package weblogic.wsee.security.saml;

import java.io.StringBufferInputStream;
import weblogic.kernel.KernelStatus;
import weblogic.wsee.message.WlMessageContext;
import weblogic.wsee.message.soap.SoapMessageContext;
import weblogic.wsee.policy.framework.NormalizedExpression;
import weblogic.wsee.policy.framework.PolicyException;
import weblogic.wsee.policy.runtime.PolicyContext;
import weblogic.wsee.policy.runtime.PolicyFinder;
import weblogic.wsee.policy.runtime.PolicyServer;
import weblogic.wsee.security.policy.WssPolicyContext;
import weblogic.wsee.security.wst.faults.WSTFaultException;
import weblogic.wsee.security.wst.faults.WSTFaultUtil;
import weblogic.wsee.security.wst.framework.TrustSoapClient;
import weblogic.wsee.security.wst.framework.WSTConstants;
import weblogic.wsee.security.wst.framework.WSTContext;

/* loaded from: input_file:weblogic/wsee/security/saml/SAMLSTSHelper.class */
public class SAMLSTSHelper {
    public static final SAMLToken performHandshake(SoapMessageContext soapMessageContext) {
        NormalizedExpression normalizedExpression = (NormalizedExpression) soapMessageContext.getProperty(PolicyContext.EFFECTIVE_REQ_POLICY);
        NormalizedExpression normalizedExpression2 = (NormalizedExpression) soapMessageContext.getProperty(PolicyContext.EFFECTIVE_RES_POLICY);
        try {
            try {
                if (soapMessageContext.getProperty(WssPolicyContext.WSS_POLICY_CTX_PROP) == null) {
                    soapMessageContext.setProperty(WssPolicyContext.WSS_POLICY_CTX_PROP, new WssPolicyContext(KernelStatus.isServer()));
                }
                WSTContext wSTContext = WSTContext.getWSTContext(soapMessageContext);
                wSTContext.setTokenType("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID");
                wSTContext.initEndpoints(soapMessageContext);
                wSTContext.setTrustVersion("http://schemas.xmlsoap.org/ws/2005/02/trust");
                wSTContext.setAction(getAction("http://schemas.xmlsoap.org/ws/2005/02/trust"));
                wSTContext.setWssp(false);
                wSTContext.setBootstrapPolicy(getTrustBootStrapPolicy(false));
                TrustSoapClient trustSoapClient = new TrustSoapClient(wSTContext);
                soapMessageContext.setProperty(WlMessageContext.SAML_CREDENTIAL, SAMLTrustCredentialProvider.createCredential(trustSoapClient, wSTContext, new SAMLTokenHandler(), "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID"));
                SAMLToken sAMLToken = (SAMLToken) trustSoapClient.generateTrustToken(soapMessageContext, PolicyFinder.readPolicyFromStream(null, "SAMLPolicy.xml", new StringBufferInputStream("<?xml version=\"1.0\"?>\n\n<wsp:Policy\n  xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\"\n  xmlns:wssp=\"http://www.bea.com/wls90/security/policy\"\n  xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\"\n  xmlns:wls=\"http://www.bea.com/wls90/security/policy/wsee#part\"\n  >\n\n  <wssp:Identity>\n    <wssp:SupportedTokens>\n <wssp:SecurityToken  TokenType=\"http://docs.oasis-open.org/wss/2004/01/oasis-2004-01-saml-token-profile-1.0#SAMLAssertionID\">\n        <wssp:Claims>\n          <wssp:ConfirmationMethod>sender-vouches</wssp:ConfirmationMethod>\n        </wssp:Claims>\n      </wssp:SecurityToken>    </wssp:SupportedTokens>\n  </wssp:Identity>\n</wsp:Policy>"), true).normalize(), "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID");
                if (normalizedExpression != null) {
                    soapMessageContext.setProperty(PolicyContext.EFFECTIVE_REQ_POLICY, normalizedExpression);
                }
                if (normalizedExpression2 != null) {
                    soapMessageContext.setProperty(PolicyContext.EFFECTIVE_RES_POLICY, normalizedExpression2);
                }
                return sAMLToken;
            } catch (PolicyException e) {
                WSTFaultUtil.raiseFault(new WSTFaultException(e.getMessage()));
                if (normalizedExpression != null) {
                    soapMessageContext.setProperty(PolicyContext.EFFECTIVE_REQ_POLICY, normalizedExpression);
                }
                if (normalizedExpression2 == null) {
                    return null;
                }
                soapMessageContext.setProperty(PolicyContext.EFFECTIVE_RES_POLICY, normalizedExpression2);
                return null;
            } catch (WSTFaultException e2) {
                e2.printStackTrace();
                WSTFaultUtil.raiseFault(e2);
                if (normalizedExpression != null) {
                    soapMessageContext.setProperty(PolicyContext.EFFECTIVE_REQ_POLICY, normalizedExpression);
                }
                if (normalizedExpression2 == null) {
                    return null;
                }
                soapMessageContext.setProperty(PolicyContext.EFFECTIVE_RES_POLICY, normalizedExpression2);
                return null;
            }
        } catch (Throwable th) {
            if (normalizedExpression != null) {
                soapMessageContext.setProperty(PolicyContext.EFFECTIVE_REQ_POLICY, normalizedExpression);
            }
            if (normalizedExpression2 != null) {
                soapMessageContext.setProperty(PolicyContext.EFFECTIVE_RES_POLICY, normalizedExpression2);
            }
            throw th;
        }
    }

    public static String getAction(String str) {
        return str + WSTConstants.ACTION_RST + WSTConstants.REQUEST_TYPE_ISSUE;
    }

    private static String getRequestType(String str) {
        return str + WSTConstants.REQUEST_TYPE_ISSUE;
    }

    public static NormalizedExpression getTrustBootStrapPolicy(boolean z) {
        NormalizedExpression createUnitializedExpression = NormalizedExpression.createUnitializedExpression();
        if (!z) {
            try {
                createUnitializedExpression = new PolicyServer().getPolicy("SecurityTokenService.xml").normalize();
            } catch (PolicyException e) {
            }
        }
        return createUnitializedExpression;
    }
}
