package com.sun.xml.rpc.security;

import com.sun.xml.rpc.client.StreamingSenderState;
import com.sun.xml.rpc.server.StreamingHandlerState;
import com.sun.xml.wss.ProcessingContext;
import com.sun.xml.wss.SecurityEnvironment;
import com.sun.xml.wss.XWSSecurityException;
import com.sun.xml.wss.impl.MessageConstants;
import com.sun.xml.wss.impl.PolicyTypeUtil;
import com.sun.xml.wss.impl.PolicyViolationException;
import com.sun.xml.wss.impl.SecurableSoapMessage;
import com.sun.xml.wss.impl.SecurityAnnotator;
import com.sun.xml.wss.impl.SecurityRecipient;
import com.sun.xml.wss.impl.WssSoapFaultException;
import com.sun.xml.wss.impl.config.ApplicationSecurityConfiguration;
import com.sun.xml.wss.impl.config.DeclarativeSecurityConfiguration;
import com.sun.xml.wss.impl.config.SecurityConfigurationXmlReader;
import com.sun.xml.wss.impl.configuration.StaticApplicationContext;
import com.sun.xml.wss.impl.filter.DumpFilter;
import com.sun.xml.wss.impl.misc.DefaultSecurityEnvironmentImpl;
import com.sun.xml.wss.impl.policy.SecurityPolicy;
import java.io.ByteArrayInputStream;
import java.util.Iterator;
import javax.security.auth.callback.CallbackHandler;
import javax.xml.rpc.JAXRPCException;
import javax.xml.rpc.handler.soap.SOAPMessageContext;
import javax.xml.rpc.soap.SOAPFaultException;
import javax.xml.soap.SOAPBody;
import javax.xml.soap.SOAPElement;
import javax.xml.soap.SOAPHeader;
import javax.xml.soap.SOAPMessage;
import org.w3c.dom.Attr;
import org.w3c.dom.Node;

/* loaded from: input_file:spg-ui-war-2.1.46rel-2.1.24.war:WEB-INF/lib/xws-security-3.0.jar:com/sun/xml/rpc/security/SecurityPluginUtil.class */
public class SecurityPluginUtil {
    String port;
    private CallbackHandler _callbackHandler;
    private SecurityEnvironment _securityEnvironment;
    private ApplicationSecurityConfiguration _sConfig;
    private static final String CONTEXT_OPERATION = "context.operation.name";
    private static final String ENCRYPTED_BODY_QNAME = "{http://www.w3.org/2001/04/xmlenc#}EncryptedData";

    public SecurityPluginUtil(String str, String str2, boolean z) throws Exception {
        this.port = null;
        this._callbackHandler = null;
        this._securityEnvironment = null;
        this._sConfig = null;
        if (str != null) {
            str = str.indexOf(91) != -1 ? str.substring(str.indexOf(93) + 1) : str;
            this.port = str2;
            this._sConfig = SecurityConfigurationXmlReader.createApplicationSecurityConfiguration(new ByteArrayInputStream(str.getBytes()));
            this._callbackHandler = (CallbackHandler) Class.forName(this._sConfig.getSecurityEnvironmentHandler(), true, Thread.currentThread().getContextClassLoader()).newInstance();
            this._securityEnvironment = new DefaultSecurityEnvironmentImpl(this._callbackHandler);
        }
    }

    private void copyToMessageContext(SOAPMessageContext sOAPMessageContext, ProcessingContext processingContext) throws Exception {
        sOAPMessageContext.setMessage(processingContext.getSOAPMessage());
        for (String str : processingContext.getExtraneousProperties().keySet()) {
            sOAPMessageContext.setProperty(str, processingContext.getExtraneousProperties().get(str));
        }
    }

    private void copyToProcessingContext(ProcessingContext processingContext, SOAPMessageContext sOAPMessageContext) throws Exception {
        processingContext.setSOAPMessage(sOAPMessageContext.getMessage());
        Iterator propertyNames = sOAPMessageContext.getPropertyNames();
        while (propertyNames.hasNext()) {
            String str = (String) propertyNames.next();
            processingContext.setExtraneousProperty(str, sOAPMessageContext.getProperty(str));
        }
    }

    private StaticApplicationContext getPolicyContext() {
        StaticApplicationContext staticApplicationContext = new StaticApplicationContext((StaticApplicationContext) ((ApplicationSecurityConfiguration) this._sConfig.getAllTopLevelApplicationSecurityConfigurations().iterator().next()).getAllContexts().next());
        staticApplicationContext.setPortIdentifier(this.port);
        return staticApplicationContext;
    }

    public void _preHandlingHook(StreamingSenderState streamingSenderState) throws Exception {
        try {
            com.sun.xml.rpc.soap.message.SOAPMessageContext messageContext = streamingSenderState.getMessageContext();
            streamingSenderState.getResponse().getMessage();
            String str = (String) messageContext.getProperty(CONTEXT_OPERATION);
            StaticApplicationContext policyContext = getPolicyContext();
            policyContext.setOperationIdentifier(str);
            SecurityPolicy securityConfiguration = this._sConfig.getSecurityConfiguration(policyContext);
            ProcessingContext processingContext = new ProcessingContext();
            copyToProcessingContext(processingContext, messageContext);
            processingContext.setPolicyContext(policyContext);
            if (PolicyTypeUtil.declarativeSecurityConfiguration(securityConfiguration)) {
                processingContext.setSecurityPolicy(((DeclarativeSecurityConfiguration) securityConfiguration).receiverSettings());
            } else {
                processingContext.setSecurityPolicy(securityConfiguration);
            }
            processingContext.setSecurityEnvironment(this._securityEnvironment);
            processingContext.isInboundMessage(true);
            if (this._sConfig.retainSecurityHeader()) {
                processingContext.retainSecurityHeader(true);
            }
            SecurityRecipient.validateMessage(processingContext);
            copyToMessageContext(messageContext, processingContext);
        } catch (XWSSecurityException e) {
            throw getSOAPFaultException(SecurableSoapMessage.newSOAPFaultException(e.getCause() instanceof PolicyViolationException ? MessageConstants.WSSE_RECEIVER_POLICY_VIOLATION : MessageConstants.WSSE_FAILED_AUTHENTICATION, e.getMessage(), e));
        } catch (WssSoapFaultException e2) {
            throw getSOAPFaultException(e2);
        }
    }

    public boolean _preRequestSendingHook(StreamingSenderState streamingSenderState) throws Exception {
        try {
            com.sun.xml.rpc.soap.message.SOAPMessageContext messageContext = streamingSenderState.getMessageContext();
            String operationName = getOperationName(streamingSenderState.getRequest().getMessage());
            messageContext.setProperty(CONTEXT_OPERATION, operationName);
            StaticApplicationContext policyContext = getPolicyContext();
            policyContext.setOperationIdentifier(operationName);
            SecurityPolicy securityConfiguration = this._sConfig.getSecurityConfiguration(policyContext);
            ProcessingContext processingContext = new ProcessingContext();
            copyToProcessingContext(processingContext, messageContext);
            processingContext.setPolicyContext(policyContext);
            if (PolicyTypeUtil.declarativeSecurityConfiguration(securityConfiguration)) {
                processingContext.setSecurityPolicy(((DeclarativeSecurityConfiguration) securityConfiguration).senderSettings());
            } else {
                processingContext.setSecurityPolicy(securityConfiguration);
            }
            processingContext.setSecurityEnvironment(this._securityEnvironment);
            processingContext.isInboundMessage(false);
            SecurityAnnotator.secureMessage(processingContext);
            copyToMessageContext(messageContext, processingContext);
            return true;
        } catch (XWSSecurityException e) {
            throw new JAXRPCException(e);
        } catch (WssSoapFaultException e2) {
            throw getSOAPFaultException(e2);
        }
    }

    public boolean preHandlingHook(StreamingHandlerState streamingHandlerState) throws Exception {
        try {
            SOAPMessageContext messageContext = streamingHandlerState.getMessageContext();
            SOAPMessage message = streamingHandlerState.getRequest().getMessage();
            StaticApplicationContext staticApplicationContext = new StaticApplicationContext(getPolicyContext());
            ProcessingContext processingContext = new ProcessingContext();
            copyToProcessingContext(processingContext, messageContext);
            String operationName = getOperationName(message);
            if (operationName.equals(ENCRYPTED_BODY_QNAME) && this._sConfig.hasOperationPolicies()) {
                SecurityPolicy securityPolicy = (ApplicationSecurityConfiguration) this._sConfig.getSecurityPolicies(staticApplicationContext).next();
                if (securityPolicy != null) {
                    processingContext.setPolicyContext(staticApplicationContext);
                    processingContext.setSecurityPolicy(securityPolicy);
                } else {
                    SecurityPolicy securityPolicy2 = (ApplicationSecurityConfiguration) this._sConfig.getAllTopLevelApplicationSecurityConfigurations().iterator().next();
                    processingContext.setPolicyContext(staticApplicationContext);
                    processingContext.setSecurityPolicy(securityPolicy2);
                }
            } else {
                staticApplicationContext.setOperationIdentifier(operationName);
                messageContext.setProperty(CONTEXT_OPERATION, operationName);
                SecurityPolicy securityConfiguration = this._sConfig.getSecurityConfiguration(staticApplicationContext);
                processingContext.setPolicyContext(staticApplicationContext);
                if (PolicyTypeUtil.declarativeSecurityConfiguration(securityConfiguration)) {
                    processingContext.setSecurityPolicy(((DeclarativeSecurityConfiguration) securityConfiguration).receiverSettings());
                } else {
                    processingContext.setSecurityPolicy(securityConfiguration);
                }
            }
            processingContext.setSecurityEnvironment(this._securityEnvironment);
            processingContext.isInboundMessage(true);
            if (this._sConfig.retainSecurityHeader()) {
                processingContext.retainSecurityHeader(true);
            }
            SecurityRecipient.validateMessage(processingContext);
            messageContext.setProperty(CONTEXT_OPERATION, getOperationName(message));
            copyToMessageContext(messageContext, processingContext);
            return true;
        } catch (XWSSecurityException e) {
            WssSoapFaultException newSOAPFaultException = SecurableSoapMessage.newSOAPFaultException(e.getCause() instanceof PolicyViolationException ? MessageConstants.WSSE_RECEIVER_POLICY_VIOLATION : MessageConstants.WSSE_FAILED_AUTHENTICATION, e.getMessage(), e);
            streamingHandlerState.getResponse().setFailure(true);
            throw getSOAPFaultException(newSOAPFaultException);
        } catch (WssSoapFaultException e2) {
            streamingHandlerState.getResponse().setFailure(true);
            throw getSOAPFaultException(e2);
        }
    }

    public void postResponseWritingHook(StreamingHandlerState streamingHandlerState) throws Exception {
        try {
            SOAPMessageContext messageContext = streamingHandlerState.getMessageContext();
            streamingHandlerState.getResponse().getMessage();
            ProcessingContext processingContext = new ProcessingContext();
            copyToProcessingContext(processingContext, messageContext);
            if (streamingHandlerState.getResponse().isFailure()) {
                DumpFilter.process(processingContext);
                return;
            }
            String str = (String) messageContext.getProperty(CONTEXT_OPERATION);
            StaticApplicationContext staticApplicationContext = new StaticApplicationContext(getPolicyContext());
            staticApplicationContext.setOperationIdentifier(str);
            SecurityPolicy securityConfiguration = this._sConfig.getSecurityConfiguration(staticApplicationContext);
            processingContext.setPolicyContext(staticApplicationContext);
            if (PolicyTypeUtil.declarativeSecurityConfiguration(securityConfiguration)) {
                processingContext.setSecurityPolicy(((DeclarativeSecurityConfiguration) securityConfiguration).senderSettings());
            } else {
                processingContext.setSecurityPolicy(securityConfiguration);
            }
            processingContext.setSecurityEnvironment(this._securityEnvironment);
            processingContext.isInboundMessage(false);
            SecurityAnnotator.secureMessage(processingContext);
            copyToMessageContext(messageContext, processingContext);
        } catch (XWSSecurityException e) {
            throw getSOAPFaultException(SecurableSoapMessage.newSOAPFaultException(MessageConstants.WSSE_INTERNAL_SERVER_ERROR, e.getMessage(), e));
        } catch (WssSoapFaultException e2) {
            throw getSOAPFaultException(e2);
        }
    }

    public void prepareMessageForMUCheck(SOAPMessage sOAPMessage) throws Exception {
        setMUValue(sOAPMessage, "0");
    }

    public void restoreMessageAfterMUCheck(SOAPMessage sOAPMessage) throws Exception {
        setMUValue(sOAPMessage, "1");
    }

    private void setMUValue(SOAPMessage sOAPMessage, String str) throws Exception {
        Node node;
        Attr attributeNodeNS;
        SOAPHeader header = sOAPMessage.getSOAPPart().getEnvelope().getHeader();
        if (header != null) {
            SOAPElement sOAPElement = null;
            Node firstChild = header.getFirstChild();
            while (true) {
                node = firstChild;
                if (node == null || node.getNodeType() == 1) {
                    break;
                } else {
                    firstChild = node.getNextSibling();
                }
            }
            if (node != null && MessageConstants.WSSE_SECURITY_LNAME.equals(node.getLocalName()) && "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd".equals(node.getNamespaceURI())) {
                sOAPElement = (SOAPElement) node;
            }
            if (sOAPElement == null || (attributeNodeNS = sOAPElement.getAttributeNodeNS("http://schemas.xmlsoap.org/soap/envelope/", MessageConstants.MUST_UNDERSTAND)) == null) {
                return;
            }
            sOAPElement.setAttributeNS(attributeNodeNS.getNamespaceURI(), attributeNodeNS.getName(), str);
        }
    }

    public SOAPFaultException getSOAPFaultException(WssSoapFaultException wssSoapFaultException) {
        return new SOAPFaultException(wssSoapFaultException.getFaultCode(), wssSoapFaultException.getFaultString(), wssSoapFaultException.getFaultActor(), wssSoapFaultException.getDetail());
    }

    private String getOperationName(SOAPMessage sOAPMessage) throws Exception {
        if (sOAPMessage == null) {
            throw new XWSSecurityException("SOAPMessage in message context is null");
        }
        SOAPBody sOAPBody = sOAPMessage.getSOAPBody();
        if (sOAPBody == null) {
            throw new XWSSecurityException("No body element identifying an operation is found");
        }
        StringBuffer stringBuffer = new StringBuffer("");
        for (Node firstChild = sOAPBody.getFirstChild(); firstChild != null; firstChild = firstChild.getNextSibling()) {
            stringBuffer.append(new StringBuffer().append("{").append(firstChild.getNamespaceURI()).append("}").append(firstChild.getLocalName()).append(":").toString());
        }
        String stringBuffer2 = stringBuffer.toString();
        return stringBuffer2.substring(0, stringBuffer2.length() - 1);
    }
}
