package weblogic.wsee.security.wssp.handlers;

import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.xml.rpc.handler.soap.SOAPMessageContext;
import javax.xml.soap.SOAPException;
import weblogic.security.acl.internal.AuthenticatedSubject;
import weblogic.wsee.message.WlMessageContext;
import weblogic.wsee.monitoring.WsspStats;
import weblogic.wsee.mtom.internal.MtomPolicyConstants;
import weblogic.wsee.policy.framework.NormalizedExpression;
import weblogic.wsee.policy.framework.PolicyAlternative;
import weblogic.wsee.policy.framework.PolicyException;
import weblogic.wsee.policy.runtime.PolicyContext;
import weblogic.wsee.security.wss.SecurityPolicyException;
import weblogic.wsee.security.wss.plan.SecurityPolicyPlan;
import weblogic.wsee.security.wssp.ConfidentialityAssertion;
import weblogic.wsee.security.wssp.IntegrityAssertion;
import weblogic.wsee.security.wssp.SecurityPolicyAssertionInfo;
import weblogic.wsee.security.wssp.SecurityPolicyAssertionInfoFactory;
import weblogic.xml.crypto.api.MarshalException;
import weblogic.xml.crypto.encrypt.api.XMLEncryptionException;
import weblogic.xml.crypto.wss.WSSecurityContext;
import weblogic.xml.crypto.wss.WSSecurityException;
import weblogic.xml.crypto.wss11.internal.WSS11Context;

/* loaded from: input_file:weblogic/wsee/security/wssp/handlers/PostWssServerPolicyHandler.class */
public class PostWssServerPolicyHandler extends WssHandler {
    static final /* synthetic */ boolean $assertionsDisabled;

    @Override // weblogic.wsee.security.wssp.handlers.WssHandler
    protected boolean processRequest(SOAPMessageContext sOAPMessageContext) throws PolicyException, SOAPException, WSSecurityException {
        try {
            WlMessageContext wlMessageContext = (WlMessageContext) sOAPMessageContext;
            if (wlMessageContext != null && wlMessageContext.getDispatcher() != null && wlMessageContext.getDispatcher().getOperation() != null) {
                wlMessageContext.setProperty("WL_OP_NAME", wlMessageContext.getDispatcher().getOperationName().getLocalPart());
            }
            NormalizedExpression requestEffectivePolicy = PolicyContext.getRequestEffectivePolicy(sOAPMessageContext);
            if (requestEffectivePolicy == null || null == requestEffectivePolicy.getPolicyAlternatives()) {
                return true;
            }
            postValidate(requestEffectivePolicy, sOAPMessageContext, true);
            AuthenticatedSubject subject = WSSecurityContext.getSecurityContext(sOAPMessageContext).getSubject();
            if (subject != null) {
                setSubject(subject, sOAPMessageContext);
            }
            setupMTOMProperty(sOAPMessageContext);
            reportInboundWSSSuccessToWsspStats(getWsspStats(sOAPMessageContext), sOAPMessageContext);
            return true;
        } catch (SecurityPolicyException e) {
            throw new WSSecurityException(e);
        } catch (MarshalException e2) {
            throw new WSSecurityException(e2);
        } catch (XMLEncryptionException e3) {
            throw new WSSecurityException(e3);
        }
    }

    @Override // weblogic.wsee.security.wssp.handlers.WssHandler
    protected boolean processResponse(SOAPMessageContext sOAPMessageContext) throws PolicyException, SOAPException, WSSecurityException {
        return true;
    }

    private void setSubject(AuthenticatedSubject authenticatedSubject, SOAPMessageContext sOAPMessageContext) {
        sOAPMessageContext.setProperty("weblogic.wsee.wss.subject", authenticatedSubject);
    }

    private void setupMTOMProperty(SOAPMessageContext sOAPMessageContext) throws PolicyException {
        Set policyAlternatives;
        NormalizedExpression requestEffectivePolicy = PolicyContext.getRequestEffectivePolicy(sOAPMessageContext);
        if (requestEffectivePolicy == null || null == requestEffectivePolicy.getPolicyAlternatives() || (policyAlternatives = requestEffectivePolicy.getPolicyAlternatives()) == null) {
            return;
        }
        Iterator it = policyAlternatives.iterator();
        while (it.hasNext()) {
            SecurityPolicyAssertionInfo securityPolicyAssertionInfo = SecurityPolicyAssertionInfoFactory.getSecurityPolicyAssertionInfo((PolicyAlternative) it.next());
            if (securityPolicyAssertionInfo != null) {
                List<IntegrityAssertion> integrityAssertions = securityPolicyAssertionInfo.getIntegrityAssertions();
                List<ConfidentialityAssertion> confidentialityAssertions = securityPolicyAssertionInfo.getConfidentialityAssertions();
                if (integrityAssertions != null) {
                    sOAPMessageContext.setProperty(MtomPolicyConstants.ENABLE_NORMAL_XOP, "sign");
                }
                if (confidentialityAssertions != null && confidentialityAssertions.size() > 0) {
                    sOAPMessageContext.setProperty(MtomPolicyConstants.ENABLE_NORMAL_XOP, "encrypt");
                    return;
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // weblogic.wsee.security.wssp.handlers.WssHandler
    public void reportInboundWSSSuccessToWsspStats(WsspStats wsspStats, SOAPMessageContext sOAPMessageContext) {
        super.reportInboundWSSSuccessToWsspStats(getWsspStats(sOAPMessageContext), sOAPMessageContext);
        if (!$assertionsDisabled && wsspStats == null) {
            throw new AssertionError();
        }
        WSS11Context wSS11Context = (WSS11Context) sOAPMessageContext.getProperty(WSSecurityContext.WS_SECURITY_CONTEXT);
        if (!$assertionsDisabled && wSS11Context == null) {
            throw new AssertionError();
        }
        SecurityPolicyPlan securityPolicyPlan = (SecurityPolicyPlan) wSS11Context.getPolicyOutline();
        if (securityPolicyPlan == null || securityPolicyPlan.getBuildingPlan() <= 0) {
            return;
        }
        if ((securityPolicyPlan.getIdentityPolicy() == null || !securityPolicyPlan.getIdentityPolicy().isAuthenticationRequired()) && wSS11Context.getIdTokens().size() <= 0) {
            return;
        }
        wsspStats.reportAuthenticationSuccess();
    }

    static {
        $assertionsDisabled = !PostWssServerPolicyHandler.class.desiredAssertionStatus();
    }
}
