package org.picketlink.trust.jbossws.jaas;

import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.net.ssl.SSLSocketFactory;
import javax.security.auth.login.LoginException;
import javax.xml.ws.Binding;
import javax.xml.ws.Dispatch;
import javax.xml.ws.handler.Handler;
import org.jboss.logging.Logger;
import org.picketlink.identity.federation.bindings.jboss.subject.PicketLinkPrincipal;
import org.picketlink.identity.federation.core.util.StringUtil;
import org.picketlink.identity.federation.core.wstrust.STSClient;
import org.picketlink.identity.federation.core.wstrust.STSClientConfig;
import org.picketlink.identity.federation.core.wstrust.SamlCredential;
import org.picketlink.identity.federation.core.wstrust.auth.STSIssuingLoginModule;
import org.picketlink.trust.jbossws.PicketLinkDispatch;
import org.picketlink.trust.jbossws.handler.BinaryTokenHandler;
import org.picketlink.trust.jbossws.handler.SAML2Handler;

/* loaded from: input_file:org/picketlink/trust/jbossws/jaas/JBWSTokenIssuingLoginModule.class */
public class JBWSTokenIssuingLoginModule extends STSIssuingLoginModule {
    public static final String WSA_ISSUER = "wsaIssuer";
    public static final String WSP_APPIESTO = "wspAppliesTo";

    /* loaded from: input_file:org/picketlink/trust/jbossws/jaas/JBWSTokenIssuingLoginModule$JBWSTokenClient.class */
    public class JBWSTokenClient extends STSClient {
        private Logger log;
        private boolean trace;

        public JBWSTokenClient() {
            this.log = Logger.getLogger(JBWSTokenClient.class);
            this.trace = this.log.isTraceEnabled();
        }

        public JBWSTokenClient(STSClientConfig sTSClientConfig) {
            super(sTSClientConfig);
            this.log = Logger.getLogger(JBWSTokenClient.class);
            this.trace = this.log.isTraceEnabled();
        }

        public JBWSTokenClient(STSClientConfig sTSClientConfig, Map<String, ?> map) {
            super(sTSClientConfig);
            this.log = Logger.getLogger(JBWSTokenClient.class);
            this.trace = this.log.isTraceEnabled();
            Dispatch dispatch = super.getDispatch();
            String str = (String) map.get("overrideDispatch");
            if (StringUtil.isNotNull(str) && Boolean.valueOf(str).booleanValue()) {
                dispatch = new PicketLinkDispatch(dispatch, (String) map.get("endpointAddress"));
                String str2 = (String) map.get("useWSSE");
                if (StringUtil.isNotNull(str2) && str2.equalsIgnoreCase("true")) {
                    ((PicketLinkDispatch) dispatch).setUseWSSE(true);
                }
            }
            Binding binding = dispatch.getBinding();
            List handlerChain = binding.getHandlerChain();
            String str3 = (String) map.get("handlerChain");
            if (StringUtil.isNotNull(str3)) {
                for (String str4 : StringUtil.tokenize(str3)) {
                    if (str4.equalsIgnoreCase("binary")) {
                        handlerChain.add(new BinaryTokenHandler());
                    } else if (str4.equalsIgnoreCase("saml2")) {
                        handlerChain.add(new SAML2Handler());
                    } else {
                        try {
                            handlerChain.add((Handler) SecurityActions.getClassLoader(getClass()).loadClass(str4).newInstance());
                        } catch (Exception e) {
                            throw new RuntimeException("PL00086: Cannot create instance of:Unable to instantiate handler:" + str4, e);
                        }
                    }
                }
            }
            binding.setHandlerChain(handlerChain);
            setDispatch(dispatch);
            String str5 = (String) map.get("securityDomainForFactory");
            if (StringUtil.isNotNull(str5)) {
                if (this.trace) {
                    this.log.trace("We got security domain for domain ssl factory = " + str5);
                    this.log.trace("Setting it on the system property org.jboss.security.ssl.domain.name");
                }
                SecurityActions.setSystemProperty("org.jboss.security.ssl.domain.name", str5);
                dispatch.getRequestContext().put("org.jboss.ws.socketFactory", "org.jboss.security.ssl.JaasSecurityDomainSocketFactory");
                if (dispatch instanceof PicketLinkDispatch) {
                    ClassLoader classLoader = SecurityActions.getClassLoader(getClass());
                    SSLSocketFactory sSLSocketFactory = null;
                    try {
                        if (classLoader == null) {
                            if (this.trace) {
                                this.log.trace("Classloader is null. Unable to set the SSLSocketFactory on PicketLinkDispatch");
                                return;
                            }
                            return;
                        }
                        try {
                            sSLSocketFactory = (SSLSocketFactory) classLoader.loadClass("org.jboss.security.ssl.JaasSecurityDomainSocketFactory").newInstance();
                            if (sSLSocketFactory == null) {
                                throw new RuntimeException(" We did not find SSL Socket Factory");
                            }
                            ((PicketLinkDispatch) dispatch).setSSLSocketFactory(sSLSocketFactory);
                        } catch (Exception e2) {
                            try {
                                sSLSocketFactory = (SSLSocketFactory) SecurityActions.getContextClassLoader().loadClass("org.jboss.security.ssl.JaasSecurityDomainSocketFactory").newInstance();
                                if (sSLSocketFactory == null) {
                                    throw new RuntimeException(" We did not find SSL Socket Factory");
                                }
                                ((PicketLinkDispatch) dispatch).setSSLSocketFactory(sSLSocketFactory);
                            } catch (Exception e3) {
                                throw new RuntimeException("PL00102: Processing Exception:Unable to create SSL Socket Factory:", e3);
                            }
                        }
                    } catch (Throwable th) {
                        if (sSLSocketFactory == null) {
                            throw new RuntimeException(" We did not find SSL Socket Factory");
                        }
                        ((PicketLinkDispatch) dispatch).setSSLSocketFactory(sSLSocketFactory);
                        throw th;
                    }
                }
            }
        }
    }

    protected STSClientConfig.Builder createBuilder() {
        STSClientConfig.Builder createBuilder = super.createBuilder();
        createBuilder.wsaIssuer((String) this.options.get(WSA_ISSUER));
        createBuilder.wspAppliesTo((String) this.options.get(WSP_APPIESTO));
        return createBuilder;
    }

    protected STSClient createWSTrustClient(STSClientConfig sTSClientConfig) {
        return new JBWSTokenClient(sTSClientConfig, this.options);
    }

    public boolean commit() throws LoginException {
        boolean commit = super.commit();
        if (commit) {
            SamlCredential samlCredential = null;
            Iterator<Object> it = this.subject.getPublicCredentials().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                Object next = it.next();
                if (next instanceof SamlCredential) {
                    samlCredential = (SamlCredential) next;
                    break;
                }
            }
            if (samlCredential == null) {
                throw new LoginException("PL00092: Null Value:SamlCredential is not available in subject");
            }
            PicketLinkPrincipal picketLinkPrincipal = new PicketLinkPrincipal("");
            if (super.isUseFirstPass()) {
                this.sharedState.put("javax.security.auth.login.name", picketLinkPrincipal);
                ((STSIssuingLoginModule) this).sharedState.put("javax.security.auth.login.password", samlCredential);
            }
        }
        return commit;
    }
}
