package com.sun.xml.wss.impl;

import com.sun.xml.wss.ProcessingContext;
import com.sun.xml.wss.XWSSecurityException;
import com.sun.xml.wss.core.SecurityHeader;
import com.sun.xml.wss.impl.filter.AuthenticationTokenFilter;
import com.sun.xml.wss.impl.filter.DumpFilter;
import com.sun.xml.wss.impl.filter.EncryptionFilter;
import com.sun.xml.wss.impl.filter.SignatureConfirmationFilter;
import com.sun.xml.wss.impl.filter.SignatureFilter;
import com.sun.xml.wss.impl.filter.TimestampFilter;
import com.sun.xml.wss.impl.policy.mls.MessagePolicy;
import com.sun.xml.wss.impl.policy.verifier.MessagePolicyVerifier;
import java.util.ArrayList;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.xml.soap.SOAPElement;
import javax.xml.soap.SOAPFactory;

/* loaded from: input_file:spg-ui-war-3.0.15.war:WEB-INF/lib/xws-security-3.0.jar:com/sun/xml/wss/impl/NewSecurityRecipient.class */
public class NewSecurityRecipient {
    private static Logger log = Logger.getLogger("javax.enterprise.resource.xml.webservices.security", "com.sun.xml.wss.logging.LogStrings");
    private static SOAPFactory sFactory;

    public static void validateMessage(ProcessingContext processingContext) throws XWSSecurityException {
        PolicyResolver policyResolver;
        HarnessUtil.validateContext(processingContext);
        FilterProcessingContext filterProcessingContext = new FilterProcessingContext(processingContext);
        filterProcessingContext.isInboundMessage(true);
        MessagePolicy messagePolicy = (MessagePolicy) filterProcessingContext.getSecurityPolicy();
        if (messagePolicy != null && messagePolicy.dumpMessages()) {
            DumpFilter.process(filterProcessingContext);
        }
        filterProcessingContext.setExtraneousProperty("EnableWSS11PolicyReceiver", "true");
        filterProcessingContext.setExtraneousProperty("receivedSignValues", new ArrayList());
        filterProcessingContext.setMode(3);
        pProcess(filterProcessingContext);
        boolean isTrustMessage = filterProcessingContext.isTrustMessage();
        if ((messagePolicy == null || messagePolicy.size() <= 0) && (policyResolver = (PolicyResolver) filterProcessingContext.getExtraneousProperty(ProcessingContext.OPERATION_RESOLVER)) != null && !isTrustMessage) {
            messagePolicy = policyResolver.resolvePolicy(filterProcessingContext);
        }
        if (messagePolicy != null) {
            try {
                if (messagePolicy.size() != 0 || !filterProcessingContext.getSOAPMessage().getSOAPBody().hasFault()) {
                    MessagePolicyVerifier messagePolicyVerifier = new MessagePolicyVerifier(processingContext, new TargetResolverImpl(processingContext));
                    if (!isTrustMessage) {
                        messagePolicyVerifier.verifyPolicy(filterProcessingContext.getInferredSecurityPolicy(), messagePolicy);
                    }
                    try {
                        filterProcessingContext.getSecurableSoapMessage().deleteSecurityHeader();
                        filterProcessingContext.getSOAPMessage().saveChanges();
                        return;
                    } catch (Exception e) {
                        log.log(Level.SEVERE, "WSS0370.error.deleting.secheader", (Throwable) e);
                        throw new XWSSecurityException(e);
                    }
                }
            } catch (Exception e2) {
                log.log(Level.SEVERE, "WSS0370.error.deleting.secheader", (Throwable) e2);
                throw new XWSSecurityException(e2);
            }
        }
        filterProcessingContext.getSecurableSoapMessage().deleteSecurityHeader();
        filterProcessingContext.getSOAPMessage().saveChanges();
    }

    private static void processCurrentHeader(FilterProcessingContext filterProcessingContext, SOAPElement sOAPElement, boolean z) throws XWSSecurityException {
        String localName = sOAPElement.getLocalName();
        if (z) {
            if ("UsernameToken".equals(localName)) {
                AuthenticationTokenFilter.processUserNameToken(filterProcessingContext);
                return;
            }
            if ("Timestamp".equals(localName)) {
                TimestampFilter.process(filterProcessingContext);
                return;
            }
            if (MessageConstants.SIGNATURE_CONFIRMATION_LNAME.equals(localName)) {
                SignatureConfirmationFilter.process(filterProcessingContext);
                return;
            }
            if (MessageConstants.WSSE_BINARY_SECURITY_TOKEN_LNAME.equals(localName)) {
                return;
            }
            if (MessageConstants.SAML_ASSERTION_LNAME.equals(localName)) {
                AuthenticationTokenFilter.processSamlToken(filterProcessingContext);
                return;
            } else {
                if (!"SecurityTokenReference".equals(localName) && MessageConstants.SECURITY_CONTEXT_TOKEN_LNAME.equals(localName)) {
                }
                return;
            }
        }
        if ("Signature".equals(localName)) {
            SignatureFilter.process(filterProcessingContext);
            return;
        }
        if ("EncryptedKey".equals(localName)) {
            try {
                if (sOAPElement.getChildElements(sFactory.createName(MessageConstants.XENC_REFERENCE_LIST_LNAME, MessageConstants.XENC_PREFIX, MessageConstants.XENC_NS)).hasNext()) {
                    EncryptionFilter.process(filterProcessingContext);
                    return;
                }
                return;
            } catch (Exception e) {
                log.log(Level.SEVERE, "WSS0252.failedto.getChildElement", (Throwable) e);
                throw new XWSSecurityException(e);
            }
        }
        if (MessageConstants.XENC_REFERENCE_LIST_LNAME.equals(localName)) {
            EncryptionFilter.process(filterProcessingContext);
            return;
        }
        if (MessageConstants.ENCRYPTED_DATA_LNAME.equals(localName)) {
            EncryptionFilter.process(filterProcessingContext);
        } else {
            if (HarnessUtil.isSecondaryHeaderElement(sOAPElement)) {
                return;
            }
            log.log(Level.SEVERE, "WSS0204.illegal.header.block", localName);
            HarnessUtil.throwWssSoapFault("Unrecognized header block: " + localName);
        }
    }

    private static void pProcess(FilterProcessingContext filterProcessingContext) throws XWSSecurityException {
        SecurityHeader findSecurityHeader = filterProcessingContext.getSecurableSoapMessage().findSecurityHeader();
        MessagePolicy messagePolicy = (MessagePolicy) filterProcessingContext.getSecurityPolicy();
        if (findSecurityHeader == null) {
            if (messagePolicy != null) {
                if (!PolicyTypeUtil.messagePolicy(messagePolicy)) {
                    log.log(Level.SEVERE, "WSS0253.invalid.Message");
                    throw new XWSSecurityException("Message does not conform to configured policy: No Security Header found in incoming message");
                }
                if (messagePolicy.isEmpty()) {
                    return;
                }
                log.log(Level.SEVERE, "WSS0253.invalid.Message");
                throw new XWSSecurityException("Message does not conform to configured policy: No Security Header found in incoming message");
            }
            return;
        }
        if (messagePolicy != null && messagePolicy.dumpMessages()) {
            DumpFilter.process(filterProcessingContext);
        }
        SOAPElement currentHeaderBlockElement = findSecurityHeader.getCurrentHeaderBlockElement();
        while (currentHeaderBlockElement != null) {
            processCurrentHeader(filterProcessingContext, currentHeaderBlockElement, false);
            currentHeaderBlockElement = findSecurityHeader.getCurrentHeaderBlockElement();
        }
        SOAPElement sOAPElement = currentHeaderBlockElement;
        findSecurityHeader.setCurrentHeaderElement(sOAPElement);
        while (sOAPElement != null) {
            processCurrentHeader(filterProcessingContext, sOAPElement, true);
            sOAPElement = findSecurityHeader.getCurrentHeaderBlockElement();
        }
    }

    public static void handleFault(ProcessingContext processingContext) {
    }

    static {
        sFactory = null;
        try {
            sFactory = SOAPFactory.newInstance();
        } catch (Exception e) {
            log.log(Level.SEVERE, "WSS0397.soap.factory.exception", (Throwable) e);
            throw new RuntimeException(e);
        }
    }
}
