package org.jboss.identity.federation.bindings.jboss.wstrust;

import java.security.KeyPair;
import java.security.PublicKey;
import java.util.HashMap;
import java.util.Map;
import org.jboss.identity.federation.core.config.KeyProviderType;
import org.jboss.identity.federation.core.config.PropertyType;
import org.jboss.identity.federation.core.config.STSType;
import org.jboss.identity.federation.core.config.ServiceProviderType;
import org.jboss.identity.federation.core.config.ServiceProvidersType;
import org.jboss.identity.federation.core.config.TokenProviderType;
import org.jboss.identity.federation.core.config.TokenProvidersType;
import org.jboss.identity.federation.core.wstrust.STSConfiguration;
import org.jboss.identity.federation.core.wstrust.SecurityTokenProvider;
import org.jboss.identity.federation.core.wstrust.WSTrustRequestHandler;
import org.jboss.identity.federation.core.wstrust.WSTrustServiceFactory;
import org.jboss.identity.federation.web.interfaces.TrustKeyManager;

/* loaded from: input_file:org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTSConfiguration.class */
public class JBossSTSConfiguration implements STSConfiguration {
    private final STSType delegate;
    private final Map<String, SecurityTokenProvider> tokenProviders;
    private final Map<String, ServiceProviderType> spMetadata;
    private TrustKeyManager trustManager;
    private WSTrustRequestHandler handler;

    public JBossSTSConfiguration() {
        this.tokenProviders = new HashMap();
        this.spMetadata = new HashMap();
        this.delegate = new STSType();
        this.delegate.setRequestHandler("org.jboss.identity.federation.core.wstrust.StandardRequestHandler");
    }

    public JBossSTSConfiguration(STSType sTSType) {
        this.tokenProviders = new HashMap();
        this.spMetadata = new HashMap();
        this.delegate = sTSType;
        if (this.delegate.getRequestHandler() == null) {
            this.delegate.setRequestHandler("org.jboss.identity.federation.core.wstrust.StandardRequestHandler");
        }
        TokenProvidersType tokenProviders = this.delegate.getTokenProviders();
        if (tokenProviders != null) {
            WSTrustServiceFactory wSTrustServiceFactory = WSTrustServiceFactory.getInstance();
            for (TokenProviderType tokenProviderType : tokenProviders.getTokenProvider()) {
                SecurityTokenProvider createTokenProvider = wSTrustServiceFactory.createTokenProvider(tokenProviderType.getProviderClass());
                HashMap hashMap = new HashMap();
                for (PropertyType propertyType : tokenProviderType.getProperty()) {
                    hashMap.put(propertyType.getName(), propertyType.getValue());
                }
                createTokenProvider.initialize(hashMap);
                this.tokenProviders.put(tokenProviderType.getTokenType(), createTokenProvider);
                this.tokenProviders.put(tokenProviderType.getTokenElement() + "$" + tokenProviderType.getTokenElementNS(), createTokenProvider);
            }
        }
        ServiceProvidersType serviceProviders = this.delegate.getServiceProviders();
        if (serviceProviders != null) {
            for (ServiceProviderType serviceProviderType : serviceProviders.getServiceProvider()) {
                this.spMetadata.put(serviceProviderType.getEndpoint(), serviceProviderType);
            }
        }
        KeyProviderType keyProvider = sTSType.getKeyProvider();
        if (keyProvider != null) {
            try {
                this.trustManager = (TrustKeyManager) SecurityActions.instantiateClass(keyProvider.getClassName());
                this.trustManager.setAuthProperties(keyProvider.getAuth());
                this.trustManager.setValidatingAlias(keyProvider.getValidatingAlias());
            } catch (Exception e) {
                throw new RuntimeException("Unable to construct the key manager:", e);
            }
        }
    }

    public String getSTSName() {
        return this.delegate.getSTSName();
    }

    public boolean encryptIssuedToken() {
        return this.delegate.isEncryptToken();
    }

    public boolean signIssuedToken() {
        return this.delegate.isSignToken();
    }

    public long getIssuedTokenTimeout() {
        return this.delegate.getTokenTimeout() * 1000;
    }

    public WSTrustRequestHandler getRequestHandler() {
        if (this.handler == null) {
            this.handler = WSTrustServiceFactory.getInstance().createRequestHandler(this.delegate.getRequestHandler(), this);
        }
        return this.handler;
    }

    public SecurityTokenProvider getProviderForService(String str) {
        ServiceProviderType serviceProviderType = this.spMetadata.get(str);
        if (serviceProviderType != null) {
            return this.tokenProviders.get(serviceProviderType.getTokenType());
        }
        return null;
    }

    public SecurityTokenProvider getProviderForTokenType(String str) {
        return this.tokenProviders.get(str);
    }

    public SecurityTokenProvider getProviderForTokenElementNS(String str, String str2) {
        return this.tokenProviders.get(str + "$" + str2);
    }

    public String getTokenTypeForService(String str) {
        ServiceProviderType serviceProviderType = this.spMetadata.get(str);
        if (serviceProviderType != null) {
            return serviceProviderType.getTokenType();
        }
        return null;
    }

    public PublicKey getServiceProviderPublicKey(String str) {
        PublicKey publicKey = null;
        if (this.trustManager != null) {
            try {
                ServiceProviderType serviceProviderType = this.spMetadata.get(str);
                if (serviceProviderType != null && serviceProviderType.getTruststoreAlias() != null) {
                    publicKey = this.trustManager.getPublicKey(serviceProviderType.getTruststoreAlias());
                }
                if (publicKey == null) {
                    publicKey = this.trustManager.getValidatingKey(str);
                }
            } catch (Exception e) {
                throw new RuntimeException("Error obtaining public key for service " + str, e);
            }
        }
        return publicKey;
    }

    public KeyPair getSTSKeyPair() {
        KeyPair keyPair = null;
        if (this.trustManager != null) {
            try {
                keyPair = this.trustManager.getSigningKeyPair();
            } catch (Exception e) {
                throw new RuntimeException("Error obtaining signing key pair:", e);
            }
        }
        return keyPair;
    }
}
