package org.apache.cxf.ws.security.policy.interceptors;

import java.util.Arrays;
import java.util.Collection;
import java.util.Iterator;
import java.util.Vector;
import org.apache.cxf.Bus;
import org.apache.cxf.endpoint.Endpoint;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.Message;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.apache.cxf.ws.addressing.AddressingProperties;
import org.apache.cxf.ws.addressing.JAXWSAConstants;
import org.apache.cxf.ws.policy.AbstractPolicyInterceptorProvider;
import org.apache.cxf.ws.policy.AssertionInfo;
import org.apache.cxf.ws.policy.AssertionInfoMap;
import org.apache.cxf.ws.security.SecurityConstants;
import org.apache.cxf.ws.security.policy.SP11Constants;
import org.apache.cxf.ws.security.policy.SP12Constants;
import org.apache.cxf.ws.security.policy.model.IssuedToken;
import org.apache.cxf.ws.security.policy.model.Trust10;
import org.apache.cxf.ws.security.policy.model.Trust13;
import org.apache.cxf.ws.security.tokenstore.MemoryTokenStore;
import org.apache.cxf.ws.security.tokenstore.SecurityToken;
import org.apache.cxf.ws.security.tokenstore.TokenStore;
import org.apache.cxf.ws.security.trust.STSClient;
import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.apache.ws.security.handler.WSHandlerResult;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/cxf-bundle-2.2.6.jar:org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.class
 */
/* loaded from: input_file:WEB-INF/lib/cxf-rt-ws-security-2.2.6.jar:org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.class */
public class IssuedTokenInterceptorProvider extends AbstractPolicyInterceptorProvider {

    /* JADX WARN: Classes with same name are omitted:
      input_file:WEB-INF/lib/cxf-bundle-2.2.6.jar:org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider$IssuedTokenInInterceptor.class
     */
    /* loaded from: input_file:WEB-INF/lib/cxf-rt-ws-security-2.2.6.jar:org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider$IssuedTokenInInterceptor.class */
    static class IssuedTokenInInterceptor extends AbstractPhaseInterceptor<Message> {
        public IssuedTokenInInterceptor() {
            super(Phase.PRE_PROTOCOL);
            addAfter(WSS4JInInterceptor.class.getName());
        }

        @Override // org.apache.cxf.interceptor.Interceptor
        public void handleMessage(Message message) throws Fault {
            Collection<AssertionInfo> collection;
            AssertionInfoMap assertionInfoMap = (AssertionInfoMap) message.get(AssertionInfoMap.class);
            if (assertionInfoMap == null || (collection = assertionInfoMap.get(SP12Constants.ISSUED_TOKEN)) == null) {
                return;
            }
            if (isRequestor(message)) {
                Iterator<AssertionInfo> it = collection.iterator();
                while (it.hasNext()) {
                    it.next().setAsserted(true);
                }
                return;
            }
            boolean z = false;
            Vector vector = (Vector) message.get(WSHandlerConstants.RECV_RESULTS);
            for (int i = 0; i < vector.size(); i++) {
                for (int i2 = 0; i2 < ((WSHandlerResult) vector.get(i)).getResults().size(); i2++) {
                    z = true;
                }
            }
            Iterator<AssertionInfo> it2 = collection.iterator();
            while (it2.hasNext()) {
                it2.next().setAsserted(z);
            }
        }
    }

    /* JADX WARN: Classes with same name are omitted:
      input_file:WEB-INF/lib/cxf-bundle-2.2.6.jar:org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.class
     */
    /* loaded from: input_file:WEB-INF/lib/cxf-rt-ws-security-2.2.6.jar:org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.class */
    static class IssuedTokenOutInterceptor extends AbstractPhaseInterceptor<Message> {
        public IssuedTokenOutInterceptor() {
            super(Phase.PREPARE_SEND);
        }

        /* JADX WARN: Finally extract failed */
        @Override // org.apache.cxf.interceptor.Interceptor
        public void handleMessage(Message message) throws Fault {
            Collection<AssertionInfo> collection;
            String str;
            AssertionInfoMap assertionInfoMap = (AssertionInfoMap) message.get(AssertionInfoMap.class);
            if (assertionInfoMap == null || (collection = assertionInfoMap.get(SP12Constants.ISSUED_TOKEN)) == null || collection.isEmpty()) {
                return;
            }
            if (!isRequestor(message)) {
                Iterator<AssertionInfo> it = collection.iterator();
                while (it.hasNext()) {
                    it.next().setAsserted(true);
                }
                return;
            }
            IssuedToken issuedToken = (IssuedToken) collection.iterator().next().getAssertion();
            SecurityToken securityToken = (SecurityToken) message.getContextualProperty(SecurityConstants.TOKEN);
            if (securityToken == null && (str = (String) message.getContextualProperty(SecurityConstants.TOKEN_ID)) != null) {
                securityToken = IssuedTokenInterceptorProvider.getTokenStore(message).getToken(str);
            }
            if (securityToken == null) {
                STSClient client = IssuedTokenInterceptorProvider.getClient(message);
                AddressingProperties addressingProperties = (AddressingProperties) message.get("javax.xml.ws.addressing.context.outbound");
                if (addressingProperties == null) {
                    addressingProperties = (AddressingProperties) message.get(JAXWSAConstants.CLIENT_ADDRESSING_PROPERTIES);
                }
                synchronized (client) {
                    try {
                        try {
                            client.setTrust(getTrust10(assertionInfoMap));
                            client.setTrust(getTrust13(assertionInfoMap));
                            client.setTemplate(issuedToken.getRstTemplate());
                            if (addressingProperties == null) {
                                securityToken = client.requestSecurityToken();
                            } else {
                                String obj = message.getContextualProperty(Message.ENDPOINT_ADDRESS).toString();
                                client.setAddressingNamespace(addressingProperties.getNamespaceURI());
                                securityToken = client.requestSecurityToken(obj);
                            }
                            client.setTrust((Trust10) null);
                            client.setTrust((Trust13) null);
                            client.setTemplate(null);
                            client.setAddressingNamespace(null);
                        } catch (RuntimeException e) {
                            throw e;
                        } catch (Exception e2) {
                            throw new Fault(e2);
                        }
                    } catch (Throwable th) {
                        client.setTrust((Trust10) null);
                        client.setTrust((Trust13) null);
                        client.setTemplate(null);
                        client.setAddressingNamespace(null);
                        throw th;
                    }
                }
            }
            if (securityToken != null) {
                Iterator<AssertionInfo> it2 = collection.iterator();
                while (it2.hasNext()) {
                    it2.next().setAsserted(true);
                }
                ((Endpoint) message.getExchange().get(Endpoint.class)).put(SecurityConstants.TOKEN_ID, securityToken.getId());
                IssuedTokenInterceptorProvider.getTokenStore(message).add(securityToken);
            }
        }

        private Trust10 getTrust10(AssertionInfoMap assertionInfoMap) {
            Collection<AssertionInfo> collection = assertionInfoMap.get(SP11Constants.TRUST_10);
            if (collection == null || collection.isEmpty()) {
                return null;
            }
            return (Trust10) collection.iterator().next().getAssertion();
        }

        private Trust13 getTrust13(AssertionInfoMap assertionInfoMap) {
            Collection<AssertionInfo> collection = assertionInfoMap.get(SP12Constants.TRUST_13);
            if (collection == null || collection.isEmpty()) {
                return null;
            }
            return (Trust13) collection.iterator().next().getAssertion();
        }
    }

    public IssuedTokenInterceptorProvider() {
        super(Arrays.asList(SP11Constants.ISSUED_TOKEN, SP12Constants.ISSUED_TOKEN));
        getOutInterceptors().add(new IssuedTokenOutInterceptor());
        getOutFaultInterceptors().add(new IssuedTokenOutInterceptor());
        getInInterceptors().add(new IssuedTokenInInterceptor());
        getInFaultInterceptors().add(new IssuedTokenInInterceptor());
    }

    static final TokenStore getTokenStore(Message message) {
        TokenStore tokenStore = (TokenStore) message.getContextualProperty(TokenStore.class.getName());
        if (tokenStore == null) {
            tokenStore = new MemoryTokenStore();
            ((Endpoint) message.getExchange().get(Endpoint.class)).getEndpointInfo().setProperty(TokenStore.class.getName(), tokenStore);
        }
        return tokenStore;
    }

    static STSClient getClient(Message message) {
        STSClient sTSClient = (STSClient) message.getContextualProperty(SecurityConstants.STS_CLIENT);
        if (sTSClient == null) {
            sTSClient = new STSClient((Bus) message.getExchange().get(Bus.class));
            Endpoint endpoint = (Endpoint) message.getExchange().get(Endpoint.class);
            sTSClient.setEndpointName(endpoint.getEndpointInfo().getName().toString() + ".sts-client");
            sTSClient.setBeanName(endpoint.getEndpointInfo().getName().toString() + ".sts-client");
        }
        return sTSClient;
    }
}
