package weblogic.xml.crypto.wss;

import java.security.Key;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.xml.rpc.handler.MessageContext;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import weblogic.security.acl.internal.AuthenticatedSubject;
import weblogic.security.service.ContextHandler;
import weblogic.xml.crypto.api.KeySelector;
import weblogic.xml.crypto.api.KeySelectorException;
import weblogic.xml.crypto.api.KeySelectorResult;
import weblogic.xml.crypto.api.MarshalException;
import weblogic.xml.crypto.api.XMLCryptoContext;
import weblogic.xml.crypto.api.XMLStructure;
import weblogic.xml.crypto.common.keyinfo.KeyProvider;
import weblogic.xml.crypto.dsig.ReferenceUtils;
import weblogic.xml.crypto.dsig.api.DigestMethod;
import weblogic.xml.crypto.dsig.api.Reference;
import weblogic.xml.crypto.dsig.api.SignedInfo;
import weblogic.xml.crypto.dsig.api.XMLSignature;
import weblogic.xml.crypto.dsig.api.XMLSignatureFactory;
import weblogic.xml.crypto.dsig.api.keyinfo.KeyInfo;
import weblogic.xml.crypto.dsig.api.keyinfo.KeyInfoFactory;
import weblogic.xml.crypto.encrypt.EncryptionAlgorithm;
import weblogic.xml.crypto.encrypt.ReferenceList;
import weblogic.xml.crypto.encrypt.api.EncryptedData;
import weblogic.xml.crypto.encrypt.api.EncryptionMethod;
import weblogic.xml.crypto.encrypt.api.TBEKey;
import weblogic.xml.crypto.encrypt.api.TBEXML;
import weblogic.xml.crypto.encrypt.api.XMLEncryptionException;
import weblogic.xml.crypto.encrypt.api.XMLEncryptionFactory;
import weblogic.xml.crypto.encrypt.api.dom.DOMEncryptContext;
import weblogic.xml.crypto.encrypt.api.dom.DOMTBEXML;
import weblogic.xml.crypto.encrypt.api.keyinfo.EncryptedKey;
import weblogic.xml.crypto.utils.DOMUtils;
import weblogic.xml.crypto.utils.LogUtils;
import weblogic.xml.crypto.wss.api.BinarySecurityToken;
import weblogic.xml.crypto.wss.api.Security;
import weblogic.xml.crypto.wss.api.Timestamp;
import weblogic.xml.crypto.wss.api.WSSecurityFactory;
import weblogic.xml.crypto.wss.provider.CredentialProvider;
import weblogic.xml.crypto.wss.provider.Purpose;
import weblogic.xml.crypto.wss.provider.SecurityToken;
import weblogic.xml.crypto.wss.provider.SecurityTokenHandler;
import weblogic.xml.crypto.wss.provider.SecurityTokenReference;
import weblogic.xml.security.wsse.internal.SigningPreprocessor;

/* loaded from: input_file:weblogic/xml/crypto/wss/SecurityBuilderImpl.class */
public class SecurityBuilderImpl implements SecurityBuilder {
    protected static final String STR_ID_PREFIX = "str";
    protected WSSecurityContext securityCtx;
    protected Map namespaces;
    protected Set idQNames;
    private Timestamp timestamp;
    protected Security security;
    private List msgTokens = new ArrayList();
    private List ctxTokens = new ArrayList();
    private Map refs = new HashMap();
    private WSSecurityFactory sf = WSSecurityFactory.getInstance();

    public SecurityBuilderImpl(WSSecurityContext wSSecurityContext, Element element) {
        this.securityCtx = wSSecurityContext;
        this.namespaces = DOMUtils.getNSMap(element);
        this.idQNames = wSSecurityContext.getIdQNames();
    }

    public SecurityBuilderImpl(WSSecurityContext wSSecurityContext) {
        this.securityCtx = wSSecurityContext;
        this.namespaces = wSSecurityContext.getNamespaces();
        this.idQNames = wSSecurityContext.getIdQNames();
    }

    @Override // weblogic.xml.crypto.wss.SecurityBuilder
    public XMLSignatureFactory getXMLSignatureFactory() {
        return this.securityCtx.getSignatureFactory();
    }

    private KeyInfoFactory getKeyInfoFactory() {
        return getXMLSignatureFactory().getKeyInfoFactory();
    }

    @Override // weblogic.xml.crypto.wss.SecurityBuilder
    public XMLEncryptionFactory getXMLEncryptionFactory() {
        return this.securityCtx.getEncryptionFactory();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getExisitingUri(Element element) {
        return DOMUtils.getExistingId(element, this.idQNames);
    }

    @Override // weblogic.xml.crypto.wss.SecurityBuilder
    public String assignUri(Element element) throws WSSecurityException {
        String generateId;
        if (element.isSameNode(element.getOwnerDocument().getDocumentElement())) {
            return "";
        }
        if ("http://www.w3.org/2000/09/xmldsig#".equals(element.getNamespaceURI()) || "http://www.w3.org/2001/04/xmlenc#".equals(element.getNamespaceURI())) {
            if (element.hasAttributeNS("", "Id")) {
                generateId = element.getAttributeNS("", "Id");
            } else if (element.hasAttributeNS(null, "Id")) {
                generateId = element.getAttributeNS(null, "Id");
            } else {
                generateId = DOMUtils.generateId(element.getLocalName());
                element.setAttributeNS("", "Id", generateId);
            }
            return getUri(generateId);
        }
        String exisitingUri = getExisitingUri(element);
        if (exisitingUri != null && exisitingUri.length() > 0) {
            return getUri(exisitingUri);
        }
        String str = (String) this.namespaces.get("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
        String namespaceURI = WSSConstants.WSU_ID_QNAME.getNamespaceURI();
        String uri = getUri(DOMUtils.assignId(element, WSSConstants.WSU_ID_QNAME, str, this.idQNames));
        DOMUtils.declareNamespace(element, namespaceURI, str);
        return uri;
    }

    @Override // weblogic.xml.crypto.wss.SecurityBuilder
    public Reference createReference(String str, String str2, DigestMethod digestMethod, List list, boolean z, ContextHandler contextHandler) throws WSSecurityException {
        return createReferenceInternal(str, null, str2, digestMethod, list, z, contextHandler);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Reference createReferenceInternal(String str, List list, String str2, DigestMethod digestMethod, List list2, boolean z, ContextHandler contextHandler) throws WSSecurityException {
        String uri;
        SecurityToken securityToken;
        SecurityToken securityToken2 = getSecurityToken(str, str2, Purpose.SIGN, contextHandler);
        if (securityToken2 == null) {
            return null;
        }
        SecurityToken previousToken = getPreviousToken(securityToken2);
        if (previousToken != null) {
            securityToken2 = previousToken;
        }
        String id = securityToken2.getId();
        boolean z2 = str != null && (str.startsWith("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile") || str.startsWith("http://docs.oasis-open.org/wss/2004/01/oasis-2004-01-saml-token-profile"));
        if ((!z && previousToken == null) || id == null || z2) {
            SecurityTokenReference str3 = getSTR(str, list, securityToken2, false);
            String sTRId = getSTRId(str3);
            this.securityCtx.addSTR(sTRId, str3);
            uri = getUri(sTRId);
            list2.add(0, STRTransform.getInstance());
            securityToken = str3;
        } else {
            uri = getUri(id);
            securityToken = securityToken2;
        }
        if (z) {
            try {
                addTokenToMessage(securityToken2, contextHandler);
            } catch (MarshalException e) {
                throw new WSSecurityException("Failed to add target token for Reference.", (Exception) e);
            }
        }
        Reference newReference = getXMLSignatureFactory().newReference(uri, digestMethod, ReferenceUtils.getTransforms(list2), null, null);
        this.refs.put(newReference, securityToken);
        return newReference;
    }

    @Override // weblogic.xml.crypto.wss.SecurityBuilder
    public Reference createSTRReference(SecurityToken securityToken, DigestMethod digestMethod, List list, boolean z) throws WSSecurityException {
        SecurityTokenReference str = getSTR(securityToken.getValueType(), securityToken, z);
        String sTRId = getSTRId(str);
        this.securityCtx.addSTR(sTRId, str);
        String uri = getUri(sTRId);
        if (list == null) {
            list = new ArrayList();
        }
        list.add(0, STRTransform.getInstance());
        return getXMLSignatureFactory().newReference(uri, digestMethod, ReferenceUtils.getTransforms(list), null, null);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getUri(String str) {
        return SigningPreprocessor.FRAGMENT_URI + str;
    }

    private String getSTRId(SecurityTokenReference securityTokenReference) {
        String id = securityTokenReference.getId();
        if (id == null) {
            id = getId(STR_ID_PREFIX);
            securityTokenReference.setId(id);
        }
        return id;
    }

    @Override // weblogic.xml.crypto.wss.SecurityBuilder
    public boolean addTimestamp(short s, ContextHandler contextHandler) throws WSSecurityException, MarshalException {
        if (this.timestamp != null) {
            throw new WSSecurityException("Timestamp already added to SecurityBuilder.");
        }
        WSSecurityFactory wSSecurityFactory = this.sf;
        this.timestamp = WSSecurityFactory.newTimestamp((String) null, true, (int) s);
        add(this.timestamp, contextHandler);
        return true;
    }

    @Override // weblogic.xml.crypto.wss.SecurityBuilder
    public SecurityToken createSecurityToken(String str, String str2, Purpose purpose, ContextHandler contextHandler) throws WSSecurityException, MarshalException {
        SecurityToken securityToken = getSecurityToken(str, str2, purpose, contextHandler);
        SecurityToken previousToken = getPreviousToken(securityToken);
        if (previousToken != null) {
            securityToken = previousToken;
        }
        addToken(false, securityToken, contextHandler);
        return securityToken;
    }

    @Override // weblogic.xml.crypto.wss.SecurityBuilder
    public SecurityToken addSecurityToken(String str, String str2, Purpose purpose, ContextHandler contextHandler) throws WSSecurityException, MarshalException {
        SecurityToken securityToken = getSecurityToken(str, str2, purpose, contextHandler);
        SecurityToken previousToken = getPreviousToken(securityToken);
        if (previousToken != null) {
            securityToken = previousToken;
        }
        addTokenToMessage(securityToken, contextHandler);
        if (Purpose.IDENTITY.equals(purpose)) {
            addIdToken(securityToken);
        }
        return securityToken;
    }

    @Override // weblogic.xml.crypto.wss.SecurityBuilder
    public Node addSignature(SignedInfo signedInfo, String str, String str2, boolean z, ContextHandler contextHandler) throws WSSecurityException, MarshalException {
        return addSignatureInternal(signedInfo, str, null, str2, z, contextHandler);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Node addSignatureInternal(SignedInfo signedInfo, String str, List list, String str2, boolean z, ContextHandler contextHandler) throws WSSecurityException, MarshalException {
        SecurityToken securityToken = getSecurityToken(str, str2, Purpose.SIGN, contextHandler);
        if (securityToken == null) {
            return null;
        }
        SecurityToken previousToken = getPreviousToken(securityToken);
        if (previousToken != null) {
            securityToken = previousToken;
        }
        SecurityTokenReference str3 = getSTR(str, list, securityToken, z);
        if (str3 == null) {
            throw new WSSecurityException("Failed to create reference for token: " + securityToken);
        }
        return addSignatureWithToken(signedInfo, str3, Boolean.valueOf(z), contextHandler);
    }

    @Override // weblogic.xml.crypto.wss.SecurityBuilder
    public Node addSignature(SignedInfo signedInfo, Reference reference, ContextHandler contextHandler) throws WSSecurityException, MarshalException {
        return addSignatureInternal(signedInfo, reference, null, contextHandler);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Node addSignatureInternal(SignedInfo signedInfo, Reference reference, List list, ContextHandler contextHandler) throws WSSecurityException, MarshalException {
        SecurityTokenReference securityTokenReference;
        Object obj = this.refs.get(reference);
        if (obj instanceof SecurityToken) {
            SecurityToken securityToken = (SecurityToken) obj;
            securityTokenReference = getSTR(securityToken.getValueType(), list, securityToken, true);
        } else {
            securityTokenReference = (SecurityTokenReference) obj;
            securityTokenReference.getSecurityToken();
        }
        return addSignatureWithToken(signedInfo, securityTokenReference, false, contextHandler);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Node addSignatureWithToken(SignedInfo signedInfo, SecurityTokenReference securityTokenReference, Boolean bool, ContextHandler contextHandler) throws MarshalException, WSSecurityException {
        SecurityToken securityToken = securityTokenReference.getSecurityToken();
        KeyProvider keyProvider = getKeyProvider(securityToken);
        ArrayList arrayList = new ArrayList();
        arrayList.add(securityTokenReference);
        Node addSignature = addSignature(getXMLSignatureFactory().newXMLSignature(signedInfo, getXMLSignatureFactory().getKeyInfoFactory().newKeyInfo(arrayList)), keyProvider, contextHandler);
        if (bool != null) {
            addToken(bool.booleanValue(), securityToken, contextHandler);
        }
        return addSignature;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void addToken(boolean z, SecurityToken securityToken, ContextHandler contextHandler) throws WSSecurityException, MarshalException {
        if (z) {
            addTokenToMessage(securityToken, contextHandler);
        } else {
            addTokenToContext(securityToken);
        }
    }

    @Override // weblogic.xml.crypto.wss.SecurityBuilder
    public boolean addEncryption(List list, EncryptionMethod encryptionMethod, EncryptionMethod encryptionMethod2, String str, String str2, boolean z, ContextHandler contextHandler) throws WSSecurityException, MarshalException {
        return addEncryptionInternal(list, encryptionMethod, encryptionMethod2, str, null, str2, z, contextHandler);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean addEncryptionInternal(List list, EncryptionMethod encryptionMethod, EncryptionMethod encryptionMethod2, String str, List list2, String str2, boolean z, ContextHandler contextHandler) throws WSSecurityException, MarshalException {
        SecurityTokenReference str3;
        if (list == null || list.size() == 0) {
            throw new WSSecurityException("List of TBE must not be null or empty.");
        }
        boolean z2 = encryptionMethod != null;
        SecurityToken token = getToken(str, str2, contextHandler);
        if (z2) {
            str3 = createKeyIdSTRInternal(str, list2, token, z);
        } else {
            int indexOf = this.msgTokens.indexOf(token);
            if (indexOf > -1) {
                token = (SecurityToken) this.msgTokens.get(indexOf);
            }
            str3 = getSTR(str, list2, token, z);
        }
        if (str3 == null) {
            throw new WSSecurityException("Failed to create reference for token: " + token);
        }
        KeyInfo keyInfo = getKeyInfo(str3);
        KeyProvider keyProvider = getKeyProvider(str, token);
        KeySelector keySelector = this.securityCtx.getKeySelector();
        Key selectKey = selectKey(keySelector, encryptionMethod2);
        if (selectKey == null) {
            selectKey = generateKey(encryptionMethod2);
        }
        List encryptData = encryptData(list, new DOMEncryptContext(selectKey), encryptionMethod2, keyInfo, !z2, contextHandler);
        if (z2) {
            addEncryptedKey(selectKey, getKey(keySelector, keyProvider, encryptionMethod), encryptionMethod, keyInfo, encryptData, z, token, contextHandler);
            return true;
        }
        addReferenceList(encryptData, token, contextHandler, str, z);
        return true;
    }

    private Key selectKey(KeySelector keySelector, EncryptionMethod encryptionMethod) {
        Key key = null;
        try {
            KeySelectorResult select = keySelector.select(null, KeySelector.Purpose.ENCRYPT, encryptionMethod, null);
            if (select != null) {
                key = select.getKey();
            }
        } catch (KeySelectorException e) {
        }
        return key;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Key generateKey(EncryptionMethod encryptionMethod) throws WSSecurityException {
        try {
            return ((EncryptionAlgorithm) encryptionMethod).generateKey();
        } catch (XMLEncryptionException e) {
            throw new WSSecurityException("Failed to generate key for algorithm " + encryptionMethod.getAlgorithm());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public KeyProvider getKeyProvider(String str, SecurityToken securityToken) throws WSSecurityException {
        KeyProvider keyProvider = this.securityCtx.getRequiredTokenHandler(str).getKeyProvider(securityToken, this.securityCtx.getMessageContext());
        if (keyProvider != null) {
            this.securityCtx.addKeyProvider(keyProvider);
        }
        return keyProvider;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public KeyInfo getKeyInfo(SecurityTokenReference securityTokenReference) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(securityTokenReference);
        return getKeyInfoFactory().newKeyInfo(arrayList);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SecurityToken getToken(String str, String str2, ContextHandler contextHandler) throws WSSecurityException {
        SecurityToken token;
        SecurityTokenContextHandler securityTokenContextHandler = getSecurityTokenContextHandler(contextHandler);
        copySubject(securityTokenContextHandler);
        Object credential = getCredential(str, str2, securityTokenContextHandler, Purpose.ENCRYPT);
        if (credential != null) {
            token = this.securityCtx.getRequiredTokenHandler(str).getSecurityToken(str, credential, contextHandler);
        } else {
            token = getToken(str, str2, contextHandler, Purpose.ENCRYPT);
            if (token == null) {
                throw new WSSecurityException("Failed to get token for tokenType: " + str);
            }
        }
        return token;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public List encryptData(List list, DOMEncryptContext dOMEncryptContext, EncryptionMethod encryptionMethod, KeyInfo keyInfo, boolean z, ContextHandler contextHandler) throws MarshalException, WSSecurityException {
        XMLEncryptionFactory xMLEncryptionFactory = getXMLEncryptionFactory();
        ArrayList arrayList = new ArrayList();
        Iterator it = list.iterator();
        while (it.hasNext()) {
            TBEXML tbexml = (TBEXML) it.next();
            String id = getId();
            encrypt(xMLEncryptionFactory.newEncryptedData(tbexml, encryptionMethod, z ? keyInfo : null, null, id, null), dOMEncryptContext, contextHandler);
            arrayList.add(getXMLEncryptionFactory().newDataReference(SigningPreprocessor.FRAGMENT_URI + id, null));
        }
        return arrayList;
    }

    protected EncryptedKey addEncryptedKey(Key key, Key key2, EncryptionMethod encryptionMethod, KeyInfo keyInfo, List list, String str, boolean z, SecurityToken securityToken, ContextHandler contextHandler) throws WSSecurityException, MarshalException {
        EncryptedKey newEncryptedKey = getEncryptionFactory().newEncryptedKey(new TBEKey(key), encryptionMethod, keyInfo, null, list, str, null, null, null);
        addEncryptedKey(newEncryptedKey, new DOMEncryptContext(key2), contextHandler);
        this.msgTokens.add(newEncryptedKey);
        addToken(z, securityToken, contextHandler);
        return newEncryptedKey;
    }

    protected void addEncryptedKey(Key key, Key key2, EncryptionMethod encryptionMethod, KeyInfo keyInfo, List list, boolean z, SecurityToken securityToken, ContextHandler contextHandler) throws WSSecurityException, MarshalException {
        addEncryptedKey(key, key2, encryptionMethod, keyInfo, list, getId(), z, securityToken, contextHandler);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Key getKey(KeySelector keySelector, KeyProvider keyProvider, EncryptionMethod encryptionMethod) throws WSSecurityException {
        try {
            KeySelectorResult key = keyProvider != null ? keyProvider.getKey(encryptionMethod.getAlgorithm(), KeySelector.Purpose.ENCRYPT) : keySelector.select(null, KeySelector.Purpose.ENCRYPT, encryptionMethod, null);
            if (key == null) {
                throw new WSSecurityException("Failed to select key for algorithm " + encryptionMethod.getAlgorithm());
            }
            return key.getKey();
        } catch (KeySelectorException e) {
            throw new WSSecurityException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public XMLEncryptionFactory getEncryptionFactory() {
        return this.securityCtx.getEncryptionFactory();
    }

    private void copySubject(SecurityTokenContextHandler securityTokenContextHandler) {
        MessageContext messageContext = this.securityCtx.getMessageContext();
        if (messageContext != null) {
            securityTokenContextHandler.addContextElement("weblogic.wsee.wss.subject", (AuthenticatedSubject) messageContext.getProperty("weblogic.wsee.wss.subject"));
        }
    }

    private void encrypt(EncryptedData encryptedData, DOMEncryptContext dOMEncryptContext, ContextHandler contextHandler) throws MarshalException, WSSecurityException {
        DOMTBEXML domtbexml = (DOMTBEXML) encryptedData.getTBE();
        try {
            Node node = null;
            Node node2 = null;
            Node node3 = null;
            domtbexml.getNodeList().getLength();
            String type = domtbexml.getType();
            if ("http://www.w3.org/2001/04/xmlenc#Element".equals(type)) {
                node = domtbexml.getNodeList().item(0);
                node2 = node.getNextSibling();
                node3 = node.getParentNode();
            }
            encryptedData.encrypt(dOMEncryptContext);
            if ("http://www.w3.org/2001/04/xmlenc#Element".equals(type)) {
                Node previousSibling = node2 != null ? node2.getPreviousSibling() : node3.getLastChild();
                updateContext(node, previousSibling, contextHandler);
                if (isHeader(previousSibling)) {
                    processEncryptedHeader(node, previousSibling);
                }
            }
        } catch (XMLEncryptionException e) {
            throw new WSSecurityException(e);
        }
    }

    private boolean isHeader(Node node) {
        return DOMUtils.is(node.getParentNode(), "http://schemas.xmlsoap.org/soap/envelope/", "Header") || DOMUtils.is(node.getParentNode(), "http://www.w3.org/2003/05/soap-envelope", "Header");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void processEncryptedHeader(Node node, Node node2) {
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void updateContext(Node node, Node node2, ContextHandler contextHandler) {
        SecurityTokenContextHandler securityTokenContextHandler = (SecurityTokenContextHandler) contextHandler;
        Node node3 = (Node) securityTokenContextHandler.getValue(SecurityTokenContextHandler.FRIST_TOKEN_NODE);
        if (node3 != null && node3.equals(node)) {
            securityTokenContextHandler.addContextElement(SecurityTokenContextHandler.FRIST_TOKEN_NODE, node2);
        }
        Node node4 = (Node) securityTokenContextHandler.getValue(SecurityTokenContextHandler.LAST_TOKEN_NODE);
        if (node4 == null || !node4.equals(node)) {
            return;
        }
        securityTokenContextHandler.addContextElement(SecurityTokenContextHandler.LAST_TOKEN_NODE, node2);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void addReferenceList(List list, SecurityToken securityToken, ContextHandler contextHandler) throws MarshalException, WSSecurityException {
        addReferenceList(list, securityToken, contextHandler, null, true);
    }

    private void addReferenceList(List list, SecurityToken securityToken, ContextHandler contextHandler, String str, boolean z) throws MarshalException, WSSecurityException {
        if (str == null) {
            addTokenToMessage(securityToken, contextHandler);
        } else if (!SCTUtils.isSCTokenTypeURI(str)) {
            addTokenToMessage(securityToken, contextHandler);
        } else if (z) {
            addTokenToMessage(securityToken, contextHandler);
        }
        add(new ReferenceList(list), contextHandler);
    }

    private SecurityToken getSecurityToken(String str, String str2, Purpose purpose, ContextHandler contextHandler) throws WSSecurityException {
        SecurityTokenContextHandler securityTokenContextHandler = getSecurityTokenContextHandler(contextHandler);
        Object credential = getCredential(str, str2, securityTokenContextHandler, purpose);
        if (credential == null) {
            return null;
        }
        return getSecurityToken(str, credential, securityTokenContextHandler);
    }

    private KeyProvider getKeyProvider(SecurityToken securityToken) throws WSSecurityException {
        return this.securityCtx.getRequiredTokenHandler(securityToken.getValueType()).getKeyProvider(securityToken, this.securityCtx.getMessageContext());
    }

    private Object getCredential(String str, String str2, SecurityTokenContextHandler securityTokenContextHandler, Purpose purpose) {
        LogUtils.logWss("Trying to get credential for token type " + str + " and purpose " + purpose + " from credential provider.");
        CredentialProvider credentialProvider = getCredentialProvider(str);
        if (credentialProvider == null) {
            LogUtils.logWss("No credential provider found for token type " + str);
            return null;
        }
        Object credential = credentialProvider.getCredential(str, str2, securityTokenContextHandler, purpose);
        if (credential != null) {
            LogUtils.logWss("Got credential for token type " + str + " and purpose " + purpose + " from credential provider " + credentialProvider);
        } else {
            LogUtils.logWss("No credential for token type " + str + " and purpose " + purpose + " from credential provider " + credentialProvider);
        }
        return credential;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public CredentialProvider getCredentialProvider(String str) {
        return this.securityCtx.getCredentialProvider(str);
    }

    private SecurityToken getSecurityToken(String str, Object obj, SecurityTokenContextHandler securityTokenContextHandler) throws WSSecurityException {
        return this.securityCtx.getRequiredTokenHandler(str).getSecurityToken(str, obj, securityTokenContextHandler);
    }

    private SecurityToken getToken(String str, String str2, ContextHandler contextHandler, Purpose purpose) throws WSSecurityException {
        LogUtils.logWss("Trying to get token for token type " + str + " and purpose " + purpose + " from token handler.");
        SecurityTokenHandler requiredTokenHandler = this.securityCtx.getRequiredTokenHandler(str);
        SecurityToken securityToken = requiredTokenHandler.getSecurityToken(str, str2, purpose, contextHandler);
        if (securityToken != null) {
            LogUtils.logWss("Got token for token type " + str + " and purpose " + purpose + " from token handler" + requiredTokenHandler);
        } else {
            LogUtils.logWss("Did not get token for token type " + str + " and purpose " + purpose + " from token handler" + requiredTokenHandler);
        }
        return securityToken;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SecurityTokenReference createDirectSTR(String str, SecurityToken securityToken) throws WSSecurityException {
        SecurityTokenReference str2 = this.securityCtx.getRequiredTokenHandler(str).getSTR(WSSConstants.REFERENCE_QNAME, str, securityToken);
        if (str2 == null) {
            LogUtils.logWss("Returned STR was null, returning null to caller");
            return null;
        }
        if (str2.getReferenceURI() == null) {
            String id = securityToken.getId();
            if (id == null) {
                id = getId();
                securityToken.setId(id);
            }
            str2.setReferenceURI(SigningPreprocessor.FRAGMENT_URI + id);
        }
        LogUtils.logWss("Token's ID is: " + securityToken.getId());
        LogUtils.logWss("STR's ID is: " + str2.getId());
        LogUtils.logWss("STR's reference URI is: " + str2.getReferenceURI());
        return str2;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SecurityTokenReference getSTR(String str, List list, SecurityToken securityToken, boolean z) throws WSSecurityException {
        return getSTR(str, securityToken, z);
    }

    protected SecurityTokenReference getSTR(String str, SecurityToken securityToken, boolean z) throws WSSecurityException {
        SecurityTokenReference securityTokenReference = null;
        if (z) {
            securityTokenReference = createDirectSTR(str, securityToken);
        }
        if (securityTokenReference == null) {
            securityTokenReference = createKeyIdSTR(str, securityToken);
        }
        if (securityTokenReference != null && securityTokenReference.getId() == null) {
            securityTokenReference.setId(getId(STR_ID_PREFIX));
        }
        return securityTokenReference;
    }

    protected SecurityTokenReference createKeyIdSTRInternal(String str, List list, SecurityToken securityToken, boolean z) throws WSSecurityException {
        return createKeyIdSTR(str, securityToken);
    }

    protected SecurityTokenReference createKeyIdSTR(String str, SecurityToken securityToken) throws WSSecurityException {
        return this.securityCtx.getRequiredTokenHandler(str).getSTR(WSSConstants.KEY_IDENTIFIER_QNAME, str, securityToken);
    }

    private String assignId(SecurityToken securityToken) {
        String id = securityToken.getId();
        if (id == null) {
            id = getId();
            securityToken.setId(id);
        }
        return id;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String getId(String str) {
        return DOMUtils.generateId(str);
    }

    private static String getId() {
        return DOMUtils.generateId();
    }

    private void add(XMLStructure xMLStructure, ContextHandler contextHandler) throws MarshalException, WSSecurityException {
        if (this.security == null) {
            createSecurity(this.securityCtx);
        }
        this.security.add(xMLStructure, (XMLCryptoContext) null, contextHandler);
    }

    private Node addSignature(XMLSignature xMLSignature, KeyProvider keyProvider, ContextHandler contextHandler) throws MarshalException, WSSecurityException {
        if (this.security == null) {
            createSecurity(this.securityCtx);
        }
        return this.security.add(xMLSignature, keyProvider, contextHandler);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void addEncryptedKey(EncryptedKey encryptedKey, DOMEncryptContext dOMEncryptContext, ContextHandler contextHandler) throws MarshalException, WSSecurityException {
        if (this.security == null) {
            createSecurity(this.securityCtx);
        }
        this.security.add(encryptedKey, dOMEncryptContext, contextHandler);
    }

    protected void createSecurity(WSSecurityContext wSSecurityContext) throws MarshalException {
        WSSecurityFactory.getInstance();
        this.security = WSSecurityFactory.newSecurity(wSSecurityContext);
    }

    protected void addTokenToMessage(SecurityToken securityToken, ContextHandler contextHandler) throws WSSecurityException, MarshalException {
        if (securityToken != null) {
            int indexOf = this.msgTokens.indexOf(securityToken);
            if (indexOf >= 0) {
                moveToTop((SecurityToken) this.msgTokens.get(indexOf));
                return;
            }
            this.msgTokens.add(securityToken);
            assignId(securityToken);
            add(securityToken, contextHandler);
            if (securityToken instanceof BinarySecurityToken) {
                moveToTop(securityToken);
            }
        }
    }

    protected void addTokenToContext(SecurityToken securityToken) {
        if (this.ctxTokens.contains(securityToken) || this.msgTokens.contains(securityToken)) {
            return;
        }
        this.securityCtx.addSecurityToken(securityToken);
    }

    private void addIdToken(SecurityToken securityToken) {
        this.securityCtx.addIdToken(securityToken);
    }

    private SecurityToken getPreviousToken(SecurityToken securityToken) {
        int indexOf = this.msgTokens.indexOf(securityToken);
        if (indexOf >= 0) {
            return (SecurityToken) this.msgTokens.get(indexOf);
        }
        return null;
    }

    protected void moveToTop(SecurityToken securityToken) {
        Element securityElement;
        Node node = this.securityCtx.getNode(securityToken);
        if (null == node || null == (securityElement = this.securityCtx.getSecurityElement())) {
            return;
        }
        Node firstChild = securityElement.getFirstChild();
        if (firstChild.equals(node)) {
            return;
        }
        securityElement.removeChild(node);
        securityElement.insertBefore(node, firstChild);
    }

    private static SecurityTokenContextHandler getSecurityTokenContextHandler(ContextHandler contextHandler) throws WSSecurityException {
        if (contextHandler instanceof SecurityTokenContextHandler) {
            return (SecurityTokenContextHandler) contextHandler;
        }
        throw new WSSecurityException(contextHandler + " is not a SecurityTokenContextHandler");
    }
}
