.PicketLinkLogger;
import org.picketlink.common.PicketLinkLoggerFactory;
import org.picketlink.common.exceptions.ConfigurationException;
import org.picketlink.common.exceptions.ProcessingException;
import org.picketlink.config.federation.STSType;
import org.picketlink.config.federation.parsers.STSConfigParser;
import org.picketlink.identity.federation.core.interfaces.ProtocolContext;
import org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider;
import org.picketlink.identity.federation.core.wstrust.PicketLinkSTSConfiguration;
import org.picketlink.identity.federation.core.wstrust.STSConfiguration;

/* loaded from: input_file:WEB-INF/lib/picketlink-federation-2.5.4.SP1-redhat-1.jar:org/picketlink/identity/federation/core/sts/PicketLinkCoreSTS.class */
public class PicketLinkCoreSTS {
    protected STSCoreConfig configuration;
    private static final PicketLinkLogger logger = PicketLinkLoggerFactory.getLogger();
    public static final RuntimePermission rte = new RuntimePermission("org.picketlink.sts");
    private static PicketLinkCoreSTS _instance = null;
    private static final String SEPARATOR = (String) AccessController.doPrivileged(new PrivilegedAction<String>() { // from class: org.picketlink.identity.federation.core.sts.PicketLinkCoreSTS.1
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.security.PrivilegedAction
        public String run() {
            return System.getProperty("file.separator");
        }
    });
    private static final String STS_CONFIG_DIR = "picketlink-store" + SEPARATOR + "sts" + SEPARATOR;

    protected PicketLinkCoreSTS() {
    }

    public static PicketLinkCoreSTS instance() {
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(rte);
        }
        if (_instance == null) {
            _instance = new PicketLinkCoreSTS();
        }
        return _instance;
    }

    public void initialize(STSCoreConfig sTSCoreConfig) {
        if (this.configuration != null) {
            this.configuration.copy(sTSCoreConfig);
        } else {
            this.configuration = sTSCoreConfig;
        }
    }

    public void installDefaultConfiguration(String... strArr) {
        String str = "core-sts.xml";
        if (strArr != null && strArr.length > 0) {
            str = strArr[0];
        }
        if (this.configuration == null) {
            logger.trace("[InstallDefaultConfiguration] Configuration is null. Creating a new configuration");
            this.configuration = new PicketLinkSTSConfiguration();
        }
        try {
            logger.trace("[InstallDefaultConfiguration] Configuration file name=" + str);
            this.configuration.copy(getConfiguration(str));
        } catch (ConfigurationException e) {
            throw new RuntimeException(e);
        }
    }

    public void issueToken(ProtocolContext protocolContext) throws ProcessingException {
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(rte);
        }
        SecurityTokenProvider provider = getProvider(protocolContext);
        if (provider == null) {
            throw logger.stsNoTokenProviderError(this.configuration.toString(), protocolContext.toString());
        }
        logger.debug("issueToken::provider=" + provider);
        provider.issueToken(protocolContext);
    }

    public void renewToken(ProtocolContext protocolContext) throws ProcessingException {
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(rte);
        }
        SecurityTokenProvider securityTokenProvider = null;
        if (0 == 0) {
            securityTokenProvider = getProviderBasedOnQName(protocolContext);
        }
        if (securityTokenProvider == null) {
            throw logger.stsNoTokenProviderError(this.configuration.toString(), protocolContext.toString());
        }
        logger.debug("renewToken::provider=" + securityTokenProvider);
        securityTokenProvider.renewToken(protocolContext);
    }

    public void cancelToken(ProtocolContext protocolContext) throws ProcessingException {
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(rte);
        }
        SecurityTokenProvider securityTokenProvider = null;
        if (0 == 0) {
            securityTokenProvider = getProviderBasedOnQName(protocolContext);
        }
        if (securityTokenProvider == null) {
            throw logger.stsNoTokenProviderError(StringUtils.EMPTY, protocolContext.toString());
        }
        logger.debug("cancelToken::provider=" + securityTokenProvider);
        securityTokenProvider.cancelToken(protocolContext);
    }

    public void validateToken(ProtocolContext protocolContext) throws ProcessingException {
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(rte);
        }
        SecurityTokenProvider securityTokenProvider = null;
        if (0 == 0) {
            securityTokenProvider = getProviderBasedOnQName(protocolContext);
        }
        if (securityTokenProvider == null) {
            throw logger.stsNoTokenProviderError(this.configuration.toString(), protocolContext.toString());
        }
        logger.debug("validateToken::provider=" + securityTokenProvider);
        securityTokenProvider.validateToken(protocolContext);
    }

    private SecurityTokenProvider getProvider(ProtocolContext protocolContext) {
        if (this.configuration == null) {
            throw new RuntimeException(ErrorCodes.STS_CONFIGURATION_NOT_SET);
        }
        SecurityTokenProvider securityTokenProvider = null;
        String serviceName = protocolContext.serviceName();
        if (serviceName != null) {
            securityTokenProvider = this.configuration.getProviderForService(serviceName);
        }
        if (securityTokenProvider == null && protocolContext.tokenType() != null) {
            securityTokenProvider = this.configuration.getProviderForTokenType(protocolContext.tokenType());
        }
        return securityTokenProvider;
    }

    private SecurityTokenProvider getProviderBasedOnQName(ProtocolContext protocolContext) throws ProcessingException {
        SecurityTokenProvider securityTokenProvider = null;
        QName qName = null;
        if (0 == 0) {
            qName = protocolContext.getQName();
            if (qName == null) {
                throw new ProcessingException("PL00092: Null Value:QName of the token type");
            }
            securityTokenProvider = this.configuration.getProviderForTokenElementNS(protocolContext.family(), qName);
        }
        if (securityTokenProvider == null) {
            throw new ProcessingException(ErrorCodes.STS_NO_TOKEN_PROVIDER + qName.getNamespaceURI() + ":" + qName.getLocalPart());
        }
        return securityTokenProvider;
    }

    protected STSConfiguration getConfiguration(String str) throws ConfigurationException {
        try {
            File file = new File(System.getProperty("user.home") + SEPARATOR + STS_CONFIG_DIR + str);
            URL url = file.exists() ? file.toURI().toURL() : SecurityActions.loadResource(getClass(), str);
            if (url == null) {
                logger.stsConfigurationFileNotFoundTCL(str);
                url = SecurityActions.getClassLoader(getClass()).getResource(str);
            }
            if (url == null) {
                logger.stsConfigurationFileNotFoundClassLoader(str);
                try {
                    try {
                        url = new URL(str);
                        if (url == null) {
                            logger.stsUsingDefaultConfiguration(str);
                            return new PicketLinkSTSConfiguration();
                        }
                    } catch (Throwable th) {
                        if (url != null) {
                            throw th;
                        }
                        logger.stsUsingDefaultConfiguration(str);
                        return new PicketLinkSTSConfiguration();
                    }
                } catch (Exception e) {
                    PicketLinkSTSConfiguration picketLinkSTSConfiguration = new PicketLinkSTSConfiguration();
                    if (url != null) {
                        return picketLinkSTSConfiguration;
                    }
                    logger.stsUsingDefaultConfiguration(str);
                    return new PicketLinkSTSConfiguration();
                }
            }
            PicketLinkSTSConfiguration picketLinkSTSConfiguration2 = new PicketLinkSTSConfiguration((STSType) new STSConfigParser().parse(url.openStream()));
            logger.stsConfigurationFileLoaded(str);
            return picketLinkSTSConfiguration2;
        } catch (Exception e2) {
            throw logger.stsConfigurationFileParsingError(e2);
        }
    }

    public STSCoreConfig getConfiguration() {
        return this.configuration;
    }
}
