package weblogic.wsee.async;

import java.io.IOException;
import java.lang.reflect.UndeclaredThrowableException;
import java.security.AccessController;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.xml.namespace.QName;
import javax.xml.rpc.JAXRPCException;
import javax.xml.rpc.handler.GenericHandler;
import javax.xml.rpc.handler.MessageContext;
import javax.xml.rpc.handler.soap.SOAPMessageContext;
import weblogic.security.acl.internal.AuthenticatedSubject;
import weblogic.security.service.PrivilegedActions;
import weblogic.security.service.SecurityServiceManager;
import weblogic.store.PersistentStoreException;
import weblogic.wsee.addressing.ActionHeader;
import weblogic.wsee.addressing.RelatesToHeader;
import weblogic.wsee.cluster.CorrelationHeader;
import weblogic.wsee.message.MsgHeaders;
import weblogic.wsee.message.WlMessageContext;
import weblogic.wsee.message.soap.SoapMessageContext;
import weblogic.wsee.reliability.WsrmConstants;
import weblogic.wsee.reliability.WsrmSequenceContext;
import weblogic.wsee.reliability.handshake.WsrmServerHandshakeHandler;
import weblogic.wsee.reliability.headers.SequenceHeader;
import weblogic.wsee.security.wssp.handlers.WssServerHandler;
import weblogic.wsee.server.WsLifeCycleEvent;
import weblogic.wsee.server.WsLifeCycleListenerRegistry;
import weblogic.wsee.server.WsStorage;
import weblogic.wsee.server.WsStorageFactory;

/* loaded from: input_file:weblogic/wsee/async/AsyncResponseWsrmWsscHandler.class */
public class AsyncResponseWsrmWsscHandler extends GenericHandler {
    private static final Logger LOGGER;
    public static final String RM_SECURE = "weblogic.wsee.rm.secure";
    static final /* synthetic */ boolean $assertionsDisabled;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:weblogic/wsee/async/AsyncResponseWsrmWsscHandler$AuthorizedInvoke.class */
    public class AuthorizedInvoke implements PrivilegedExceptionAction {
        private AsyncInvokeState ais;
        private MessageContext mc;
        private WsrmSequenceContext seqCtx;

        AuthorizedInvoke(AsyncInvokeState asyncInvokeState, MessageContext messageContext, WsrmSequenceContext wsrmSequenceContext) {
            this.ais = null;
            this.ais = asyncInvokeState;
            this.mc = messageContext;
            this.seqCtx = wsrmSequenceContext;
        }

        @Override // java.security.PrivilegedExceptionAction
        public Object run() throws Exception {
            Throwable fault;
            SoapMessageContext soapMessageContext = this.mc;
            SoapMessageContext messageContext = this.ais.getMessageContext();
            if (messageContext == null) {
                throw new JAXRPCException("No message context saved");
            }
            messageContext.setMessage(soapMessageContext.getMessage());
            if (AsyncUtil.getWssClientHandler(this.seqCtx).handleResponse(messageContext) || (fault = WlMessageContext.narrow(messageContext).getFault()) == null) {
                return null;
            }
            throw new JAXRPCException(fault);
        }
    }

    public QName[] getHeaders() {
        return null;
    }

    public boolean handleRequest(MessageContext messageContext) {
        MsgHeaders headers;
        SequenceHeader header;
        if (messageContext == null || !(messageContext instanceof SOAPMessageContext) || (headers = WlMessageContext.narrow(messageContext).getHeaders()) == null) {
            return true;
        }
        if (LOGGER.isLoggable(Level.FINE)) {
            LOGGER.log(Level.FINE, "AsyncResponseWsrmWsscHandler.handleRequest");
        }
        if ((isRMActions(headers) && handleRequestSecurity(messageContext)) || (header = headers.getHeader(SequenceHeader.TYPE)) == null) {
            return true;
        }
        WsrmSequenceContext rMSequenceContext = WsrmServerHandshakeHandler.getRMSequenceContext(false, header.getSequenceId());
        if (!$assertionsDisabled && rMSequenceContext == null) {
            throw new AssertionError();
        }
        if ((!rMSequenceContext.getWsrmSecurityContext().isSecureWithWssc() && !rMSequenceContext.getWsrmSecurityContext().isSecureWithWssp12()) || handleAsyncResponseSecurity(headers, messageContext, rMSequenceContext) || handleConvIdSecurity(headers, messageContext, rMSequenceContext)) {
            return true;
        }
        WsLifeCycleListenerRegistry.getInstance().onEvent(WsLifeCycleEvent.WSRM_SEND_AFTER_RES_SEC_VALIDATION);
        return true;
    }

    private boolean handleConvIdSecurity(MsgHeaders msgHeaders, MessageContext messageContext, WsrmSequenceContext wsrmSequenceContext) {
        Throwable fault;
        if (msgHeaders.getHeader(CorrelationHeader.TYPE) == null) {
            return false;
        }
        if (AsyncUtil.getWssServerHandler(wsrmSequenceContext).handleRequest(messageContext) || (fault = WlMessageContext.narrow(messageContext).getFault()) == null) {
            return true;
        }
        throw new JAXRPCException(fault);
    }

    private boolean handleRequestSecurity(MessageContext messageContext) throws JAXRPCException {
        Throwable fault;
        if (!new WssServerHandler().handleRequest(messageContext) && (fault = WlMessageContext.narrow(messageContext).getFault()) != null) {
            throw new JAXRPCException(fault);
        }
        messageContext.setProperty(RM_SECURE, "true");
        return true;
    }

    private boolean handleAsyncResponseSecurity(MsgHeaders msgHeaders, MessageContext messageContext, WsrmSequenceContext wsrmSequenceContext) {
        RelatesToHeader header = msgHeaders.getHeader(RelatesToHeader.TYPE);
        if (header == null) {
            return false;
        }
        String relatedMessageId = header.getRelatedMessageId();
        WsStorage storage = WsStorageFactory.getStorage("weblogic.wsee.async.store", new AsyncInvokeStateObjectHandler());
        AsyncInvokeState asyncInvokeState = getAsyncInvokeState(storage, relatedMessageId);
        synchronized (asyncInvokeState) {
            try {
                try {
                    runSecurityHandlers(asyncInvokeState, messageContext, wsrmSequenceContext);
                    try {
                        storage.persistentPut(relatedMessageId, asyncInvokeState);
                        messageContext.setProperty(RM_SECURE, "true");
                        messageContext.setProperty("weblogic.wsee.wssc.sct", asyncInvokeState.getMessageContext().getProperty("weblogic.wsee.wssc.sct"));
                    } catch (PersistentStoreException e) {
                        storage.remove(relatedMessageId);
                        throw new JAXRPCException(e);
                    }
                } catch (UndeclaredThrowableException e2) {
                    storage.remove(relatedMessageId);
                    throw e2;
                }
            } catch (JAXRPCException e3) {
                storage.remove(relatedMessageId);
                throw e3;
            }
        }
        return true;
    }

    private void runSecurityHandlers(AsyncInvokeState asyncInvokeState, MessageContext messageContext, WsrmSequenceContext wsrmSequenceContext) {
        AuthenticatedSubject subject = asyncInvokeState.getSubject();
        AuthorizedInvoke authorizedInvoke = new AuthorizedInvoke(asyncInvokeState, messageContext, wsrmSequenceContext);
        if (subject == null) {
            try {
                authorizedInvoke.run();
            } catch (Exception e) {
                throw new JAXRPCException(e);
            }
        } else {
            try {
                SecurityServiceManager.runAs((AuthenticatedSubject) AccessController.doPrivileged(PrivilegedActions.getKernelIdentityAction()), subject, authorizedInvoke);
            } catch (PrivilegedActionException e2) {
                if (!(e2.getException() instanceof IOException)) {
                    throw new UndeclaredThrowableException(e2.getException());
                }
                throw new JAXRPCException(e2.getException());
            }
        }
    }

    private boolean isSecure(AsyncInvokeState asyncInvokeState) {
        return asyncInvokeState.getMessageContext().containsProperty("weblogic.xml.crypto.wss.WSSecurityContext");
    }

    private AsyncInvokeState getAsyncInvokeState(WsStorage wsStorage, String str) {
        try {
            AsyncInvokeState asyncInvokeState = (AsyncInvokeState) wsStorage.persistentGet(str);
            if (asyncInvokeState == null) {
                throw new JAXRPCException("Cannot retrieve request information for message " + str);
            }
            return asyncInvokeState;
        } catch (PersistentStoreException e) {
            if (LOGGER.isLoggable(Level.FINE)) {
                LOGGER.log(Level.FINE, e.getMessage(), e);
            }
            throw new JAXRPCException(e);
        }
    }

    private boolean isRMActions(MsgHeaders msgHeaders) {
        ActionHeader header = msgHeaders.getHeader(ActionHeader.TYPE);
        if (header == null) {
            return false;
        }
        String actionURI = header.getActionURI();
        return actionURI.startsWith(WsrmConstants.RMVersion.RM_10.getNamespaceUri()) || actionURI.startsWith(WsrmConstants.RMVersion.RM_11.getNamespaceUri());
    }

    static {
        $assertionsDisabled = !AsyncResponseWsrmWsscHandler.class.desiredAssertionStatus();
        LOGGER = Logger.getLogger(AsyncResponseWsrmWsscHandler.class.getName());
    }
}
