package weblogic.wsee.security.wst.helpers;

import java.util.Calendar;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.xml.rpc.handler.MessageContext;
import javax.xml.rpc.soap.SOAPFaultException;
import weblogic.wsee.security.configuration.TimestampConfiguration;
import weblogic.wsee.security.policy.WssPolicyContext;
import weblogic.wsee.security.wst.binding.RequestSecurityToken;
import weblogic.wsee.security.wst.binding.TokenType;
import weblogic.wsee.security.wst.faults.RequestFailedException;
import weblogic.wsee.security.wst.framework.TrustToken;
import weblogic.wsee.security.wst.framework.TrustTokenProvider;
import weblogic.wsee.security.wst.framework.TrustTokenProviderRegistry;
import weblogic.wsee.security.wst.framework.WSTContext;
import weblogic.xml.crypto.wss.SecurityTokenHelper;
import weblogic.xml.crypto.wss.WSSecurityContext;
import weblogic.xml.crypto.wss.api.KeyIdentifier;
import weblogic.xml.crypto.wss.provider.SecurityToken;
import weblogic.xml.crypto.wss.provider.SecurityTokenReference;
import weblogic.xml.security.wsse.internal.SigningPreprocessor;

/* loaded from: input_file:weblogic/wsee/security/wst/helpers/TrustTokenHelper.class */
public class TrustTokenHelper {
    private static final Logger LOGGER = Logger.getLogger(TrustTokenHelper.class.getName());

    public static boolean isExpired(MessageContext messageContext, Calendar calendar, Calendar calendar2) {
        WssPolicyContext wssPolicyContext = (WssPolicyContext) messageContext.getProperty(WssPolicyContext.WSS_POLICY_CTX_PROP);
        try {
            (wssPolicyContext != null ? wssPolicyContext.getWssConfiguration().getTimestampConfig() : new TimestampConfiguration()).checkExpiration(calendar, calendar2);
            return false;
        } catch (SOAPFaultException e) {
            return true;
        }
    }

    public static TrustTokenProvider resolveTrustProvider(String str) throws RequestFailedException {
        TrustTokenProvider trustTokenProvider = TrustTokenProviderRegistry.getInstance().getTrustTokenProvider(str);
        if (trustTokenProvider == null) {
            throw new RequestFailedException("Trust is unable to handle token type: " + str);
        }
        if (LOGGER.isLoggable(Level.FINE)) {
            LOGGER.log(Level.FINE, " for tokenType='" + str + "', returning TTP='" + trustTokenProvider.getClass().getName() + "'");
        }
        return trustTokenProvider;
    }

    public static TrustTokenProvider resolveTrustProvider(RequestSecurityToken requestSecurityToken, SecurityTokenReference securityTokenReference) throws RequestFailedException {
        String valueType;
        TokenType tokenType = requestSecurityToken.getTokenType();
        if (tokenType != null) {
            if (LOGGER.isLoggable(Level.FINE)) {
                LOGGER.log(Level.FINE, " resolveTrustProvider tokenType from RST= '" + tokenType + "'");
            }
            valueType = tokenType.getTokenType();
        } else {
            valueType = securityTokenReference.getValueType();
            if (LOGGER.isLoggable(Level.FINE)) {
                LOGGER.log(Level.FINE, " resolveTrustProvider tokenType from STR= '" + tokenType + "'");
            }
        }
        return resolveTrustProvider(valueType);
    }

    public static TrustToken getTrustCredentialFromSecurityContext(WSTContext wSTContext, SecurityTokenReference securityTokenReference) {
        WSSecurityContext securityContext;
        MessageContext messageContext = wSTContext.getMessageContext();
        if (messageContext == null || (securityContext = WSSecurityContext.getSecurityContext(messageContext)) == null) {
            return null;
        }
        String referenceURI = securityTokenReference.getReferenceURI();
        if (referenceURI == null) {
            KeyIdentifier keyIdentifier = securityTokenReference.getKeyIdentifier();
            if (keyIdentifier != null) {
                referenceURI = new String(keyIdentifier.getIdentifier());
            }
        } else if (referenceURI.startsWith(SigningPreprocessor.FRAGMENT_URI)) {
            referenceURI = referenceURI.substring(1);
        }
        if (referenceURI == null) {
            return null;
        }
        SecurityToken findSecurityTokenByIdInContext = SecurityTokenHelper.findSecurityTokenByIdInContext(securityContext, securityTokenReference.getValueType(), referenceURI);
        if (findSecurityTokenByIdInContext instanceof TrustToken) {
            return (TrustToken) findSecurityTokenByIdInContext;
        }
        return null;
    }

    public static boolean isWsscTokenType(String str) {
        if (null == str) {
            return false;
        }
        return str.endsWith("/sct");
    }
}
