package com.sun.xml.wss.provider;

import com.sun.enterprise.security.jauth.AuthException;
import com.sun.enterprise.security.jauth.AuthParam;
import com.sun.enterprise.security.jauth.AuthPolicy;
import com.sun.enterprise.security.jauth.SOAPAuthParam;
import com.sun.enterprise.security.jauth.ServerAuthModule;
import com.sun.xml.wss.XWSSecurityException;
import com.sun.xml.wss.impl.MessageConstants;
import com.sun.xml.wss.impl.ProcessingContextImpl;
import com.sun.xml.wss.impl.SecurityAnnotator;
import com.sun.xml.wss.impl.SecurityRecipient;
import com.sun.xml.wss.impl.config.DeclarativeSecurityConfiguration;
import com.sun.xml.wss.impl.policy.mls.MessagePolicy;
import java.security.Principal;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.security.auth.DestroyFailedException;
import javax.security.auth.Destroyable;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.xml.soap.SOAPException;
import javax.xml.soap.SOAPMessage;

/* loaded from: input_file:spg-ui-war-3.0.12.war:WEB-INF/lib/xws-security-3.0.jar:com/sun/xml/wss/provider/ServerSecurityAuthModule.class */
public class ServerSecurityAuthModule extends WssProviderAuthModule implements ServerAuthModule {
    public void initialize(AuthPolicy authPolicy, AuthPolicy authPolicy2, CallbackHandler callbackHandler, Map map) {
        super.initialize(authPolicy, authPolicy2, callbackHandler, map, false);
    }

    public void validateRequest(AuthParam authParam, Subject subject, Map map) throws AuthException {
        try {
            ProcessingContextImpl processingContextImpl = new ProcessingContextImpl();
            this._sEnvironment.setRequesterSubject(subject, processingContextImpl.getExtraneousProperties());
            processingContextImpl.setSecurityPolicy(((DeclarativeSecurityConfiguration) this._policy).receiverSettings());
            processingContextImpl.setSOAPMessage(((SOAPAuthParam) authParam).getRequest());
            processingContextImpl.setSecurityEnvironment(this._sEnvironment);
            SecurityRecipient.validateMessage(processingContextImpl);
            populateSharedStateFromContext(map, processingContextImpl);
            processingContextImpl.getSecurableSoapMessage().deleteSecurityHeader();
        } catch (XWSSecurityException e) {
            e.printStackTrace();
            throw new AuthException(e.getMessage());
        }
    }

    public void secureResponse(AuthParam authParam, Subject subject, Map map) throws AuthException {
        try {
            ProcessingContextImpl processingContextImpl = new ProcessingContextImpl();
            this._sEnvironment.setSubject(subject, processingContextImpl.getExtraneousProperties());
            populateContextFromSharedState(processingContextImpl, map);
            MessagePolicy senderSettings = ((DeclarativeSecurityConfiguration) this._policy).senderSettings();
            SOAPMessage response = ((SOAPAuthParam) authParam).getResponse();
            processingContextImpl.setSecurityPolicy(senderSettings);
            processingContextImpl.setSOAPMessage(response);
            processingContextImpl.setSecurityEnvironment(this._sEnvironment);
            if (this.optimize == 0 || !isOptimized(response)) {
                try {
                    response.getSOAPBody();
                    response.getSOAPHeader();
                    processingContextImpl.setConfigType(0);
                } catch (SOAPException e) {
                    throw new AuthException(e.getMessage());
                }
            } else {
                processingContextImpl.setConfigType(this.optimize);
            }
            SecurityAnnotator.secureMessage(processingContextImpl);
        } catch (XWSSecurityException e2) {
            e2.printStackTrace();
            throw new AuthException(e2.getMessage());
        }
    }

    public void disposeSubject(Subject subject, Map map) throws AuthException {
        if (subject == null) {
            throw new AuthException("Subject is null in disposeSubject");
        }
        if (subject.isReadOnly()) {
            Set<Principal> principals = subject.getPrincipals();
            Set<Object> privateCredentials = subject.getPrivateCredentials();
            Set<Object> publicCredentials = subject.getPublicCredentials();
            try {
                principals.clear();
            } catch (UnsupportedOperationException e) {
            }
            Iterator<Object> it = privateCredentials.iterator();
            while (it.hasNext()) {
                try {
                    ((Destroyable) it.next()).destroy();
                } catch (ClassCastException e2) {
                } catch (DestroyFailedException e3) {
                }
            }
            Iterator<Object> it2 = publicCredentials.iterator();
            while (it2.hasNext()) {
                try {
                    ((Destroyable) it2.next()).destroy();
                } catch (ClassCastException e4) {
                } catch (DestroyFailedException e5) {
                }
            }
        }
    }

    private void populateContextFromSharedState(ProcessingContextImpl processingContextImpl, Map map) {
        processingContextImpl.setExtraneousProperty(MessageConstants.AUTH_SUBJECT, map.get(WssProviderAuthModule.REQUESTER_SUBJECT));
        processingContextImpl.setExtraneousProperty(MessageConstants.REQUESTER_KEYID, map.get(WssProviderAuthModule.REQUESTER_KEYID));
        processingContextImpl.setExtraneousProperty(MessageConstants.REQUESTER_ISSUERNAME, map.get(WssProviderAuthModule.REQUESTER_ISSUERNAME));
        processingContextImpl.setExtraneousProperty(MessageConstants.REQUESTER_SERIAL, map.get(WssProviderAuthModule.REQUESTER_SERIAL));
    }

    private void populateSharedStateFromContext(Map map, ProcessingContextImpl processingContextImpl) {
        map.put(WssProviderAuthModule.REQUESTER_SUBJECT, processingContextImpl.getExtraneousProperty(MessageConstants.AUTH_SUBJECT));
        map.put(WssProviderAuthModule.REQUESTER_KEYID, processingContextImpl.getExtraneousProperty(MessageConstants.REQUESTER_KEYID));
        map.put(WssProviderAuthModule.REQUESTER_ISSUERNAME, processingContextImpl.getExtraneousProperty(MessageConstants.REQUESTER_ISSUERNAME));
        map.put(WssProviderAuthModule.REQUESTER_SERIAL, processingContextImpl.getExtraneousProperty(MessageConstants.REQUESTER_SERIAL));
    }
}
