package org.apache.wss4j.policy.stax.assertionStates;

import javax.xml.namespace.QName;
import org.apache.wss4j.common.WSSPolicyException;
import org.apache.wss4j.policy.SPConstants;
import org.apache.wss4j.policy.model.AbstractSecurityAssertion;
import org.apache.wss4j.policy.model.AbstractToken;
import org.apache.wss4j.policy.model.KeyValueToken;
import org.apache.wss4j.policy.stax.PolicyAsserter;
import org.apache.wss4j.stax.securityEvent.KeyValueTokenSecurityEvent;
import org.apache.wss4j.stax.securityEvent.WSSecurityEventConstants;
import org.apache.wss4j.stax.securityToken.RsaKeyValueSecurityToken;
import org.apache.xml.security.stax.securityEvent.SecurityEventConstants;
import org.apache.xml.security.stax.securityEvent.TokenSecurityEvent;
import org.apache.xml.security.stax.securityToken.SecurityToken;

/* loaded from: input_file:m2repo/org/apache/wss4j/wss4j-ws-security-policy-stax/2.1.10/wss4j-ws-security-policy-stax-2.1.10.jar:org/apache/wss4j/policy/stax/assertionStates/KeyValueTokenAssertionState.class */
public class KeyValueTokenAssertionState extends TokenAssertionState {
    public KeyValueTokenAssertionState(AbstractSecurityAssertion abstractSecurityAssertion, boolean z, PolicyAsserter policyAsserter, boolean z2) {
        super(abstractSecurityAssertion, z, policyAsserter, z2);
        if (z) {
            KeyValueToken keyValueToken = (KeyValueToken) getAssertion();
            String namespaceURI = keyValueToken.getName().getNamespaceURI();
            if (keyValueToken.isRsaKeyValue()) {
                getPolicyAsserter().assertPolicy(new QName(namespaceURI, SPConstants.RSA_KEY_VALUE));
            }
        }
    }

    @Override // org.apache.wss4j.policy.stax.Assertable
    public SecurityEventConstants.Event[] getSecurityEventType() {
        return new SecurityEventConstants.Event[]{WSSecurityEventConstants.KeyValueToken};
    }

    @Override // org.apache.wss4j.policy.stax.assertionStates.TokenAssertionState
    public boolean assertToken(TokenSecurityEvent<? extends SecurityToken> tokenSecurityEvent, AbstractToken abstractToken) throws WSSPolicyException {
        if (!(tokenSecurityEvent instanceof KeyValueTokenSecurityEvent)) {
            throw new WSSPolicyException("Expected a KeyValueTokenSecurityEvent but got " + tokenSecurityEvent.getClass().getName());
        }
        KeyValueTokenSecurityEvent keyValueTokenSecurityEvent = (KeyValueTokenSecurityEvent) tokenSecurityEvent;
        String namespaceURI = getAssertion().getName().getNamespaceURI();
        if (((KeyValueToken) abstractToken).isRsaKeyValue()) {
            if (!(keyValueTokenSecurityEvent.getSecurityToken() instanceof RsaKeyValueSecurityToken)) {
                setErrorMessage("Policy enforces that a RsaKeyValue must be present in the KeyValueToken but we got a " + keyValueTokenSecurityEvent.getSecurityToken().getClass().getSimpleName());
                getPolicyAsserter().unassertPolicy(new QName(namespaceURI, SPConstants.RSA_KEY_VALUE), getErrorMessage());
                return false;
            }
            getPolicyAsserter().assertPolicy(new QName(namespaceURI, SPConstants.RSA_KEY_VALUE));
        }
        getPolicyAsserter().assertPolicy(getAssertion());
        return true;
    }
}
