package com.sun.xml.wss.core;

import com.sun.org.apache.xml.internal.security.exceptions.Base64DecodingException;
import com.sun.xml.ws.security.Token;
import com.sun.xml.wss.XWSSecurityException;
import com.sun.xml.wss.impl.MessageConstants;
import com.sun.xml.wss.impl.SecurityTokenException;
import com.sun.xml.wss.impl.XMLUtil;
import com.sun.xml.wss.impl.config.ConfigurationConstants;
import com.sun.xml.wss.impl.misc.Base64;
import com.sun.xml.wss.impl.misc.SecurityHeaderBlockImpl;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Iterator;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.xml.soap.SOAPElement;
import javax.xml.soap.SOAPException;
import org.w3c.dom.Document;
import org.w3c.dom.Node;

/* loaded from: input_file:spg-ui-war-3.0.2.war:WEB-INF/lib/xws-security-3.0.jar:com/sun/xml/wss/core/UsernameToken.class */
public class UsernameToken extends SecurityHeaderBlockImpl implements SecurityToken, Token {
    public static final long MAX_NONCE_AGE = 900000;
    private String username;
    private String password;
    private String passwordType;
    private String passwordDigest;
    private byte[] decodedNonce;
    private String nonce;
    private String nonceEncodingType;
    private String created;
    private boolean bsp;
    private Document soapDoc;
    private static Logger log = Logger.getLogger("javax.enterprise.resource.xml.webservices.security", "com.sun.xml.wss.logging.LogStrings");

    public static SecurityHeaderBlock fromSoapElement(SOAPElement sOAPElement) throws XWSSecurityException {
        return SecurityHeaderBlockImpl.fromSoapElement(sOAPElement, UsernameToken.class);
    }

    public UsernameToken(Document document, String str) throws SecurityTokenException {
        this.password = null;
        this.passwordType = MessageConstants.PASSWORD_TEXT_NS;
        this.passwordDigest = null;
        this.decodedNonce = null;
        this.nonce = null;
        this.nonceEncodingType = MessageConstants.BASE64_ENCODING_NS;
        this.created = null;
        this.bsp = false;
        this.soapDoc = document;
        this.username = str;
        setPasswordType(MessageConstants.PASSWORD_TEXT_NS);
    }

    public UsernameToken(Document document, String str, String str2, boolean z) throws SecurityTokenException {
        this(document, str);
        this.password = str2;
        if (z) {
            setPasswordType(MessageConstants.PASSWORD_DIGEST_NS);
        }
    }

    public UsernameToken(Document document, String str, String str2) throws SecurityTokenException {
        this(document, str, str2, false);
    }

    public UsernameToken(Document document, String str, String str2, boolean z, boolean z2) throws SecurityTokenException {
        this(document, str, str2, z2);
        if (z) {
            createNonce();
        }
    }

    public UsernameToken(Document document, String str, String str2, boolean z, boolean z2, boolean z3) throws SecurityTokenException {
        this(document, str, str2, z, z3);
        if (z2) {
            try {
                this.created = getCreatedFromTimestamp();
            } catch (Exception e) {
                log.log(Level.SEVERE, "WSS0280.failed.create.UsernameToken", (Throwable) e);
                throw new SecurityTokenException(e);
            }
        }
    }

    public UsernameToken(SOAPElement sOAPElement, boolean z) throws XWSSecurityException {
        this(sOAPElement);
        isBSP(z);
    }

    public UsernameToken(SOAPElement sOAPElement) throws XWSSecurityException {
        Node node;
        this.password = null;
        this.passwordType = MessageConstants.PASSWORD_TEXT_NS;
        this.passwordDigest = null;
        this.decodedNonce = null;
        this.nonce = null;
        this.nonceEncodingType = MessageConstants.BASE64_ENCODING_NS;
        this.created = null;
        this.bsp = false;
        setSOAPElement(sOAPElement);
        this.soapDoc = getOwnerDocument();
        if (!"UsernameToken".equals(getLocalName()) || !XMLUtil.inWsseNS(this)) {
            log.log(Level.SEVERE, "WSS0329.usernametoken.expected", new Object[]{getLocalName()});
            throw new SecurityTokenException("Expected UsernameToken Element, but Found " + getLocalName());
        }
        boolean z = false;
        Iterator childElements = getChildElements();
        Node node2 = null;
        while (true) {
            node = node2;
            if (!childElements.hasNext() || (node instanceof SOAPElement)) {
                break;
            } else {
                node2 = (Node) childElements.next();
            }
        }
        if (node == null || node.getNodeType() != 1) {
            z = true;
        } else {
            SOAPElement sOAPElement2 = (SOAPElement) node;
            if (!"Username".equals(sOAPElement2.getLocalName()) || !XMLUtil.inWsseNS(sOAPElement2)) {
                log.log(Level.SEVERE, "WSS0330.usernametoken.firstchild.mustbe.username");
                throw new SecurityTokenException("The first child of a UsernameToken Element, should be a Username ");
            }
            this.username = sOAPElement2.getValue();
        }
        while (childElements.hasNext()) {
            SOAPElement sOAPElement3 = (Node) childElements.next();
            if (sOAPElement3.getNodeType() == 1) {
                SOAPElement sOAPElement4 = sOAPElement3;
                if ("Password".equals(sOAPElement4.getLocalName()) && XMLUtil.inWsseNS(sOAPElement4)) {
                    String attribute = sOAPElement4.getAttribute("Type");
                    if (isBSP() && attribute.length() < 1) {
                        log.log(Level.SEVERE, "BSP4201.PasswordType.Username");
                        throw new XWSSecurityException(" A wsse:UsernameToken/wsse:Password element in a SECURITY_HEADER MUST specify a Type attribute.");
                    }
                    if (!"".equals(attribute)) {
                        setPasswordType(attribute);
                    }
                    if (MessageConstants.PASSWORD_TEXT_NS == this.passwordType) {
                        this.password = sOAPElement4.getValue();
                    } else {
                        this.passwordDigest = sOAPElement4.getValue();
                    }
                } else if ("Nonce".equals(sOAPElement4.getLocalName()) && XMLUtil.inWsseNS(sOAPElement4)) {
                    this.nonce = sOAPElement4.getValue();
                    String attribute2 = sOAPElement4.getAttribute(ConfigurationConstants.ENCODING_TYPE_ATTRIBUTE_NAME);
                    if (!"".equals(attribute2)) {
                        setNonceEncodingType(attribute2);
                    }
                    try {
                        this.decodedNonce = Base64.decode(this.nonce);
                    } catch (Base64DecodingException e) {
                        log.log(Level.SEVERE, "WSS0309.couldnot.decode.base64.nonce", e);
                        throw new XWSSecurityException(e);
                    }
                } else if ("Created".equals(sOAPElement4.getLocalName()) && XMLUtil.inWsuNS(sOAPElement4)) {
                    this.created = sOAPElement4.getValue();
                } else {
                    z = true;
                }
            }
        }
        if (z) {
            log.log(Level.SEVERE, "WSS0331.invalid.usernametoken");
            throw new SecurityTokenException("Element passed was not a SOAPElement or is not a proper UsernameToken");
        }
        if (null == this.username) {
            log.log(Level.SEVERE, "WSS0332.usernametoken.null.username");
            throw new SecurityTokenException("Username token does not contain the username");
        }
    }

    public String getUsername() {
        return this.username;
    }

    public void setUsername(String str) {
        this.username = str;
    }

    public String getPassword() {
        return this.password;
    }

    public String getPasswordType() {
        return this.passwordType;
    }

    private void setPasswordType(String str) throws SecurityTokenException {
        if (MessageConstants.PASSWORD_TEXT_NS.equals(str)) {
            this.passwordType = MessageConstants.PASSWORD_TEXT_NS;
        } else if (MessageConstants.PASSWORD_DIGEST_NS.equals(str)) {
            this.passwordType = MessageConstants.PASSWORD_DIGEST_NS;
        } else {
            log.log(Level.SEVERE, "WSS0306.invalid.passwd.type", new Object[]{MessageConstants.PASSWORD_TEXT_NS, MessageConstants.PASSWORD_DIGEST_NS});
            throw new SecurityTokenException("Invalid password type. Must be one of   http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText or http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest");
        }
    }

    public String getNonceEncodingType() {
        return this.nonceEncodingType;
    }

    private void setNonceEncodingType(String str) {
        if (MessageConstants.BASE64_ENCODING_NS.equals(str)) {
            this.nonceEncodingType = MessageConstants.BASE64_ENCODING_NS;
        } else {
            log.log(Level.SEVERE, "WSS0307.nonce.enctype.invalid");
            throw new RuntimeException("Nonce encoding type invalid");
        }
    }

    public String getNonce() throws SecurityTokenException {
        return this.nonce;
    }

    public String getCreated() {
        return this.created;
    }

    public String getPasswordDigest() {
        return this.passwordDigest;
    }

    public void setPassword(String str) {
        this.password = str;
    }

    public void setNonce(String str) {
        if (str == null || "".equals(str)) {
            createNonce();
        } else {
            this.nonce = str;
        }
    }

    public void setCreationTime(String str) throws XWSSecurityException {
        if (str == null || "".equals(str)) {
            this.created = getCreatedFromTimestamp();
        } else {
            this.created = str;
        }
    }

    public void setDigestOn() throws SecurityTokenException {
        setPasswordType(MessageConstants.PASSWORD_DIGEST_NS);
    }

    @Override // com.sun.xml.wss.impl.misc.SecurityHeaderBlockImpl, com.sun.xml.wss.core.SecurityHeaderBlock
    public SOAPElement getAsSoapElement() throws SecurityTokenException {
        if (null != this.delegateElement) {
            return this.delegateElement;
        }
        try {
            setSOAPElement((SOAPElement) this.soapDoc.createElementNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "wsse:UsernameToken"));
            addNamespaceDeclaration(MessageConstants.WSSE_PREFIX, "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
            if (null == this.username || MessageConstants._EMPTY.equals(this.username)) {
                log.log(Level.SEVERE, "WSS0387.error.creating.usernametoken");
                throw new SecurityTokenException("username was not set");
            }
            addChildElement("Username", MessageConstants.WSSE_PREFIX).addTextNode(this.username);
            if (this.password != null && !MessageConstants._EMPTY.equals(this.password)) {
                SOAPElement addChildElement = addChildElement("Password", MessageConstants.WSSE_PREFIX);
                if (MessageConstants.PASSWORD_DIGEST_NS == this.passwordType) {
                    createDigest();
                    addChildElement.addTextNode(this.passwordDigest);
                } else {
                    addChildElement.addTextNode(this.password);
                }
                addChildElement.setAttribute("Type", this.passwordType);
            }
            if (this.nonce != null) {
                SOAPElement addChildElement2 = addChildElement("Nonce", MessageConstants.WSSE_PREFIX);
                addChildElement2.addTextNode(this.nonce);
                if (this.nonceEncodingType != null) {
                    addChildElement2.setAttribute(ConfigurationConstants.ENCODING_TYPE_ATTRIBUTE_NAME, this.nonceEncodingType);
                }
            }
            if (this.created != null) {
                addChildElement("Created", "wsu", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd").addTextNode(this.created);
            }
            return this.delegateElement;
        } catch (SOAPException e) {
            log.log(Level.SEVERE, "WSS0388.error.creating.usernametoken", e.getMessage());
            throw new SecurityTokenException("There was an error creating Username Token " + e.getMessage());
        }
    }

    private void createNonce() {
        this.decodedNonce = new byte[18];
        try {
            SecureRandom.getInstance("SHA1PRNG").nextBytes(this.decodedNonce);
            if (MessageConstants.BASE64_ENCODING_NS == this.nonceEncodingType) {
                this.nonce = Base64.encode(this.decodedNonce);
            } else {
                log.log(Level.SEVERE, "WSS0389.unrecognized.nonce.encoding", this.nonceEncodingType);
                throw new RuntimeException("Unrecognized encoding: " + this.nonceEncodingType);
            }
        } catch (NoSuchAlgorithmException e) {
            log.log(Level.SEVERE, "WSS0310.no.such.algorithm", new Object[]{e.getMessage()});
            throw new RuntimeException("No such algorithm found" + e.getMessage());
        }
    }

    private void createDigest() throws SecurityTokenException {
        String str;
        byte[] bArr;
        str = "";
        str = this.created != null ? str + this.created : "";
        if (this.password != null) {
            str = str + this.password;
        }
        try {
            byte[] bytes = str.getBytes("utf-8");
            if (this.decodedNonce != null) {
                bArr = new byte[bytes.length + 18];
                for (int i = 0; i < 18; i++) {
                    bArr[i] = this.decodedNonce[i];
                }
                for (int i2 = 18; i2 < bytes.length + 18; i2++) {
                    bArr[i2] = bytes[i2 - 18];
                }
            } else {
                bArr = bytes;
            }
            try {
                this.passwordDigest = Base64.encode(MessageDigest.getInstance(MessageConstants.SHA_1).digest(bArr));
            } catch (Exception e) {
                log.log(Level.SEVERE, "WSS0311.passwd.digest.couldnot.be.created", new Object[]{e.getMessage()});
                throw new SecurityTokenException("Password Digest could not be created. " + e.getMessage());
            }
        } catch (UnsupportedEncodingException e2) {
            log.log(Level.SEVERE, "WSS0390.unsupported.charset.exception");
            throw new SecurityTokenException(e2);
        }
    }

    private String getCreatedFromTimestamp() throws XWSSecurityException {
        Timestamp timestamp = new Timestamp();
        timestamp.createDateTime();
        return timestamp.getCreated();
    }

    @Override // com.sun.xml.wss.impl.misc.SecurityHeaderBlockImpl
    public void isBSP(boolean z) {
        this.bsp = z;
    }

    @Override // com.sun.xml.wss.impl.misc.SecurityHeaderBlockImpl
    public boolean isBSP() {
        return this.bsp;
    }

    @Override // com.sun.xml.ws.security.Token
    public String getType() {
        return MessageConstants.USERNAME_TOKEN_NS;
    }

    @Override // com.sun.xml.ws.security.Token
    public Object getTokenValue() {
        log.log(Level.SEVERE, "WSS0281.unsupported.operation");
        throw new UnsupportedOperationException("Not yet implemented");
    }
}
