package weblogic.wsee.security.wssp.deploy;

import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.xml.namespace.QName;
import javax.xml.rpc.handler.HandlerInfo;
import weblogic.wsee.WebServiceType;
import weblogic.wsee.handler.HandlerException;
import weblogic.wsee.handler.HandlerList;
import weblogic.wsee.handler.HandlerNames;
import weblogic.wsee.policy.deployment.WsdlPolicySubject;
import weblogic.wsee.policy.framework.NormalizedExpression;
import weblogic.wsee.policy.framework.PolicyException;
import weblogic.wsee.policy.runtime.PolicyContext;
import weblogic.wsee.policy.runtime.PolicyServer;
import weblogic.wsee.security.configuration.WssConfigurationException;
import weblogic.wsee.security.policy.SecurityPolicyAssertionHelper;
import weblogic.wsee.security.policy.assertions.SecurityPolicyAssertionFactory;
import weblogic.wsee.security.policy12.assertions.TransportBinding;
import weblogic.wsee.security.wssp.SecurityPolicyAssertionInfoFactory;
import weblogic.wsee.ws.WsMethod;
import weblogic.wsee.ws.WsPort;
import weblogic.wsee.ws.WsService;
import weblogic.wsee.ws.init.WsDeploymentContext;
import weblogic.wsee.ws.init.WsDeploymentException;
import weblogic.wsee.ws.init.WsDeploymentListener;
import weblogic.wsee.wsdl.WsdlBindingOperation;
import weblogic.wsee.wsdl.WsdlOperation;
import weblogic.wsee.wsdl.WsdlPort;

/* loaded from: input_file:weblogic/wsee/security/wssp/deploy/WssDeploymentListener.class */
public abstract class WssDeploymentListener implements WsDeploymentListener {
    @Override // weblogic.wsee.ws.init.WsDeploymentListener
    public void process(WsDeploymentContext wsDeploymentContext) throws WsDeploymentException {
        WsService wsService = wsDeploymentContext.getWsService();
        PolicyServer policyServer = wsService.getPolicyServer();
        Iterator<WsPort> ports = wsService.getPorts();
        while (ports.hasNext()) {
            WsPort next = ports.next();
            HandlerList internalHandlerList = next.getInternalHandlerList();
            if (policyServer != null) {
                try {
                    if (wsDeploymentContext.getType() == WebServiceType.JAXWS && SecurityPolicyAssertionFactory.hasSecurityPolicy(next, policyServer)) {
                        throw new WsDeploymentException("The WebLogic Server 9.x-style policy is not supported in JAX-WS web services.");
                    }
                } catch (HandlerException e) {
                    throw new WsDeploymentException(e);
                } catch (PolicyException e2) {
                    throw new WsDeploymentException(e2);
                } catch (WssConfigurationException e3) {
                    throw new WsDeploymentException(e3);
                }
            }
            if (isWsspEnabled(next, policyServer)) {
                checkLogicalError(next, policyServer);
                insertHandlers(internalHandlerList);
                wsService.initWssConfiguration();
                if (isWSTEnabled(next, policyServer)) {
                    insertWstHandlers(internalHandlerList, next, policyServer, wsDeploymentContext);
                    insertForwardingHandler(internalHandlerList, wsDeploymentContext);
                }
            } else {
                removeHandlers(internalHandlerList);
            }
        }
    }

    private static boolean isWsspEnabled(WsPort wsPort, PolicyServer policyServer) throws PolicyException {
        if (policyServer == null) {
            return false;
        }
        Iterator methods = wsPort.getEndpoint().getMethods();
        while (methods.hasNext()) {
            WsMethod wsMethod = (WsMethod) methods.next();
            if (SecurityPolicyAssertionInfoFactory.hasSecurityPolicy(PolicyContext.getRequestEffectivePolicy(wsPort, wsMethod, policyServer, policyServer.getCachedPolicies())) || SecurityPolicyAssertionInfoFactory.hasSecurityPolicy(PolicyContext.getResponseEffectivePolicy(wsPort, wsMethod, policyServer, policyServer.getCachedPolicies()))) {
                return true;
            }
        }
        return false;
    }

    private static void checkLogicalError(WsPort wsPort, PolicyServer policyServer) throws PolicyException {
        if (policyServer != null) {
            boolean z = false;
            boolean isHttpsEndpoint = isHttpsEndpoint(wsPort, policyServer);
            Iterator methods = wsPort.getEndpoint().getMethods();
            while (true) {
                if (!methods.hasNext()) {
                    break;
                }
                WsMethod wsMethod = (WsMethod) methods.next();
                if (!isHttpsEndpoint) {
                    validateTransportBindingPolicy(wsPort, wsMethod.getOperationName(), policyServer);
                }
                NormalizedExpression requestEffectivePolicy = PolicyContext.getRequestEffectivePolicy(wsPort, wsMethod, policyServer, policyServer.getCachedPolicies());
                if (SecurityPolicyAssertionFactory.hasSecurityPolicy(requestEffectivePolicy)) {
                    z = true;
                    break;
                } else if (SecurityPolicyAssertionInfoFactory.hasSecurityPolicy(requestEffectivePolicy)) {
                    SecurityPolicyAssertionHelper.checkLogicalError(requestEffectivePolicy);
                } else {
                    SecurityPolicyAssertionHelper.checkLogicalError(PolicyContext.getResponseEffectivePolicy(wsPort, wsMethod, policyServer, policyServer.getCachedPolicies()));
                }
            }
            if (z) {
                throw new PolicyException("The WebLogic Server 9.x-style policy and Wssp policy is not allowed to mix and match.");
            }
        }
    }

    private static boolean isWSTEnabled(WsPort wsPort, PolicyServer policyServer) throws PolicyException {
        Iterator methods = wsPort.getEndpoint().getMethods();
        while (methods.hasNext()) {
            WsMethod wsMethod = (WsMethod) methods.next();
            if (SecurityPolicyAssertionInfoFactory.hasWsTrustPolicy(PolicyContext.getRequestEffectivePolicy(wsPort, wsMethod, policyServer, policyServer.getCachedPolicies())) || SecurityPolicyAssertionInfoFactory.hasWsTrustPolicy(PolicyContext.getResponseEffectivePolicy(wsPort, wsMethod, policyServer, policyServer.getCachedPolicies()))) {
                return true;
            }
        }
        return false;
    }

    private static boolean isHttpsEndpoint(WsPort wsPort, PolicyServer policyServer) throws PolicyException {
        return WsdlPolicySubject.getEndpointPolicySubject(policyServer, wsPort.getWsdlPort(), policyServer.getCachedPolicies()).containsPolicyAssertion(TransportBinding.class);
    }

    private static void validateTransportBindingPolicy(WsPort wsPort, QName qName, PolicyServer policyServer) throws PolicyException {
        WsdlPort wsdlPort = wsPort.getWsdlPort();
        WsdlOperation wsdlOperation = wsdlPort.getPortType().getOperations().get(qName);
        WsdlBindingOperation wsdlBindingOperation = wsdlPort.getBinding().getOperations().get(qName);
        Map cachedPolicies = policyServer.getCachedPolicies();
        if (WsdlPolicySubject.getOperationPolicySubject(policyServer, wsdlOperation, wsdlBindingOperation, cachedPolicies).containsPolicyAssertion(TransportBinding.class)) {
            throw new PolicyException("Bad usage of Https Policy (TransportBinding assertion): It need be applied at Endpoint (Class) level  or at least another Https policy defined at the Endpoint level!\n NOTE: for JAX-RPC, any Https policy defined at the Endpoint level can NOT have the \"direction\" attribute definition!");
        }
        if (WsdlPolicySubject.getMessagePolicySubject(policyServer, wsdlOperation.getInput(), wsdlBindingOperation.getInput(), null, cachedPolicies).containsPolicyAssertion(TransportBinding.class)) {
            throw new PolicyException("Bad usage of Https Policy (TransportBinding assertion): It need be applied at Endpoint (Class) level  or at least another Https policy defined at the Endpoint level!\n NOTE: for JAX-RPC, any Https policy defined at the Endpoint level can NOT have the \"direction\" attribute definition!");
        }
        if (WsdlPolicySubject.getMessagePolicySubject(policyServer, wsdlOperation.getOutput(), wsdlBindingOperation.getOutput(), null, cachedPolicies).containsPolicyAssertion(TransportBinding.class)) {
            throw new PolicyException("Bad usage of Https Policy (TransportBinding assertion): It need be applied at Endpoint (Class) level  or at least another Https policy defined at the Endpoint level!\n NOTE: for JAX-RPC, any Https policy defined at the Endpoint level can NOT have the \"direction\" attribute definition!");
        }
    }

    private void insertHandlers(HandlerList handlerList) throws HandlerException {
        if (handlerList.contains(HandlerNames.SECURITY_HANDLER11)) {
            return;
        }
        handlerList.lenientInsert(HandlerNames.SECURITY_HANDLER11, getWssHandlerInfo(), getFollowingWssHandlers(), getPrecedingWssHandlers());
        handlerList.lenientInsert(HandlerNames.PRE_SECURITY_POLICY_HANDLER11, getPreWssPolicyHandlerInfo(), getFollowingPreWssPolicyHandlers(), getPrecedingPreWssPolicyHandlers());
        handlerList.insert(HandlerNames.POST_SECURITY_POLICY_HANDLER11, getPostWssPolicyHandlerInfo(), getFollowingPostWssPolicyHandlers(handlerList), getPrecedingPostWssPolicyHandlers());
        handlerList.lenientInsert(HandlerNames.NORMAL_XOP_HANDLER, getXopHandlerInfo(), getFollowingXopHandlers(), getPrecedingXopHandlers());
    }

    private void removeHandlers(HandlerList handlerList) {
        handlerList.remove(HandlerNames.SECURITY_HANDLER11);
        handlerList.remove(HandlerNames.PRE_SECURITY_POLICY_HANDLER11);
        handlerList.remove(HandlerNames.POST_SECURITY_POLICY_HANDLER11);
        handlerList.remove(HandlerNames.NORMAL_XOP_HANDLER);
    }

    abstract HandlerInfo getWssHandlerInfo();

    abstract HandlerInfo getPreWssPolicyHandlerInfo();

    abstract HandlerInfo getPostWssPolicyHandlerInfo();

    abstract List getPrecedingWssHandlers();

    abstract List getFollowingWssHandlers();

    abstract List getPrecedingPreWssPolicyHandlers();

    abstract List getFollowingPreWssPolicyHandlers();

    abstract List getPrecedingPostWssPolicyHandlers();

    abstract List getFollowingPostWssPolicyHandlers(HandlerList handlerList);

    abstract void insertWstHandlers(HandlerList handlerList, WsPort wsPort, PolicyServer policyServer, WsDeploymentContext wsDeploymentContext) throws HandlerException, PolicyException;

    abstract void insertForwardingHandler(HandlerList handlerList, WsDeploymentContext wsDeploymentContext) throws HandlerException;

    abstract HandlerInfo getXopHandlerInfo();

    abstract List getPrecedingXopHandlers();

    abstract List getFollowingXopHandlers();
}
