package org.picketlink.identity.federation.core.wstrust;

import java.net.URI;
import java.util.Map;
import javax.xml.namespace.QName;
import javax.xml.soap.SOAPPart;
import javax.xml.transform.Source;
import javax.xml.transform.dom.DOMSource;
import javax.xml.ws.BindingProvider;
import javax.xml.ws.Dispatch;
import javax.xml.ws.Service;
import javax.xml.ws.soap.SOAPBinding;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
import org.picketlink.identity.federation.ws.trust.RenewTargetType;
import org.picketlink.identity.federation.ws.trust.StatusType;
import org.picketlink.identity.federation.ws.trust.ValidateTargetType;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:WEB-INF/lib/picketlink-fed-core-1.0.3.CR4.jar:org/picketlink/identity/federation/core/wstrust/STSClient.class */
public class STSClient {
    private ThreadLocal<Dispatch<Source>> dispatchLocal = new InheritableThreadLocal();
    private String targetNS = "http://org.picketlink.trust/sts/";

    public STSClient(STSClientConfig sTSClientConfig) {
        QName qName = new QName(this.targetNS, sTSClientConfig.getServiceName());
        QName qName2 = new QName(this.targetNS, sTSClientConfig.getPortName());
        Service create = Service.create(qName);
        create.addPort(qName2, SOAPBinding.SOAP11HTTP_BINDING, sTSClientConfig.getEndPointAddress());
        Dispatch<Source> createDispatch = create.createDispatch(qName2, Source.class, Service.Mode.PAYLOAD);
        Map<String, Object> requestContext = createDispatch.getRequestContext();
        if (sTSClientConfig.getUsername() != null) {
            requestContext.put(BindingProvider.USERNAME_PROPERTY, sTSClientConfig.getUsername());
            requestContext.put(BindingProvider.PASSWORD_PROPERTY, sTSClientConfig.getPassword());
        }
        this.dispatchLocal.set(createDispatch);
    }

    public Element issueTokenForEndpoint(String str) throws WSTrustException {
        RequestSecurityToken requestSecurityToken = new RequestSecurityToken();
        setAppliesTo(str, requestSecurityToken);
        return issueToken(requestSecurityToken);
    }

    public Element issueToken(String str, String str2) throws WSTrustException {
        if (str == null && str2 == null) {
            throw new IllegalArgumentException("One of endpointURI or tokenType must be provided.");
        }
        RequestSecurityToken requestSecurityToken = new RequestSecurityToken();
        setAppliesTo(str, requestSecurityToken);
        setTokenType(str2, requestSecurityToken);
        return issueToken(requestSecurityToken);
    }

    public Element issueToken(String str) throws WSTrustException {
        RequestSecurityToken requestSecurityToken = new RequestSecurityToken();
        setTokenType(str, requestSecurityToken);
        return issueToken(requestSecurityToken);
    }

    private RequestSecurityToken setAppliesTo(String str, RequestSecurityToken requestSecurityToken) {
        if (str != null) {
            requestSecurityToken.setAppliesTo(WSTrustUtil.createAppliesTo(str));
        }
        return requestSecurityToken;
    }

    private RequestSecurityToken setTokenType(String str, RequestSecurityToken requestSecurityToken) {
        if (str != null) {
            requestSecurityToken.setTokenType(URI.create(str));
        }
        return requestSecurityToken;
    }

    private Element issueToken(RequestSecurityToken requestSecurityToken) throws WSTrustException {
        NodeList elementsByTagNameNS;
        requestSecurityToken.setRequestType(URI.create(WSTrustConstants.ISSUE_REQUEST));
        requestSecurityToken.setContext("context");
        try {
            SOAPPart nodeFromSource = DocumentUtil.getNodeFromSource(this.dispatchLocal.get().invoke((DOMSource) WSTrustJAXBFactory.getInstance().marshallRequestSecurityToken(requestSecurityToken)));
            Document ownerDocument = nodeFromSource instanceof Document ? (Document) nodeFromSource : nodeFromSource.getOwnerDocument();
            Document createDocument = DocumentUtil.createDocument();
            createDocument.appendChild(createDocument.importNode(ownerDocument.getDocumentElement(), true));
            if (ownerDocument instanceof SOAPPart) {
                Node firstChild = ((SOAPPart) ownerDocument).getEnvelope().getBody().getFirstChild();
                elementsByTagNameNS = ((Element) firstChild).getElementsByTagNameNS(WSTrustConstants.BASE_NAMESPACE, "RequestedSecurityToken");
                if (elementsByTagNameNS == null || elementsByTagNameNS.getLength() == 0) {
                    elementsByTagNameNS = ((Element) firstChild).getElementsByTagName("RequestedSecurityToken");
                }
            } else {
                elementsByTagNameNS = ownerDocument.getElementsByTagNameNS(WSTrustConstants.BASE_NAMESPACE, "RequestedSecurityToken");
                if (elementsByTagNameNS == null || elementsByTagNameNS.getLength() == 0) {
                    elementsByTagNameNS = ownerDocument.getElementsByTagName("RequestedSecurityToken");
                }
            }
            if (elementsByTagNameNS == null) {
                throw new WSTrustException("NodeList is null");
            }
            return (Element) elementsByTagNameNS.item(0).getFirstChild();
        } catch (Exception e) {
            throw new WSTrustException("Exception in issuing token:", e);
        }
    }

    public Element renewToken(String str, Element element) throws WSTrustException {
        NodeList elementsByTagNameNS;
        RequestSecurityToken requestSecurityToken = new RequestSecurityToken();
        requestSecurityToken.setContext("context");
        requestSecurityToken.setTokenType(URI.create(WSTrustConstants.STATUS_TYPE));
        requestSecurityToken.setRequestType(URI.create(WSTrustConstants.RENEW_REQUEST));
        RenewTargetType renewTargetType = new RenewTargetType();
        renewTargetType.setAny(element);
        requestSecurityToken.setRenewTarget(renewTargetType);
        SOAPPart node = ((DOMSource) this.dispatchLocal.get().invoke((DOMSource) WSTrustJAXBFactory.getInstance().marshallRequestSecurityToken(requestSecurityToken))).getNode();
        Document ownerDocument = node instanceof Document ? (Document) node : node.getOwnerDocument();
        try {
            Document createDocument = DocumentUtil.createDocument();
            createDocument.appendChild(createDocument.importNode(ownerDocument.getDocumentElement(), true));
            if (ownerDocument instanceof SOAPPart) {
                Node firstChild = ((SOAPPart) ownerDocument).getEnvelope().getBody().getFirstChild();
                elementsByTagNameNS = ((Element) firstChild).getElementsByTagNameNS(WSTrustConstants.BASE_NAMESPACE, "RequestedSecurityToken");
                if (elementsByTagNameNS == null || elementsByTagNameNS.getLength() == 0) {
                    elementsByTagNameNS = ((Element) firstChild).getElementsByTagName("RequestedSecurityToken");
                }
            } else {
                elementsByTagNameNS = ownerDocument.getElementsByTagNameNS(WSTrustConstants.BASE_NAMESPACE, "RequestedSecurityToken");
                if (elementsByTagNameNS == null || elementsByTagNameNS.getLength() == 0) {
                    elementsByTagNameNS = ownerDocument.getElementsByTagName("RequestedSecurityToken");
                }
            }
            if (elementsByTagNameNS == null) {
                throw new WSTrustException("NodeList is null");
            }
            return (Element) elementsByTagNameNS.item(0).getFirstChild();
        } catch (Exception e) {
            throw new WSTrustException("Exception in renewing token:", e);
        }
    }

    public boolean validateToken(Element element) throws WSTrustException {
        RequestSecurityToken requestSecurityToken = new RequestSecurityToken();
        requestSecurityToken.setContext("context");
        requestSecurityToken.setTokenType(URI.create(WSTrustConstants.STATUS_TYPE));
        requestSecurityToken.setRequestType(URI.create(WSTrustConstants.VALIDATE_REQUEST));
        ValidateTargetType validateTargetType = new ValidateTargetType();
        validateTargetType.setAny(element);
        requestSecurityToken.setValidateTarget(validateTargetType);
        WSTrustJAXBFactory wSTrustJAXBFactory = WSTrustJAXBFactory.getInstance();
        StatusType status = ((RequestSecurityTokenResponseCollection) wSTrustJAXBFactory.parseRequestSecurityTokenResponse(this.dispatchLocal.get().invoke((DOMSource) wSTrustJAXBFactory.marshallRequestSecurityToken(requestSecurityToken)))).getRequestSecurityTokenResponses().get(0).getStatus();
        if (status != null) {
            return WSTrustConstants.STATUS_CODE_VALID.equals(status.getCode());
        }
        return false;
    }

    public Dispatch<Source> getDispatch() {
        return this.dispatchLocal.get();
    }
}
