package weblogic.wsee.security.wst.framework;

import java.util.List;
import javax.xml.rpc.handler.MessageContext;
import javax.xml.soap.SOAPException;
import javax.xml.soap.SOAPMessage;
import org.w3c.dom.Node;
import weblogic.wsee.message.WlMessageContext;
import weblogic.wsee.message.soap.SoapMessageContext;
import weblogic.wsee.policy.framework.NormalizedExpression;
import weblogic.wsee.policy.framework.PolicyException;
import weblogic.wsee.security.policy.WssPolicyContext;
import weblogic.wsee.security.wst.binding.RequestSecurityTokenResponse;
import weblogic.wsee.security.wst.binding.RequestSecurityTokenResponseCollection;
import weblogic.wsee.security.wst.faults.InvalidRequestException;
import weblogic.wsee.security.wst.faults.WSTFaultException;
import weblogic.wsee.security.wst.faults.WSTFaultUtil;
import weblogic.wsee.security.wst.helpers.BindingHelper;
import weblogic.wsee.security.wst.helpers.SOAPHelper;
import weblogic.xml.crypto.wss.SecurityTokenContextHandler;
import weblogic.xml.crypto.wss.provider.SecurityTokenHandler;

/* loaded from: input_file:weblogic/wsee/security/wst/framework/WSTCredentialProviderHelper.class */
public class WSTCredentialProviderHelper {
    public static RequestSecurityTokenResponse createCredential(WSTContext wSTContext, SecurityTokenHandler securityTokenHandler) {
        try {
            return createCredential(getSoapClient(wSTContext), securityTokenHandler);
        } catch (WSTFaultException e) {
            WSTFaultUtil.raiseFault(e);
            return null;
        }
    }

    private static RequestSecurityTokenResponse createCredential(TrustSoapClient trustSoapClient, SecurityTokenHandler securityTokenHandler) throws WSTFaultException {
        return getRSTRfromSOAPMessage(trustSoapClient.requestTrustToken(), securityTokenHandler, (String) null);
    }

    public static RequestSecurityTokenResponse renewCredential(WSTContext wSTContext, Object obj, SecurityTokenHandler securityTokenHandler, String str, String str2, String str3) {
        try {
            wSTContext.setAction(str3);
            SoapMessageContext createEmptyRSTBaseMsgContext = SOAPHelper.createEmptyRSTBaseMsgContext(((SoapMessageContext) wSTContext.getMessageContext()).isSoap12());
            createEmptyRSTBaseMsgContext.setProperty(WlMessageContext.SECURITY_CONTEXT_CREDENTIAL, obj);
            return getRSTRfromSOAPMessage(getSoapClient(wSTContext).renewTrustToken(createEmptyRSTBaseMsgContext, str2, str), securityTokenHandler, str);
        } catch (SOAPException e) {
            WSTFaultUtil.raiseFault(new InvalidRequestException(e.getMessage()));
            return null;
        } catch (InvalidRequestException e2) {
            WSTFaultUtil.raiseFault(e2);
            return null;
        } catch (WSTFaultException e3) {
            WSTFaultUtil.raiseFault(e3);
            return null;
        }
    }

    public static void cancelCredential(MessageContext messageContext, Object obj, SecurityTokenHandler securityTokenHandler, String str, String str2, String str3) {
        if (obj == null) {
            WSTFaultUtil.raiseFault(new InvalidRequestException("No credential to cancel token"));
        }
        WSTContext wSTContext = WSTContext.getWSTContext(messageContext);
        wSTContext.setAction(str3);
        try {
            SoapMessageContext createEmptyRSTBaseMsgContext = SOAPHelper.createEmptyRSTBaseMsgContext(((SoapMessageContext) messageContext).isSoap12());
            createEmptyRSTBaseMsgContext.setProperty(WlMessageContext.SECURITY_CONTEXT_CREDENTIAL, obj);
            RequestSecurityTokenResponse rSTRfromSOAPMessage = getRSTRfromSOAPMessage(getSoapClient(wSTContext).cancelTrustToken(createEmptyRSTBaseMsgContext, str2, str), securityTokenHandler, str);
            if (rSTRfromSOAPMessage == null || rSTRfromSOAPMessage.getRequestedTokenCancelled() == null) {
                WSTFaultUtil.raiseFault(new InvalidRequestException("Unable to cancel token"));
            }
        } catch (SOAPException e) {
            WSTFaultUtil.raiseFault(new InvalidRequestException(e.getMessage()));
        } catch (WSTFaultException e2) {
            WSTFaultUtil.raiseFault(e2);
        }
    }

    private static RequestSecurityTokenResponse getRSTRfromSOAPMessage(SOAPMessage sOAPMessage, SecurityTokenHandler securityTokenHandler, String str) throws WSTFaultException {
        Node rSTBaseNode = SOAPHelper.getRSTBaseNode(sOAPMessage);
        if (rSTBaseNode == null) {
            return null;
        }
        if (!rSTBaseNode.getLocalName().equals(RequestSecurityTokenResponseCollection.NAME)) {
            return BindingHelper.unmarshalRSTRNode(rSTBaseNode, securityTokenHandler, str);
        }
        List<RequestSecurityTokenResponse> requestSecurityTokenResponseCollection = BindingHelper.unmarshalRSTRCNode(rSTBaseNode, securityTokenHandler, str).getRequestSecurityTokenResponseCollection();
        if (requestSecurityTokenResponseCollection.size() <= 0) {
            throw new WSTFaultException(" SecureTokenService did not return a token in the returned RequestSecurityTokenResponseCollection ");
        }
        return requestSecurityTokenResponseCollection.get(0);
    }

    private static TrustSoapClient getSoapClient(WSTContext wSTContext) throws InvalidRequestException {
        return new TrustSoapClient(wSTContext);
    }

    private static String getSTSURIFromMBean(MessageContext messageContext, String str) {
        String str2 = null;
        WssPolicyContext wssPolicyContext = (WssPolicyContext) messageContext.getProperty(WssPolicyContext.WSS_POLICY_CTX_PROP);
        if (wssPolicyContext != null) {
            str2 = wssPolicyContext.getWssConfiguration().getSTSURI(str);
            if (str2 == null) {
                str2 = wssPolicyContext.getWssConfiguration().getDefaultSTSURI();
            }
        }
        return str2;
    }

    public static String getSTSURIFromConfig(SecurityTokenContextHandler securityTokenContextHandler, MessageContext messageContext, String str) {
        String str2 = (String) securityTokenContextHandler.getValue(SecurityTokenContextHandler.ISSUER_ENDPOINT_REF);
        if (str2 == null) {
            str2 = getSTSURIFromMBean(messageContext, str);
        }
        return str2;
    }

    private static String getSTSPolicyFromMBean(MessageContext messageContext, String str) {
        String str2 = null;
        WssPolicyContext wssPolicyContext = (WssPolicyContext) messageContext.getProperty(WssPolicyContext.WSS_POLICY_CTX_PROP);
        if (wssPolicyContext != null) {
            str2 = wssPolicyContext.getWssConfiguration().getSTSPolicy(str);
        }
        return str2;
    }

    public static NormalizedExpression getSTSPolicyFromConfig(SecurityTokenContextHandler securityTokenContextHandler, MessageContext messageContext, String str) throws PolicyException {
        NormalizedExpression normalizedExpression = null;
        String str2 = null;
        if (securityTokenContextHandler != null) {
            normalizedExpression = (NormalizedExpression) securityTokenContextHandler.getValue("weblogic.wsee.security.wst_bootstrap_policy");
        }
        if (normalizedExpression == null) {
            str2 = getSTSPolicyFromMBean(messageContext, str);
        }
        WssPolicyContext wssPolicyContext = (WssPolicyContext) messageContext.getProperty(WssPolicyContext.WSS_POLICY_CTX_PROP);
        if (wssPolicyContext != null && str2 != null) {
            normalizedExpression = wssPolicyContext.getPolicyServer().getPolicy(str2).normalize();
        }
        return normalizedExpression;
    }
}
