package org.apache.wss4j.stax.impl.securityToken;

import java.lang.reflect.InvocationHandler;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.lang.reflect.Proxy;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.x500.X500Principal;
import org.apache.wss4j.binding.wss10.KeyIdentifierType;
import org.apache.wss4j.binding.wss10.ReferenceType;
import org.apache.wss4j.binding.wss10.SecurityTokenReferenceType;
import org.apache.wss4j.common.bsp.BSPRule;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.stax.ext.WSInboundSecurityContext;
import org.apache.wss4j.stax.ext.WSSConstants;
import org.apache.wss4j.stax.ext.WSSSecurityProperties;
import org.apache.wss4j.stax.securityToken.KerberosServiceSecurityToken;
import org.apache.wss4j.stax.securityToken.SamlSecurityToken;
import org.apache.wss4j.stax.securityToken.SecurityTokenReference;
import org.apache.wss4j.stax.securityToken.UsernameSecurityToken;
import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
import org.apache.wss4j.stax.securityToken.X509SecurityToken;
import org.apache.wss4j.stax.utils.WSSUtils;
import org.apache.xml.security.binding.xmldsig.DSAKeyValueType;
import org.apache.xml.security.binding.xmldsig.KeyInfoType;
import org.apache.xml.security.binding.xmldsig.KeyValueType;
import org.apache.xml.security.binding.xmldsig.RSAKeyValueType;
import org.apache.xml.security.binding.xmldsig.X509DataType;
import org.apache.xml.security.binding.xmldsig.X509IssuerSerialType;
import org.apache.xml.security.binding.xmldsig11.ECKeyValueType;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.stax.ext.InboundSecurityContext;
import org.apache.xml.security.stax.ext.SecurityContext;
import org.apache.xml.security.stax.ext.XMLSecurityConstants;
import org.apache.xml.security.stax.ext.XMLSecurityProperties;
import org.apache.xml.security.stax.ext.XMLSecurityUtils;
import org.apache.xml.security.stax.impl.util.IDGenerator;
import org.apache.xml.security.stax.securityToken.InboundSecurityToken;
import org.apache.xml.security.stax.securityToken.SecurityTokenConstants;
import org.apache.xml.security.stax.securityToken.SecurityTokenFactory;
import org.apache.xml.security.stax.securityToken.SecurityTokenProvider;
import org.apache.xml.security.utils.XMLUtils;

/* loaded from: input_file:BOOT-INF/lib/wss4j-ws-security-stax-2.2.4.redhat-00001.jar:org/apache/wss4j/stax/impl/securityToken/SecurityTokenFactoryImpl.class */
public class SecurityTokenFactoryImpl extends SecurityTokenFactory {
    @Override // org.apache.xml.security.stax.securityToken.SecurityTokenFactory
    public InboundSecurityToken getSecurityToken(KeyInfoType keyInfoType, SecurityTokenConstants.KeyUsage keyUsage, XMLSecurityProperties xMLSecurityProperties, InboundSecurityContext inboundSecurityContext) throws XMLSecurityException {
        Crypto crypto = null;
        if (WSSecurityTokenConstants.KeyUsage_Signature_Verification.equals(keyUsage)) {
            crypto = ((WSSSecurityProperties) xMLSecurityProperties).getSignatureVerificationCrypto();
        } else if (WSSecurityTokenConstants.KeyUsage_Decryption.equals(keyUsage)) {
            crypto = ((WSSSecurityProperties) xMLSecurityProperties).getDecryptionCrypto();
        }
        if (keyInfoType != null) {
            SecurityTokenReferenceType securityTokenReferenceType = (SecurityTokenReferenceType) XMLSecurityUtils.getQNameType(keyInfoType.getContent(), WSSConstants.TAG_WSSE_SECURITY_TOKEN_REFERENCE);
            if (securityTokenReferenceType != null) {
                return getSecurityToken(securityTokenReferenceType, crypto, ((WSSSecurityProperties) xMLSecurityProperties).getCallbackHandler(), inboundSecurityContext, (WSSSecurityProperties) xMLSecurityProperties);
            }
            KeyValueType keyValueType = (KeyValueType) XMLSecurityUtils.getQNameType(keyInfoType.getContent(), WSSConstants.TAG_dsig_KeyValue);
            if (keyValueType != null) {
                return getSecurityToken(keyValueType, crypto, ((WSSSecurityProperties) xMLSecurityProperties).getCallbackHandler(), inboundSecurityContext, (WSSSecurityProperties) xMLSecurityProperties);
            }
        } else if (crypto != null && crypto.getDefaultX509Identifier() != null) {
            return new X509DefaultSecurityTokenImpl((WSInboundSecurityContext) inboundSecurityContext, crypto, ((WSSSecurityProperties) xMLSecurityProperties).getCallbackHandler(), crypto.getDefaultX509Identifier(), crypto.getDefaultX509Identifier(), WSSecurityTokenConstants.KeyIdentifier_NoKeyInfo, (WSSSecurityProperties) xMLSecurityProperties);
        }
        throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, "noKeyinfo");
    }

    public static InboundSecurityToken getSecurityToken(SecurityTokenReferenceType securityTokenReferenceType, Crypto crypto, CallbackHandler callbackHandler, InboundSecurityContext inboundSecurityContext, WSSSecurityProperties wSSSecurityProperties) throws XMLSecurityException {
        InboundSecurityToken securityToken;
        InboundSecurityToken securityToken2;
        try {
            if (securityTokenReferenceType == null) {
                throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, "noSecTokRef");
            }
            if (securityTokenReferenceType.getAny().size() > 1) {
                ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R3061);
            }
            if (securityTokenReferenceType.getId() == null) {
                securityTokenReferenceType.setId(IDGenerator.generateID(null));
            }
            X509DataType x509DataType = (X509DataType) XMLSecurityUtils.getQNameType(securityTokenReferenceType.getAny(), WSSConstants.TAG_dsig_X509Data);
            if (x509DataType != null && (securityToken2 = getSecurityToken(x509DataType, securityTokenReferenceType.getId(), crypto, callbackHandler, inboundSecurityContext, wSSSecurityProperties)) != null) {
                return securityToken2;
            }
            String qNameAttribute = XMLSecurityUtils.getQNameAttribute(securityTokenReferenceType.getOtherAttributes(), WSSConstants.ATT_WSSE11_TOKEN_TYPE);
            KeyIdentifierType keyIdentifierType = (KeyIdentifierType) XMLSecurityUtils.getQNameType(securityTokenReferenceType.getAny(), WSSConstants.TAG_WSSE_KEY_IDENTIFIER);
            if (keyIdentifierType != null && (securityToken = getSecurityToken(keyIdentifierType, securityTokenReferenceType.getId(), qNameAttribute, crypto, callbackHandler, inboundSecurityContext, wSSSecurityProperties)) != null) {
                inboundSecurityContext.remove("" + Thread.currentThread().hashCode());
                return securityToken;
            }
            ReferenceType referenceType = (ReferenceType) XMLSecurityUtils.getQNameType(securityTokenReferenceType.getAny(), WSSConstants.TAG_WSSE_REFERENCE);
            if (referenceType == null) {
                throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, "noKeyinfo");
            }
            InboundSecurityToken securityToken3 = getSecurityToken(referenceType, qNameAttribute, inboundSecurityContext, wSSSecurityProperties);
            inboundSecurityContext.remove("" + Thread.currentThread().hashCode());
            return securityToken3;
        } finally {
            inboundSecurityContext.remove("" + Thread.currentThread().hashCode());
        }
    }

    private static InboundSecurityToken getSecurityToken(X509DataType x509DataType, String str, Crypto crypto, CallbackHandler callbackHandler, InboundSecurityContext inboundSecurityContext, WSSSecurityProperties wSSSecurityProperties) throws XMLSecurityException {
        X509IssuerSerialType x509IssuerSerialType = (X509IssuerSerialType) XMLSecurityUtils.getQNameType(x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName(), WSSConstants.TAG_dsig_X509IssuerSerial);
        if (x509IssuerSerialType == null) {
            byte[] bArr = (byte[]) XMLSecurityUtils.getQNameType(x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName(), XMLSecurityConstants.TAG_dsig_X509SKI);
            if (bArr != null) {
                return new X509SKISecurityTokenImpl((WSInboundSecurityContext) inboundSecurityContext, crypto, callbackHandler, bArr, str, wSSSecurityProperties);
            }
            byte[] bArr2 = (byte[]) XMLSecurityUtils.getQNameType(x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName(), WSSConstants.TAG_dsig_X509Certificate);
            if (bArr2 != null) {
                return new X509V3SecurityTokenImpl((WSInboundSecurityContext) inboundSecurityContext, crypto, callbackHandler, bArr2, str, wSSSecurityProperties);
            }
            return null;
        }
        List<SecurityTokenProvider<? extends InboundSecurityToken>> registeredSecurityTokenProviders = inboundSecurityContext.getRegisteredSecurityTokenProviders();
        for (int i = 0; i < registeredSecurityTokenProviders.size(); i++) {
            InboundSecurityToken securityToken = registeredSecurityTokenProviders.get(i).getSecurityToken();
            if (securityToken instanceof X509SecurityToken) {
                X509Certificate x509Certificate = ((X509SecurityToken) securityToken).getX509Certificates()[0];
                X500Principal x500Principal = new X500Principal(x509IssuerSerialType.getX509IssuerName());
                if (x509Certificate.getSerialNumber().compareTo(x509IssuerSerialType.getX509SerialNumber()) == 0 && x509Certificate.getIssuerX500Principal().equals(x500Principal)) {
                    return createSecurityTokenProxy(securityToken, WSSecurityTokenConstants.KeyIdentifier_IssuerSerial);
                }
            }
        }
        return new X509IssuerSerialTokenImpl((WSInboundSecurityContext) inboundSecurityContext, crypto, callbackHandler, x509IssuerSerialType, str, wSSSecurityProperties);
    }

    private static InboundSecurityToken getSecurityToken(KeyIdentifierType keyIdentifierType, String str, String str2, Crypto crypto, CallbackHandler callbackHandler, InboundSecurityContext inboundSecurityContext, WSSSecurityProperties wSSSecurityProperties) throws XMLSecurityException {
        String valueType = keyIdentifierType.getValueType();
        if (valueType == null) {
            ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R3054);
        }
        String encodingType = keyIdentifierType.getEncodingType();
        byte[] bArr = null;
        if ("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary".equals(encodingType)) {
            bArr = XMLUtils.decode(keyIdentifierType.getValue());
        } else if ("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID".equals(valueType) || "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID".equals(valueType)) {
            if (encodingType != null && ("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID".equals(valueType) || "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID".equals(valueType))) {
                ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R6604);
            }
        } else if (encodingType == null) {
            ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R3070);
        } else {
            ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R3071);
        }
        if ("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3".equals(valueType)) {
            return new X509V3SecurityTokenImpl((WSInboundSecurityContext) inboundSecurityContext, crypto, callbackHandler, bArr, str, wSSSecurityProperties);
        }
        if ("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier".equals(valueType)) {
            return new X509SKISecurityTokenImpl((WSInboundSecurityContext) inboundSecurityContext, crypto, callbackHandler, bArr, str, wSSSecurityProperties);
        }
        if ("http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1".equals(valueType)) {
            try {
                MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
                List<SecurityTokenProvider<? extends InboundSecurityToken>> registeredSecurityTokenProviders = inboundSecurityContext.getRegisteredSecurityTokenProviders();
                for (int i = 0; i < registeredSecurityTokenProviders.size(); i++) {
                    InboundSecurityToken securityToken = registeredSecurityTokenProviders.get(i).getSecurityToken();
                    if ((securityToken instanceof X509SecurityToken) && Arrays.equals(messageDigest.digest(((X509SecurityToken) securityToken).getX509Certificates()[0].getEncoded()), bArr)) {
                        return createSecurityTokenProxy(securityToken, WSSecurityTokenConstants.KEYIDENTIFIER_THUMBPRINT_IDENTIFIER);
                    }
                }
                return new X509ThumbprintSHA1SecurityTokenImpl((WSInboundSecurityContext) inboundSecurityContext, crypto, callbackHandler, bArr, str, wSSSecurityProperties);
            } catch (NoSuchAlgorithmException e) {
                throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e);
            } catch (CertificateEncodingException e2) {
                throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY_TOKEN);
            }
        }
        if ("http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKeySHA1".equals(valueType)) {
            return new EncryptedKeySha1SecurityTokenImpl((WSInboundSecurityContext) inboundSecurityContext, callbackHandler, keyIdentifierType.getValue(), str);
        }
        if ("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID".equals(valueType) || "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID".equals(valueType)) {
            if ("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID".equals(valueType) && !"http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0".equals(str2)) {
                ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R6617);
            } else if ("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID".equals(valueType) && !"http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1".equals(str2)) {
                ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R6611);
            }
            SecurityTokenProvider<? extends InboundSecurityToken> securityTokenProvider = inboundSecurityContext.getSecurityTokenProvider(keyIdentifierType.getValue());
            return securityTokenProvider != null ? createSecurityTokenProxy(securityTokenProvider.getSecurityToken(), WSSecurityTokenConstants.KEYIDENTIFIER_SECURITY_TOKEN_DIRECT_REFERENCE) : new SamlSecurityTokenImpl((WSInboundSecurityContext) inboundSecurityContext, keyIdentifierType.getValue(), WSSecurityTokenConstants.KEYIDENTIFIER_EXTERNAL_REFERENCE, wSSSecurityProperties);
        }
        if (!"http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#Kerberosv5APREQSHA1".equals(valueType)) {
            ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R3063);
            return null;
        }
        SecurityTokenProvider<? extends InboundSecurityToken> securityTokenProvider2 = inboundSecurityContext.getSecurityTokenProvider(keyIdentifierType.getValue());
        if (securityTokenProvider2 != null) {
            return createSecurityTokenProxy(securityTokenProvider2.getSecurityToken(), WSSecurityTokenConstants.KEYIDENTIFIER_SECURITY_TOKEN_DIRECT_REFERENCE);
        }
        try {
            MessageDigest messageDigest2 = MessageDigest.getInstance("SHA-1");
            List<SecurityTokenProvider<? extends InboundSecurityToken>> registeredSecurityTokenProviders2 = inboundSecurityContext.getRegisteredSecurityTokenProviders();
            for (int i2 = 0; i2 < registeredSecurityTokenProviders2.size(); i2++) {
                InboundSecurityToken securityToken2 = registeredSecurityTokenProviders2.get(i2).getSecurityToken();
                if ((securityToken2 instanceof KerberosServiceSecurityToken) && Arrays.equals(messageDigest2.digest(((KerberosServiceSecurityToken) securityToken2).getBinaryContent()), bArr)) {
                    return createSecurityTokenProxy(securityToken2, WSSecurityTokenConstants.KEYIDENTIFIER_THUMBPRINT_IDENTIFIER);
                }
            }
            return new EncryptedKeySha1SecurityTokenImpl((WSInboundSecurityContext) inboundSecurityContext, callbackHandler, keyIdentifierType.getValue(), str);
        } catch (NoSuchAlgorithmException e3) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e3);
        }
    }

    private static InboundSecurityToken getSecurityToken(ReferenceType referenceType, String str, InboundSecurityContext inboundSecurityContext, WSSSecurityProperties wSSSecurityProperties) throws XMLSecurityException {
        String uri = referenceType.getURI();
        if (uri == null) {
            ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R3062);
            throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, "badReferenceURI");
        }
        boolean z = true;
        if (!uri.startsWith("#")) {
            z = false;
            try {
                return new ExternalSecurityTokenImpl((WSInboundSecurityContext) inboundSecurityContext, uri, WSSecurityTokenConstants.KEYIDENTIFIER_EXTERNAL_REFERENCE, wSSSecurityProperties, false);
            } catch (WSSecurityException e) {
                ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R5204);
            }
        }
        String dropReferenceMarker = WSSUtils.dropReferenceMarker(uri);
        Integer num = (Integer) inboundSecurityContext.get("" + Thread.currentThread().hashCode());
        if (num == null) {
            num = 0;
        }
        Integer valueOf = Integer.valueOf(num.intValue() + 1);
        if (valueOf.intValue() == 10) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY_TOKEN);
        }
        inboundSecurityContext.put("" + Thread.currentThread().hashCode(), valueOf);
        SecurityTokenProvider<? extends InboundSecurityToken> securityTokenProvider = inboundSecurityContext.getSecurityTokenProvider(dropReferenceMarker);
        if (securityTokenProvider == null) {
            return new ExternalSecurityTokenImpl((WSInboundSecurityContext) inboundSecurityContext, dropReferenceMarker, WSSecurityTokenConstants.KEYIDENTIFIER_EXTERNAL_REFERENCE, wSSSecurityProperties, z);
        }
        if (securityTokenProvider.getSecurityToken() instanceof SecurityTokenReference) {
            ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R3057);
        } else if (securityTokenProvider.getSecurityToken() instanceof X509PKIPathv1SecurityTokenImpl) {
            if (!"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509PKIPathv1".equals(referenceType.getValueType())) {
                ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R3058);
            }
            if (!"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509PKIPathv1".equals(str)) {
                ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R5215);
            }
        } else if (securityTokenProvider.getSecurityToken() instanceof X509SecurityToken) {
            if (!"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3".equals(referenceType.getValueType())) {
                ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R3058);
            }
        } else if (securityTokenProvider.getSecurityToken() instanceof UsernameSecurityToken) {
            if (!"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken".equals(referenceType.getValueType())) {
                ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R4214);
            }
        } else if (securityTokenProvider.getSecurityToken() instanceof SamlSecurityToken) {
            SecurityTokenConstants.TokenType tokenType = securityTokenProvider.getSecurityToken().getTokenType();
            if (WSSecurityTokenConstants.SAML_20_TOKEN.equals(tokenType)) {
                String valueType = referenceType.getValueType();
                if (valueType != null && !"".equals(valueType)) {
                    ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R6614);
                }
                if (!"http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0".equals(str)) {
                    ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R6617);
                }
            } else if (WSSecurityTokenConstants.SAML_10_TOKEN.equals(tokenType) && !"http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1".equals(str)) {
                ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R6611);
            }
        }
        return createSecurityTokenProxy(securityTokenProvider.getSecurityToken(), WSSecurityTokenConstants.KEYIDENTIFIER_SECURITY_TOKEN_DIRECT_REFERENCE);
    }

    public static InboundSecurityToken getSecurityToken(KeyValueType keyValueType, Crypto crypto, CallbackHandler callbackHandler, SecurityContext securityContext, WSSSecurityProperties wSSSecurityProperties) throws XMLSecurityException {
        RSAKeyValueType rSAKeyValueType = (RSAKeyValueType) XMLSecurityUtils.getQNameType(keyValueType.getContent(), WSSConstants.TAG_dsig_RSAKeyValue);
        if (rSAKeyValueType != null) {
            return new RsaKeyValueSecurityTokenImpl(rSAKeyValueType, (WSInboundSecurityContext) securityContext, crypto, callbackHandler, wSSSecurityProperties);
        }
        DSAKeyValueType dSAKeyValueType = (DSAKeyValueType) XMLSecurityUtils.getQNameType(keyValueType.getContent(), WSSConstants.TAG_dsig_DSAKeyValue);
        if (dSAKeyValueType != null) {
            return new DsaKeyValueSecurityTokenImpl(dSAKeyValueType, (WSInboundSecurityContext) securityContext, crypto, callbackHandler, wSSSecurityProperties);
        }
        ECKeyValueType eCKeyValueType = (ECKeyValueType) XMLSecurityUtils.getQNameType(keyValueType.getContent(), WSSConstants.TAG_dsig11_ECKeyValue);
        if (eCKeyValueType != null) {
            return new ECKeyValueSecurityTokenImpl(eCKeyValueType, (WSInboundSecurityContext) securityContext, crypto, callbackHandler, wSSSecurityProperties);
        }
        throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, "unsupportedKeyInfo");
    }

    private static InboundSecurityToken createSecurityTokenProxy(final InboundSecurityToken inboundSecurityToken, final SecurityTokenConstants.KeyIdentifier keyIdentifier) {
        ArrayList arrayList = new ArrayList();
        getImplementedInterfaces(inboundSecurityToken.getClass(), arrayList);
        return (InboundSecurityToken) Proxy.newProxyInstance(inboundSecurityToken.getClass().getClassLoader(), (Class[]) arrayList.toArray(new Class[arrayList.size()]), new InvocationHandler() { // from class: org.apache.wss4j.stax.impl.securityToken.SecurityTokenFactoryImpl.1
            @Override // java.lang.reflect.InvocationHandler
            public Object invoke(Object obj, Method method, Object[] objArr) throws Throwable {
                if (method.getName().equals("getKeyIdentifier")) {
                    return SecurityTokenConstants.KeyIdentifier.this;
                }
                try {
                    return method.invoke(inboundSecurityToken, objArr);
                } catch (InvocationTargetException e) {
                    throw e.getTargetException();
                }
            }
        });
    }

    private static void getImplementedInterfaces(Class<?> cls, List<Class<?>> list) {
        if (cls == null) {
            return;
        }
        for (Class<?> cls2 : cls.getInterfaces()) {
            if (!list.contains(cls2)) {
                list.add(cls2);
            }
            getImplementedInterfaces(cls2, list);
        }
        getImplementedInterfaces(cls.getSuperclass(), list);
    }
}
