package com.sun.xml.wss.impl.filter;

import com.sun.xml.ws.security.opt.impl.JAXBFilterProcessingContext;
import com.sun.xml.ws.security.opt.impl.crypto.SSEData;
import com.sun.xml.ws.security.opt.impl.message.GSHeaderElement;
import com.sun.xml.ws.security.opt.impl.reference.KeyIdentifier;
import com.sun.xml.ws.security.opt.impl.util.NamespaceContextEx;
import com.sun.xml.ws.security.opt.impl.util.WSSElementFactory;
import com.sun.xml.wss.XWSSecurityException;
import com.sun.xml.wss.core.SecurityHeader;
import com.sun.xml.wss.core.SecurityTokenReference;
import com.sun.xml.wss.impl.FilterProcessingContext;
import com.sun.xml.wss.impl.MessageConstants;
import com.sun.xml.wss.impl.SecurableSoapMessage;
import com.sun.xml.wss.impl.configuration.DynamicApplicationContext;
import com.sun.xml.wss.impl.keyinfo.KeyIdentifierStrategy;
import com.sun.xml.wss.impl.policy.mls.AuthenticationTokenPolicy;
import com.sun.xml.wss.saml.Assertion;
import com.sun.xml.wss.saml.SAMLException;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:spg-ui-war-3.0.5.war:WEB-INF/lib/xws-security-3.0.jar:com/sun/xml/wss/impl/filter/ExportSamlAssertionFilter.class */
public class ExportSamlAssertionFilter {
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v103, types: [com.sun.xml.wss.saml.assertion.saml20.jaxb20.Assertion] */
    /* JADX WARN: Type inference failed for: r0v118, types: [com.sun.xml.wss.saml.assertion.saml11.jaxb10.Assertion] */
    /* JADX WARN: Type inference failed for: r0v121, types: [com.sun.xml.wss.saml.assertion.saml11.jaxb20.Assertion] */
    /* JADX WARN: Type inference failed for: r1v47, types: [org.w3c.dom.Node] */
    /* JADX WARN: Type inference failed for: r1v54, types: [org.w3c.dom.Node] */
    /* JADX WARN: Type inference failed for: r1v55, types: [org.w3c.dom.Node] */
    public static void process(FilterProcessingContext filterProcessingContext) throws XWSSecurityException {
        boolean z = false;
        SecurableSoapMessage securableSoapMessage = null;
        SecurityHeader securityHeader = null;
        com.sun.xml.ws.security.opt.impl.outgoing.SecurityHeader securityHeader2 = null;
        GSHeaderElement gSHeaderElement = null;
        if (filterProcessingContext instanceof JAXBFilterProcessingContext) {
            z = true;
            securityHeader2 = ((JAXBFilterProcessingContext) filterProcessingContext).getSecurityHeader();
        } else {
            securableSoapMessage = filterProcessingContext.getSecurableSoapMessage();
            securityHeader = securableSoapMessage.findOrCreateSecurityHeader();
        }
        AuthenticationTokenPolicy authenticationTokenPolicy = (AuthenticationTokenPolicy) filterProcessingContext.getSecurityPolicy();
        AuthenticationTokenPolicy.SAMLAssertionBinding sAMLAssertionBinding = (AuthenticationTokenPolicy.SAMLAssertionBinding) authenticationTokenPolicy.getFeatureBinding();
        if (sAMLAssertionBinding.getIncludeToken() == AuthenticationTokenPolicy.SAMLAssertionBinding.INCLUDE_ONCE) {
            throw new XWSSecurityException("Include Token ONCE not supported for SAMLToken Assertions");
        }
        if (sAMLAssertionBinding.getAssertionType() != "SV") {
            throw new XWSSecurityException("Internal Error: ExportSamlAssertionFilter called for HOK assertion");
        }
        AuthenticationTokenPolicy.SAMLAssertionBinding sAMLAssertionBinding2 = (AuthenticationTokenPolicy.SAMLAssertionBinding) authenticationTokenPolicy.getFeatureBinding();
        sAMLAssertionBinding2.isReadOnly(true);
        DynamicApplicationContext dynamicApplicationContext = new DynamicApplicationContext(filterProcessingContext.getPolicyContext());
        dynamicApplicationContext.setMessageIdentifier(filterProcessingContext.getMessageIdentifier());
        dynamicApplicationContext.inBoundMessage(false);
        AuthenticationTokenPolicy.SAMLAssertionBinding populateSAMLPolicy = filterProcessingContext.getSecurityEnvironment().populateSAMLPolicy(filterProcessingContext.getExtraneousProperties(), sAMLAssertionBinding2, dynamicApplicationContext);
        Assertion assertion = null;
        Element assertion2 = populateSAMLPolicy.getAssertion();
        Element authorityBinding = populateSAMLPolicy.getAuthorityBinding();
        try {
            assertion = System.getProperty("com.sun.xml.wss.saml.binding.jaxb") == null ? assertion2.getAttributeNode(MessageConstants.SAML_ID_LNAME) != null ? com.sun.xml.wss.saml.assertion.saml20.jaxb20.Assertion.fromElement(assertion2) : com.sun.xml.wss.saml.assertion.saml11.jaxb20.Assertion.fromElement(assertion2) : com.sun.xml.wss.saml.assertion.saml11.jaxb10.Assertion.fromElement(assertion2);
        } catch (SAMLException e) {
        }
        if (sAMLAssertionBinding2.getIncludeToken() == AuthenticationTokenPolicy.SAMLAssertionBinding.INCLUDE_NEVER && authorityBinding != null) {
            assertion2 = null;
        }
        if (assertion == null && authorityBinding == null) {
            throw new XWSSecurityException("None of SAML Assertion, SAML AuthorityBinding information was set into  the Policy by the CallbackHandler");
        }
        if (assertion != null) {
            if (assertion.getVersion() == null && authorityBinding == null) {
                if (z) {
                    gSHeaderElement = new GSHeaderElement(assertion2, ((JAXBFilterProcessingContext) filterProcessingContext).getSOAPVersion());
                    if (securityHeader2.getChildElement(gSHeaderElement.getId()) != null) {
                        return;
                    } else {
                        securityHeader2.add(gSHeaderElement);
                    }
                } else if (System.getProperty("com.sun.xml.wss.saml.binding.jaxb") == null) {
                    ((com.sun.xml.wss.saml.assertion.saml11.jaxb20.Assertion) assertion).toElement(securityHeader);
                } else {
                    ((com.sun.xml.wss.saml.assertion.saml11.jaxb10.Assertion) assertion).toElement(securityHeader);
                }
                filterProcessingContext.getTokenCache().put(assertion.getAssertionID(), assertion);
            } else if (assertion.getVersion() != null) {
                if (z) {
                    gSHeaderElement = new GSHeaderElement(assertion2, ((JAXBFilterProcessingContext) filterProcessingContext).getSOAPVersion());
                    if (securityHeader2.getChildElement(gSHeaderElement.getId()) != null) {
                        return;
                    } else {
                        securityHeader2.add(gSHeaderElement);
                    }
                } else {
                    ((com.sun.xml.wss.saml.assertion.saml20.jaxb20.Assertion) assertion).toElement(securityHeader);
                }
                filterProcessingContext.getTokenCache().put(assertion.getID(), assertion);
            } else if (null == populateSAMLPolicy.getSTRID()) {
                throw new XWSSecurityException("Unsupported configuration: required wsu:Id value  for SecurityTokenReference to Remote SAML Assertion not found  in Policy");
            }
        }
        if (null != populateSAMLPolicy.getSTRID()) {
            if (assertion == null && null == populateSAMLPolicy.getAssertionId()) {
                throw new XWSSecurityException("None of SAML Assertion, SAML Assertion Id information was set into  the Policy by the CallbackHandler");
            }
            String assertionId = populateSAMLPolicy.getAssertionId();
            if (assertion != null) {
                assertionId = assertion.getAssertionID();
            }
            if (!z) {
                SecurityTokenReference securityTokenReference = new SecurityTokenReference((Document) securableSoapMessage.getSOAPPart());
                securityTokenReference.setWsuId(populateSAMLPolicy.getSTRID());
                if (assertion.getVersion() != null) {
                    securityTokenReference.setTokenType(MessageConstants.WSSE_SAML_v2_0_TOKEN_TYPE);
                } else {
                    securityTokenReference.setTokenType("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1");
                }
                if (authorityBinding != null) {
                    securityTokenReference.setSamlAuthorityBinding(authorityBinding, securableSoapMessage.getSOAPPart());
                }
                new KeyIdentifierStrategy(assertionId).insertKey(securityTokenReference, filterProcessingContext.getSecurableSoapMessage());
                securityHeader.insertHeaderBlock(securityTokenReference);
                return;
            }
            JAXBFilterProcessingContext jAXBFilterProcessingContext = (JAXBFilterProcessingContext) filterProcessingContext;
            WSSElementFactory wSSElementFactory = new WSSElementFactory(jAXBFilterProcessingContext.getSOAPVersion());
            KeyIdentifier createKeyIdentifier = wSSElementFactory.createKeyIdentifier();
            createKeyIdentifier.setValue(assertionId);
            createKeyIdentifier.setValueType(MessageConstants.WSSE_SAML_KEY_IDENTIFIER_VALUE_TYPE);
            com.sun.xml.ws.security.opt.impl.keyinfo.SecurityTokenReference createSecurityTokenReference = wSSElementFactory.createSecurityTokenReference(createKeyIdentifier);
            String strid = populateSAMLPolicy.getSTRID();
            createSecurityTokenReference.setId(strid);
            if ("true".equals(jAXBFilterProcessingContext.getExtraneousProperty("EnableWSS11PolicySender"))) {
                if (assertion.getVersion() != null) {
                    createSecurityTokenReference.setTokenType(MessageConstants.WSSE_SAML_v2_0_TOKEN_TYPE);
                } else {
                    createSecurityTokenReference.setTokenType("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1");
                }
                ((NamespaceContextEx) jAXBFilterProcessingContext.getNamespaceContext()).addWSS11NS();
            }
            jAXBFilterProcessingContext.getElementCache().put(strid, new SSEData(gSHeaderElement, false, jAXBFilterProcessingContext.getNamespaceContext()));
            securityHeader2.add(createSecurityTokenReference);
        }
    }
}
