package com.sun.xml.xwss;

import com.sun.xml.messaging.saaj.soap.ExpressMessageFactoryImpl;
import com.sun.xml.ws.spi.runtime.MessageContext;
import com.sun.xml.ws.spi.runtime.SOAPMessageContext;
import com.sun.xml.ws.spi.runtime.SystemHandlerDelegate;
import com.sun.xml.wss.ProcessingContext;
import com.sun.xml.wss.XWSSecurityException;
import com.sun.xml.wss.impl.MessageConstants;
import com.sun.xml.wss.impl.PolicyTypeUtil;
import com.sun.xml.wss.impl.PolicyViolationException;
import com.sun.xml.wss.impl.SecurableSoapMessage;
import com.sun.xml.wss.impl.SecurityAnnotator;
import com.sun.xml.wss.impl.SecurityRecipient;
import com.sun.xml.wss.impl.WssSoapFaultException;
import com.sun.xml.wss.impl.config.ApplicationSecurityConfiguration;
import com.sun.xml.wss.impl.config.DeclarativeSecurityConfiguration;
import com.sun.xml.wss.impl.configuration.StaticApplicationContext;
import com.sun.xml.wss.impl.filter.DumpFilter;
import com.sun.xml.wss.impl.misc.SecurityUtil;
import com.sun.xml.wss.impl.policy.SecurityPolicy;
import com.sun.xml.wss.impl.policy.mls.MessagePolicy;
import java.io.InputStream;
import java.net.URL;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.ServletContext;
import javax.xml.namespace.QName;
import javax.xml.soap.MessageFactory;
import javax.xml.soap.SOAPBody;
import javax.xml.soap.SOAPConstants;
import javax.xml.soap.SOAPException;
import javax.xml.soap.SOAPFactory;
import javax.xml.soap.SOAPFault;
import javax.xml.soap.SOAPMessage;
import javax.xml.ws.WebServiceException;
import javax.xml.ws.handler.MessageContext;
import javax.xml.ws.soap.SOAPFaultException;
import org.apache.cxf.message.Message;
import org.springframework.web.context.support.XmlWebApplicationContext;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:spg-ui-war-2.1.0.war:WEB-INF/lib/xws-security-3.0.jar:com/sun/xml/xwss/SystemHandlerDelegateImpl.class */
public class SystemHandlerDelegateImpl implements SystemHandlerDelegate {
    private HashMap service_to_configMap = new HashMap();
    private SecurityConfiguration config = null;
    private static final String MESSAGE_SECURITY_CONFIGURATION = "com.sun.xml.ws.security.configuration";
    private static final String CONTEXT_WSDL_OPERATION = "com.sun.xml.ws.wsdl.operation";
    private MessageFactory soap11MF;
    private MessageFactory soap12MF;
    private ExpressMessageFactoryImpl expMF;
    private static final String FAILURE = "com.sun.xml.ws.shd.failure";
    private static final String TRUE = "true";
    private static final String FALSE = "false";
    private static boolean nonOpt;
    private static final String ENCRYPTED_BODY_QNAME = "{http://www.w3.org/2001/04/xmlenc#}EncryptedData";
    private static SOAPFactory sf11;
    private static SOAPFactory sf12;

    public SystemHandlerDelegateImpl() {
        this.soap11MF = null;
        this.soap12MF = null;
        this.expMF = null;
        try {
            this.soap11MF = MessageFactory.newInstance();
            this.soap12MF = MessageFactory.newInstance("SOAP 1.2 Protocol");
            this.expMF = new ExpressMessageFactoryImpl();
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private String getServiceName(MessageContext messageContext) {
        QName qName = (QName) messageContext.get(Message.WSDL_SERVICE);
        return qName != null ? qName.getLocalPart() : "server";
    }

    private InputStream getServerConfigStream(String str, MessageContext messageContext) {
        String str2 = XmlWebApplicationContext.DEFAULT_CONFIG_LOCATION_PREFIX + str + "_security_config.xml";
        ServletContext servletContext = (ServletContext) messageContext.get("javax.xml.ws.servlet.context");
        if (servletContext == null) {
            return null;
        }
        return servletContext.getResourceAsStream(str2);
    }

    private URL getServerConfig(String str, MessageContext messageContext) {
        String str2 = XmlWebApplicationContext.DEFAULT_CONFIG_LOCATION_PREFIX + str + "_security_config.xml";
        Object obj = messageContext.get("javax.xml.ws.servlet.context");
        return obj == null ? SecurityUtil.loadFromClasspath("META-INF/" + str + "_security_config.xml") : SecurityUtil.loadFromContext(str2, obj);
    }

    private void debugProperties(MessageContext messageContext) {
    }

    private void setSecurityConfiguration(MessageContext messageContext) throws XWSSecurityException {
        SecurityConfiguration securityConfiguration;
        if (this.config != null) {
            if (this.config.isEmpty()) {
                return;
            }
            messageContext.put("com.sun.xml.ws.security.configuration", this.config);
            return;
        }
        String serviceName = getServiceName(messageContext);
        SecurityConfiguration securityConfiguration2 = (SecurityConfiguration) this.service_to_configMap.get(serviceName);
        if (securityConfiguration2 != null && !securityConfiguration2.isEmpty()) {
            messageContext.put("com.sun.xml.ws.security.configuration", securityConfiguration2);
            return;
        }
        synchronized (this.service_to_configMap) {
            SecurityConfiguration securityConfiguration3 = (SecurityConfiguration) this.service_to_configMap.get(serviceName);
            if (securityConfiguration3 == null) {
                securityConfiguration = new SecurityConfiguration(getServerConfig(serviceName, messageContext));
                if (!securityConfiguration.isEmpty()) {
                    this.service_to_configMap.put(serviceName, securityConfiguration);
                }
            } else {
                securityConfiguration = securityConfiguration3;
            }
        }
        if (!securityConfiguration.isEmpty()) {
            messageContext.put("com.sun.xml.ws.security.configuration", securityConfiguration);
            return;
        }
        synchronized (this.service_to_configMap) {
            if (this.config == null) {
                this.config = new SecurityConfiguration(getServerConfig("server", messageContext));
            }
        }
        if (this.config.isEmpty()) {
            return;
        }
        messageContext.put("com.sun.xml.ws.security.configuration", this.config);
    }

    public boolean processRequest(MessageContext messageContext) throws RuntimeException {
        debugProperties(messageContext);
        Boolean bool = (Boolean) messageContext.get("javax.xml.ws.handler.message.outbound");
        try {
            if (bool == null ? true : bool.booleanValue()) {
                return secureRequest((SOAPMessageContext) messageContext);
            }
            setSecurityConfiguration(messageContext);
            return validateRequest((SOAPMessageContext) messageContext);
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public void processResponse(MessageContext messageContext) throws RuntimeException {
        debugProperties(messageContext);
        Boolean bool = (Boolean) messageContext.get("javax.xml.ws.handler.message.outbound");
        try {
            if (!(bool == null ? true : bool.booleanValue())) {
                validateResponse((SOAPMessageContext) messageContext);
            } else {
                setSecurityConfiguration(messageContext);
                secureResponse((SOAPMessageContext) messageContext);
            }
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private StaticApplicationContext getPolicyContext(SOAPMessageContext sOAPMessageContext) {
        StaticApplicationContext staticApplicationContext = new StaticApplicationContext((StaticApplicationContext) ((SecurityConfiguration) sOAPMessageContext.get("com.sun.xml.ws.security.configuration")).getSecurityConfiguration().getAllContexts().next());
        QName qName = (QName) sOAPMessageContext.get(Message.WSDL_PORT);
        staticApplicationContext.setPortIdentifier(qName == null ? "" : qName.toString());
        return staticApplicationContext;
    }

    private void copyToMessageContext(SOAPMessageContext sOAPMessageContext, ProcessingContext processingContext) throws Exception {
        sOAPMessageContext.setMessage(processingContext.getSOAPMessage());
        for (String str : processingContext.getExtraneousProperties().keySet()) {
            sOAPMessageContext.put(str, processingContext.getExtraneousProperties().get(str));
        }
    }

    private void copyToProcessingContext(ProcessingContext processingContext, SOAPMessageContext sOAPMessageContext) throws Exception {
        for (Map.Entry entry : sOAPMessageContext.entrySet()) {
            processingContext.setExtraneousProperty((String) entry.getKey(), entry.getValue());
        }
    }

    public void validateResponse(SOAPMessageContext sOAPMessageContext) throws Exception {
        boolean z = false;
        try {
            SecurityConfiguration securityConfiguration = (SecurityConfiguration) sOAPMessageContext.get("com.sun.xml.ws.security.configuration");
            if (securityConfiguration == null) {
                return;
            }
            if (sOAPMessageContext.getMessage().getClass().getName().equals("com.sun.xml.messaging.saaj.soap.ver1_2.Message1_2Impl")) {
                z = true;
            }
            String str = (String) sOAPMessageContext.get(CONTEXT_WSDL_OPERATION);
            StaticApplicationContext policyContext = getPolicyContext(sOAPMessageContext);
            policyContext.setOperationIdentifier(str);
            ApplicationSecurityConfiguration securityConfiguration2 = securityConfiguration.getSecurityConfiguration();
            SecurityPolicy securityConfiguration3 = securityConfiguration2.getSecurityConfiguration(policyContext);
            ProcessingContext processingContext = new ProcessingContext();
            copyToProcessingContext(processingContext, sOAPMessageContext);
            processingContext.setPolicyContext(policyContext);
            processingContext.setSOAPMessage(sOAPMessageContext.getMessage());
            if (PolicyTypeUtil.declarativeSecurityConfiguration(securityConfiguration3)) {
                processingContext.setSecurityPolicy(((DeclarativeSecurityConfiguration) securityConfiguration3).receiverSettings());
            } else {
                processingContext.setSecurityPolicy(securityConfiguration3);
            }
            processingContext.setSecurityEnvironment(securityConfiguration.getSecurityEnvironment());
            processingContext.isInboundMessage(true);
            if (securityConfiguration2.retainSecurityHeader()) {
                processingContext.retainSecurityHeader(true);
            }
            SecurityRecipient.validateMessage(processingContext);
            copyToMessageContext(sOAPMessageContext, processingContext);
            if (sOAPMessageContext.get(MessageConstants.AUTH_SUBJECT) != null) {
                sOAPMessageContext.setScope(MessageConstants.AUTH_SUBJECT, MessageContext.Scope.APPLICATION);
            }
        } catch (XWSSecurityException e) {
            throw getSOAPFaultException(SecurableSoapMessage.newSOAPFaultException(e.getCause() instanceof PolicyViolationException ? MessageConstants.WSSE_RECEIVER_POLICY_VIOLATION : MessageConstants.WSSE_FAILED_AUTHENTICATION, e.getMessage(), e), z);
        } catch (WssSoapFaultException e2) {
            throw getSOAPFaultException(e2, z);
        }
    }

    public boolean secureRequest(SOAPMessageContext sOAPMessageContext) throws Exception {
        try {
            SecurityConfiguration securityConfiguration = (SecurityConfiguration) sOAPMessageContext.get("com.sun.xml.ws.security.configuration");
            if (securityConfiguration == null) {
                return true;
            }
            QName qName = (QName) sOAPMessageContext.get(Message.WSDL_OPERATION);
            String operationName = qName == null ? getOperationName(sOAPMessageContext.getMessage()) : qName.toString();
            sOAPMessageContext.put(CONTEXT_WSDL_OPERATION, operationName);
            StaticApplicationContext policyContext = getPolicyContext(sOAPMessageContext);
            policyContext.setOperationIdentifier(operationName);
            ApplicationSecurityConfiguration securityConfiguration2 = securityConfiguration.getSecurityConfiguration();
            SecurityPolicy securityConfiguration3 = securityConfiguration2.getSecurityConfiguration(policyContext);
            ProcessingContext processingContext = new ProcessingContext();
            copyToProcessingContext(processingContext, sOAPMessageContext);
            processingContext.setPolicyContext(policyContext);
            if (PolicyTypeUtil.declarativeSecurityConfiguration(securityConfiguration3)) {
                processingContext.setSecurityPolicy(((DeclarativeSecurityConfiguration) securityConfiguration3).senderSettings());
            } else {
                processingContext.setSecurityPolicy(securityConfiguration3);
            }
            processingContext.setSecurityEnvironment(securityConfiguration.getSecurityEnvironment());
            processingContext.isInboundMessage(false);
            setSOAPMessage(sOAPMessageContext, processingContext, securityConfiguration2.isOptimized());
            SecurityAnnotator.secureMessage(processingContext);
            copyToMessageContext(sOAPMessageContext, processingContext);
            return true;
        } catch (XWSSecurityException e) {
            throw new WebServiceException(e);
        } catch (WssSoapFaultException e2) {
            addFault(e2, sOAPMessageContext.getMessage(), false);
            return true;
        }
    }

    public boolean validateRequest(SOAPMessageContext sOAPMessageContext) throws Exception {
        boolean z = false;
        try {
            SecurityConfiguration securityConfiguration = (SecurityConfiguration) sOAPMessageContext.get("com.sun.xml.ws.security.configuration");
            if (securityConfiguration == null) {
                return true;
            }
            SOAPMessage message = sOAPMessageContext.getMessage();
            if (message.getClass().getName().equals("com.sun.xml.messaging.saaj.soap.ver1_2.Message1_2Impl")) {
                z = true;
            }
            StaticApplicationContext staticApplicationContext = new StaticApplicationContext(getPolicyContext(sOAPMessageContext));
            ProcessingContext processingContext = new ProcessingContext();
            copyToProcessingContext(processingContext, sOAPMessageContext);
            processingContext.setSOAPMessage(sOAPMessageContext.getMessage());
            String operationName = getOperationName(message);
            ApplicationSecurityConfiguration securityConfiguration2 = securityConfiguration.getSecurityConfiguration();
            if (operationName.equals(ENCRYPTED_BODY_QNAME) && securityConfiguration2.hasOperationPolicies()) {
                SecurityPolicy securityPolicy = (ApplicationSecurityConfiguration) securityConfiguration2.getSecurityPolicies(staticApplicationContext).next();
                if (securityPolicy != null) {
                    processingContext.setPolicyContext(staticApplicationContext);
                    processingContext.setSecurityPolicy(securityPolicy);
                } else {
                    SecurityPolicy securityPolicy2 = (ApplicationSecurityConfiguration) securityConfiguration2.getAllTopLevelApplicationSecurityConfigurations().iterator().next();
                    processingContext.setPolicyContext(staticApplicationContext);
                    processingContext.setSecurityPolicy(securityPolicy2);
                }
            } else {
                staticApplicationContext.setOperationIdentifier(operationName);
                sOAPMessageContext.put(CONTEXT_WSDL_OPERATION, operationName);
                SecurityPolicy securityConfiguration3 = securityConfiguration2.getSecurityConfiguration(staticApplicationContext);
                processingContext.setPolicyContext(staticApplicationContext);
                if (PolicyTypeUtil.declarativeSecurityConfiguration(securityConfiguration3)) {
                    processingContext.setSecurityPolicy(((DeclarativeSecurityConfiguration) securityConfiguration3).receiverSettings());
                } else {
                    processingContext.setSecurityPolicy(securityConfiguration3);
                }
            }
            processingContext.setSecurityEnvironment(securityConfiguration.getSecurityEnvironment());
            processingContext.isInboundMessage(true);
            if (securityConfiguration2.retainSecurityHeader()) {
                processingContext.retainSecurityHeader(true);
            }
            SecurityRecipient.validateMessage(processingContext);
            sOAPMessageContext.put(CONTEXT_WSDL_OPERATION, getOperationName(message));
            copyToMessageContext(sOAPMessageContext, processingContext);
            if (sOAPMessageContext.get(MessageConstants.AUTH_SUBJECT) != null) {
                sOAPMessageContext.setScope(MessageConstants.AUTH_SUBJECT, MessageContext.Scope.APPLICATION);
            }
            return true;
        } catch (XWSSecurityException e) {
            WssSoapFaultException newSOAPFaultException = SecurableSoapMessage.newSOAPFaultException(e.getCause() instanceof PolicyViolationException ? MessageConstants.WSSE_RECEIVER_POLICY_VIOLATION : MessageConstants.WSSE_FAILED_AUTHENTICATION, e.getMessage(), e);
            sOAPMessageContext.put(FAILURE, "true");
            addFault(newSOAPFaultException, sOAPMessageContext.getMessage(), z);
            return false;
        } catch (WssSoapFaultException e2) {
            sOAPMessageContext.put(FAILURE, "true");
            addFault(e2, sOAPMessageContext.getMessage(), z);
            return false;
        }
    }

    public void secureResponse(SOAPMessageContext sOAPMessageContext) throws Exception {
        try {
            SecurityConfiguration securityConfiguration = (SecurityConfiguration) sOAPMessageContext.get("com.sun.xml.ws.security.configuration");
            if (securityConfiguration == null) {
                return;
            }
            ProcessingContext processingContext = new ProcessingContext();
            copyToProcessingContext(processingContext, sOAPMessageContext);
            if (sOAPMessageContext.get(FAILURE) == "true") {
                DumpFilter.process(processingContext);
                sOAPMessageContext.put(FAILURE, "false");
                return;
            }
            String str = (String) sOAPMessageContext.get(CONTEXT_WSDL_OPERATION);
            StaticApplicationContext staticApplicationContext = new StaticApplicationContext(getPolicyContext(sOAPMessageContext));
            staticApplicationContext.setOperationIdentifier(str);
            ApplicationSecurityConfiguration securityConfiguration2 = securityConfiguration.getSecurityConfiguration();
            SecurityPolicy securityConfiguration3 = securityConfiguration2.getSecurityConfiguration(staticApplicationContext);
            processingContext.setPolicyContext(staticApplicationContext);
            if (PolicyTypeUtil.declarativeSecurityConfiguration(securityConfiguration3)) {
                processingContext.setSecurityPolicy(((DeclarativeSecurityConfiguration) securityConfiguration3).senderSettings());
            } else {
                processingContext.setSecurityPolicy(securityConfiguration3);
            }
            processingContext.setSecurityEnvironment(securityConfiguration.getSecurityEnvironment());
            processingContext.isInboundMessage(false);
            setSOAPMessage(sOAPMessageContext, processingContext, securityConfiguration2.isOptimized());
            SecurityAnnotator.secureMessage(processingContext);
            copyToMessageContext(sOAPMessageContext, processingContext);
        } catch (XWSSecurityException e) {
            throw getSOAPFaultException(SecurableSoapMessage.newSOAPFaultException(MessageConstants.WSSE_INTERNAL_SERVER_ERROR, e.getMessage(), e), false);
        } catch (WssSoapFaultException e2) {
            throw getSOAPFaultException(e2, false);
        }
    }

    public SOAPFaultException getSOAPFaultException(WssSoapFaultException wssSoapFaultException, boolean z) {
        SOAPFault createFault;
        try {
            if (z) {
                createFault = sf12.createFault(wssSoapFaultException.getFaultString(), SOAPConstants.SOAP_SENDER_FAULT);
                createFault.appendFaultSubcode(wssSoapFaultException.getFaultCode());
            } else {
                createFault = sf11.createFault(wssSoapFaultException.getFaultString(), wssSoapFaultException.getFaultCode());
            }
            return new SOAPFaultException(createFault);
        } catch (Exception e) {
            throw new RuntimeException("com.sun.xml.rpc.security.SystemHandlerDelegateImpl: Internal Error while trying to create a SOAPFault");
        }
    }

    private String getOperationName(SOAPMessage sOAPMessage) throws Exception {
        if (sOAPMessage == null) {
            throw new XWSSecurityException("SOAPMessage in message context is null");
        }
        SOAPBody sOAPBody = sOAPMessage.getSOAPBody();
        if (sOAPBody == null) {
            throw new XWSSecurityException("No body element identifying an operation is found");
        }
        StringBuffer stringBuffer = new StringBuffer("");
        for (Node firstChild = sOAPBody.getFirstChild(); firstChild != null; firstChild = firstChild.getNextSibling()) {
            stringBuffer.append("{" + firstChild.getNamespaceURI() + "}" + firstChild.getLocalName() + ":");
        }
        String stringBuffer2 = stringBuffer.toString();
        return stringBuffer2.length() > 0 ? stringBuffer2.substring(0, stringBuffer2.length() - 1) : stringBuffer2;
    }

    public void preInvokeEndpointHook(com.sun.xml.ws.spi.runtime.MessageContext messageContext) {
    }

    private void setSOAPMessage(SOAPMessageContext sOAPMessageContext, ProcessingContext processingContext, boolean z) throws Exception {
        if (sOAPMessageContext.isAlreadySoap()) {
            processingContext.setSOAPMessage(sOAPMessageContext.getMessage());
            return;
        }
        if (nonOpt) {
            processingContext.setSOAPMessage(sOAPMessageContext.getMessage());
            return;
        }
        String str = (String) sOAPMessageContext.get("com.sun.xml.ws.client.ContentNegotiation");
        if (str != null && str.length() > 0 && "optimistic".equals(str)) {
            ExpressMessageFactoryImpl expressMessageFactoryImpl = this.expMF;
            processingContext.setSOAPMessage(ExpressMessageFactoryImpl.createMessage(sOAPMessageContext, false));
            return;
        }
        MessagePolicy messagePolicy = (MessagePolicy) processingContext.getSecurityPolicy();
        if (!z || messagePolicy.getOptimizedType() == 0) {
            ExpressMessageFactoryImpl expressMessageFactoryImpl2 = this.expMF;
            processingContext.setSOAPMessage(ExpressMessageFactoryImpl.createMessage(sOAPMessageContext, false));
        } else {
            ExpressMessageFactoryImpl expressMessageFactoryImpl3 = this.expMF;
            processingContext.setSOAPMessage(ExpressMessageFactoryImpl.createMessage(sOAPMessageContext));
            processingContext.setConfigType(messagePolicy.getOptimizedType());
        }
    }

    public void addFault(WssSoapFaultException wssSoapFaultException, SOAPMessage sOAPMessage, boolean z) throws SOAPException {
        SOAPBody sOAPBody = sOAPMessage.getSOAPBody();
        sOAPBody.removeContents();
        sOAPMessage.removeAllAttachments();
        QName faultCode = wssSoapFaultException.getFaultCode();
        if (faultCode == null) {
            faultCode = new QName("http://schemas.xmlsoap.org/soap/envelope/", "Client");
        }
        if (z) {
            sOAPBody.addFault(SOAPConstants.SOAP_SENDER_FAULT, wssSoapFaultException.getMessage()).appendFaultSubcode(faultCode);
        } else {
            sOAPBody.addFault(faultCode, wssSoapFaultException.getMessage());
        }
        NodeList elementsByTagNameNS = sOAPMessage.getSOAPPart().getEnvelope().getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", MessageConstants.WSSE_SECURITY_LNAME);
        if (elementsByTagNameNS.getLength() > 0) {
            Node item = elementsByTagNameNS.item(0);
            item.getParentNode().removeChild(item);
        }
    }

    static {
        nonOpt = false;
        try {
            String property = System.getProperty("jaxws.soapmessage", "false");
            if (property != null && property.length() > 0) {
                nonOpt = Boolean.parseBoolean(property);
            }
        } catch (Exception e) {
        }
        sf11 = null;
        sf12 = null;
        try {
            sf11 = SOAPFactory.newInstance();
            sf12 = SOAPFactory.newInstance("SOAP 1.2 Protocol");
        } catch (Exception e2) {
            throw new RuntimeException(e2);
        }
    }
}
