package weblogic.wsee.security.policy;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.xml.namespace.QName;
import javax.xml.rpc.handler.soap.SOAPMessageContext;
import javax.xml.soap.SOAPBody;
import javax.xml.soap.SOAPException;
import javax.xml.soap.SOAPHeaderElement;
import javax.xml.soap.SOAPMessage;
import javax.xml.xpath.XPathConstants;
import javax.xml.xpath.XPathExpressionException;
import javax.xml.xpath.XPathFactory;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import weblogic.wsee.addressing.SetCookieHeader;
import weblogic.wsee.addressing.TimestampHeader;
import weblogic.wsee.policy.framework.DOMUtils;
import weblogic.wsee.policy.framework.PolicyConstants;
import weblogic.wsee.policy.framework.PolicyException;
import weblogic.wsee.reliability.headers.AckRequestedHeader;
import weblogic.wsee.reliability.headers.AcknowledgementHeader;
import weblogic.wsee.reliability.headers.SequenceHeader;
import weblogic.wsee.reliability.headers.WsrmHeader;
import weblogic.wsee.security.policy.assertions.xbeans.MessagePartsType;
import weblogic.wsee.security.policy12.assertions.XPath;
import weblogic.wsee.security.wss.plan.fact.MessagePartsTypeFactory;
import weblogic.wsee.wsa.wsaddressing.WSAddressingConstants;
import weblogic.xml.crypto.wss.WSSecurityContext;
import weblogic.xml.dom.Util;
import weblogic.xml.stax.util.NamespaceContextImpl;
import weblogic.xml.xpath.DOMXPath;
import weblogic.xml.xpath.XPathException;

/* loaded from: input_file:weblogic/wsee/security/policy/MessagePartsEvaluator.class */
public class MessagePartsEvaluator {
    public static final String XPATH_DIALECT = "http://www.w3.org/TR/1999/REC-xpath-19991116";
    public static final String WLS_EXTENSION_DIALECT = "http://www.bea.com/wls90/security/policy/wsee#part";
    public static final Set WLS_SYSTEM_SOAP_HEADERS;
    private static final Logger LOGGER;
    private MessagePartsType mparts;
    private SOAPMessage msg;
    private List nodeList;
    private boolean haveEvaluatedExpr = false;
    private Map<String, String> namespaceMap;
    private SOAPMessageContext mctx;
    public static final String WSEE_PART_DIALECT = "http://schemas.xmlsoap.org/2002/12/wsse#part";
    public static final List<String> ALL_DIALECTS = Collections.unmodifiableList(Arrays.asList("http://www.w3.org/TR/1999/REC-xpath-19991116", WSEE_PART_DIALECT, "http://www.bea.com/wls90/security/policy/wsee#part"));
    public static final QName WSEE_PART_BODY = new QName(PolicyConstants.POLICY_NAMESPACE_URI, "Body");
    public static final QName WSEE_PART_HEADER = new QName(PolicyConstants.POLICY_NAMESPACE_URI, "Header");
    public static final QName WLS_PART_SYSTEM_HEADERS = new QName("http://www.bea.com/wls90/security/policy/wsee#part", "SystemHeaders");
    public static final QName WLS_PART_SECURITY_HEADER = new QName("http://www.bea.com/wls90/security/policy/wsee#part", "SecurityHeader");
    public static final QName XPATH_GET_BODY = new QName(PolicyConstants.POLICY_NAMESPACE_URI, "GetBody");
    public static final QName XPATH_GET_HEADER = new QName(PolicyConstants.POLICY_NAMESPACE_URI, "GetHeader");

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:weblogic/wsee/security/policy/MessagePartsEvaluator$PartsFunction.class */
    public static class PartsFunction {
        private QName funcQName;
        private String funcArgs;
        private String funcExpr;
        private QName funcArgsAsQName;

        public PartsFunction(String str, MessagePartsType messagePartsType, Map map) throws PolicyException {
            this.funcArgsAsQName = null;
            Element element = (Element) messagePartsType.newDomNode().getFirstChild();
            String trim = str.trim();
            int indexOf = trim.indexOf(40);
            if (indexOf <= 0) {
                throw new PolicyException("Malformed WSEE Parts expression: '" + str + "'");
            }
            this.funcQName = DOMUtils.getQNameOf(trim.substring(0, indexOf), element, map);
            int indexOf2 = trim.indexOf(41, indexOf);
            if (indexOf2 < 0) {
                throw new PolicyException("Malformed WSEE Parts expression: '" + str + "'");
            }
            this.funcArgs = trim.substring(indexOf + 1, indexOf2);
            if (indexOf2 != trim.length() - 1) {
                this.funcArgs += trim.substring(indexOf2 + 1);
            }
            this.funcExpr = str;
            this.funcArgsAsQName = DOMUtils.getQNameOf(this.funcArgs, element, map);
        }

        public QName getFuncQName() {
            return this.funcQName;
        }

        public String getFuncArgs() {
            return this.funcArgs;
        }

        public QName getFuncArgsAsQName() {
            return this.funcArgsAsQName;
        }

        public String toString() {
            return this.funcExpr;
        }
    }

    public MessagePartsEvaluator(MessagePartsType messagePartsType, SOAPMessageContext sOAPMessageContext, Map map) {
        this.mparts = messagePartsType;
        this.namespaceMap = new HashMap(map);
        this.namespaceMap.putAll(DOMUtils.getNamespaceMapping(messagePartsType.newDomNode().getFirstChild()));
        this.mctx = sOAPMessageContext;
        this.msg = sOAPMessageContext.getMessage();
    }

    public MessagePartsEvaluator(XPath xPath, SOAPMessageContext sOAPMessageContext, Map map) {
        this.mparts = MessagePartsTypeFactory.newInstance(xPath.getXPathVersion(), xPath.getXPathExpr());
        Map<String, String> xPathNamespaces = xPath.getXPathNamespaces();
        if (xPathNamespaces.size() > 0) {
            if (LOGGER.isLoggable(Level.FINE)) {
                LOGGER.log(Level.FINE, "Using XPath namespaces (size=" + xPathNamespaces.size() + ") to resolve XPath expression: " + xPath.getXPathExpr());
            }
            this.namespaceMap = resolveNamespaceVersions(xPathNamespaces, map, xPath.getXPathExpr());
        } else {
            if (LOGGER.isLoggable(Level.FINE)) {
                LOGGER.log(Level.FINE, "Using SOAP message namespaces (size=" + map.size() + ") to resolve XPath expression: " + xPath.getXPathExpr());
            }
            this.namespaceMap = map;
        }
        this.mctx = sOAPMessageContext;
        this.msg = sOAPMessageContext.getMessage();
    }

    private Map<String, String> resolveNamespaceVersions(Map<String, String> map, Map<String, String> map2, String str) {
        HashMap hashMap = new HashMap();
        for (Map.Entry<String, String> entry : map.entrySet()) {
            if (entry.getValue().equals("http://schemas.xmlsoap.org/soap/envelope/") && !map2.containsValue("http://schemas.xmlsoap.org/soap/envelope/") && map2.containsValue("http://www.w3.org/2003/05/soap-envelope")) {
                if (LOGGER.isLoggable(Level.FINE)) {
                    LOGGER.log(Level.FINE, "Adjusting XPath expression (" + str + ") to use SOAP 1.2 namespace (instead of SOAP 1.1), since the message is SOAP 1.2");
                }
                hashMap.put(entry.getKey(), "http://www.w3.org/2003/05/soap-envelope");
            } else if (entry.getValue().equals("http://www.w3.org/2003/05/soap-envelope") && !map2.containsValue("http://www.w3.org/2003/05/soap-envelope") && map2.containsValue("http://schemas.xmlsoap.org/soap/envelope/")) {
                if (LOGGER.isLoggable(Level.FINE)) {
                    LOGGER.log(Level.FINE, "Adjusting XPath expression (" + str + ") to use SOAP 1.1 namespace (instead of SOAP 1.2), since the message is SOAP 1.1");
                }
                hashMap.put(entry.getKey(), "http://schemas.xmlsoap.org/soap/envelope/");
            } else if (entry.getValue().equals("http://schemas.xmlsoap.org/ws/2004/08/addressing") && !map2.containsValue("http://schemas.xmlsoap.org/ws/2004/08/addressing") && map2.containsValue(WSAddressingConstants.WSA_10_NS)) {
                if (LOGGER.isLoggable(Level.FINE)) {
                    LOGGER.log(Level.FINE, "Adjusting XPath expression (" + str + ") to use WS-Addressing 1.0 namespace (instead of WS-A 2004/08), since the SOAP message uses WS-A 1.0");
                }
                hashMap.put(entry.getKey(), WSAddressingConstants.WSA_10_NS);
            } else if (entry.getValue().equals(WSAddressingConstants.WSA_10_NS) && !map2.containsValue(WSAddressingConstants.WSA_10_NS) && map2.containsValue("http://schemas.xmlsoap.org/ws/2004/08/addressing")) {
                if (LOGGER.isLoggable(Level.FINE)) {
                    LOGGER.log(Level.FINE, "Adjusting XPath expression (" + str + ") to use WS-Addressing 2004/08 namespace (instead of WS-A 1.0), since the SOAP message uses WS-A 2004/08");
                }
                hashMap.put(entry.getKey(), "http://schemas.xmlsoap.org/ws/2004/08/addressing");
            } else {
                hashMap.put(entry.getKey(), entry.getValue());
            }
        }
        return hashMap;
    }

    public List getNodes() throws PolicyException {
        if (!this.haveEvaluatedExpr) {
            evalMessagePartsExpr();
        }
        return this.nodeList;
    }

    public List getNodesContent() throws PolicyException {
        if (!this.haveEvaluatedExpr) {
            evalMessagePartsExpr();
        }
        if (this.nodeList == null) {
            return null;
        }
        List computeContent = DOMUtils.computeContent(this.nodeList);
        if (computeContent.size() == 0) {
            throw new PolicyException("No content nodes found, set encryptContentOnly='false' to encrypt the whole node in your policy file");
        }
        return computeContent;
    }

    private void evalMessagePartsExpr() throws PolicyException {
        String dialect = this.mparts.getDialect();
        if (dialect == null || dialect.equals("")) {
            dialect = "http://www.w3.org/TR/1999/REC-xpath-19991116";
        }
        String textContent = DOMUtils.getTextContent((Element) this.mparts.newDomNode().getFirstChild(), true);
        if ("http://www.w3.org/TR/1999/REC-xpath-19991116".equals(dialect)) {
            if (textContent == null || textContent.length() == 0) {
                throw new PolicyException("Missing XPath expression in MessageParts element");
            }
            this.nodeList = evalXPath(textContent);
            if (this.nodeList != null) {
                Iterator it = this.nodeList.iterator();
                while (it.hasNext()) {
                    if (((Node) it.next()).getNodeType() != 1) {
                        throw new PolicyException("MessagePart expression '" + textContent + " must evaluate only to Element nodes");
                    }
                }
            }
        } else if (WSEE_PART_DIALECT.equals(dialect)) {
            if (textContent == null || textContent.length() == 0) {
                throw new PolicyException("Missing WSEE Parts expression in MessageParts element");
            }
            this.nodeList = evalWssePartExpr(textContent);
        } else {
            if (!"http://www.bea.com/wls90/security/policy/wsee#part".equals(dialect)) {
                throw new PolicyException("Unknown dialect in MessageParts: " + dialect);
            }
            if (textContent == null || textContent.length() == 0) {
                throw new PolicyException("Missing WLS Parts expression in MessageParts element");
            }
            this.nodeList = evalWLSPartExpr(textContent);
        }
        this.haveEvaluatedExpr = true;
    }

    private List evalXPath(String str) throws PolicyException {
        if (!str.startsWith("wsp:")) {
            try {
                return getNodeListFromXPath(this.msg.getSOAPPart().getEnvelope(), str, this.namespaceMap);
            } catch (SOAPException e) {
                throw new PolicyException("Could not access SOAP Envelope", e);
            }
        }
        PartsFunction partsFunction = new PartsFunction(str, this.mparts, this.namespaceMap);
        if (XPATH_GET_BODY.equals(partsFunction.getFuncQName())) {
            try {
                return getNodeListFromXPath(this.msg.getSOAPPart().getEnvelope().getBody(), partsFunction.getFuncArgs(), this.namespaceMap);
            } catch (SOAPException e2) {
                throw new PolicyException("Could not access SOAP Body", e2);
            }
        }
        if (!XPATH_GET_HEADER.equals(partsFunction.getFuncQName())) {
            throw new PolicyException("Could not handle xpath: " + str);
        }
        try {
            String funcArgs = partsFunction.getFuncArgs();
            int indexOf = funcArgs.indexOf("wsse:Security");
            if (indexOf <= -1) {
                return getNodeListFromXPath(this.msg.getSOAPPart().getEnvelope().getHeader(), funcArgs, this.namespaceMap);
            }
            return getNodeListFromXPath(getSecurityHeaderFromContext(), "." + funcArgs.substring(indexOf + 13, funcArgs.length()), this.namespaceMap);
        } catch (SOAPException e3) {
            throw new PolicyException("Could not access SOAP Header", e3);
        }
    }

    private static List getNodeListFromXPath(Node node, String str, Map map) throws PolicyException {
        ArrayList arrayList = new ArrayList();
        javax.xml.xpath.XPath newXPath = XPathFactory.newInstance().newXPath();
        NamespaceContextImpl namespaceContextImpl = new NamespaceContextImpl();
        for (String str2 : map.keySet()) {
            namespaceContextImpl.bindNamespace(str2, (String) map.get(str2));
        }
        newXPath.setNamespaceContext(namespaceContextImpl);
        try {
            NodeList nodeList = (NodeList) newXPath.evaluate(str, node, XPathConstants.NODESET);
            if (nodeList == null || nodeList.getLength() == 0) {
                return getNodeList(node, str);
            }
            for (int i = 0; i < nodeList.getLength(); i++) {
                arrayList.add(nodeList.item(i));
            }
            return arrayList;
        } catch (XPathExpressionException e) {
            return getNodeList(node, str);
        }
    }

    private static List getNodeList(Node node, String str) throws PolicyException {
        ArrayList arrayList = new ArrayList();
        try {
            Iterator it = new DOMXPath(str).evaluateAsNodeset(node).iterator();
            while (it.hasNext()) {
                arrayList.add((Node) it.next());
            }
            if (arrayList.size() == 0) {
                throw new PolicyException("Can not resolve Target in MessageParts: " + str);
            }
            return arrayList;
        } catch (XPathException e) {
            throw new PolicyException("Could not parse XPath expression: " + str, e);
        }
    }

    private List evalWssePartExpr(String str) throws PolicyException {
        ArrayList arrayList = new ArrayList();
        PartsFunction partsFunction = new PartsFunction(str, this.mparts, this.namespaceMap);
        if (WSEE_PART_BODY.equals(partsFunction.getFuncQName())) {
            if (partsFunction.getFuncArgs().length() > 0) {
                throw new PolicyException("Malformed WSSE Parts 'Body' expression: '" + str + "'");
            }
            arrayList.add(getSOAPBody());
        } else {
            if (!WSEE_PART_HEADER.equals(partsFunction.getFuncQName())) {
                throw new PolicyException("Unrecognized function name in WSSE Message Parts expression: '" + partsFunction + "'");
            }
            if (partsFunction.getFuncArgs().length() == 0) {
                throw new PolicyException("Malformed WSSE Parts 'Header' expression: '" + str + "'");
            }
            arrayList.addAll(getSOAPHeaders(partsFunction.getFuncArgsAsQName()));
        }
        if (arrayList.size() == 0) {
            throw new PolicyException("Can not resolve Target in MessageParts: " + str);
        }
        return arrayList;
    }

    private List evalWLSPartExpr(String str) throws PolicyException {
        ArrayList arrayList = new ArrayList();
        PartsFunction partsFunction = new PartsFunction(str, this.mparts, this.namespaceMap);
        if (WLS_PART_SYSTEM_HEADERS.equals(partsFunction.getFuncQName())) {
            if (partsFunction.getFuncArgs().length() > 0) {
                throw new PolicyException("Malformed WLS Parts '" + WLS_PART_SYSTEM_HEADERS.getLocalPart() + "' expression: '" + str + "'");
            }
            arrayList.addAll(getSOAPSystemHeaders());
        } else {
            if (!WLS_PART_SECURITY_HEADER.equals(partsFunction.getFuncQName())) {
                throw new PolicyException("Unrecognized function name in WLS Message Parts expression: '" + partsFunction + "'");
            }
            arrayList.addAll(getSecurityHeader(partsFunction.getFuncArgsAsQName()));
        }
        return arrayList;
    }

    private SOAPBody getSOAPBody() throws PolicyException {
        try {
            return this.msg.getSOAPPart().getEnvelope().getBody();
        } catch (SOAPException e) {
            throw new PolicyException("Could not access SOAP Envelope", e);
        }
    }

    private List getSOAPHeaders(QName qName) throws PolicyException {
        ArrayList arrayList = new ArrayList();
        try {
            Iterator examineAllHeaderElements = this.msg.getSOAPPart().getEnvelope().getHeader().examineAllHeaderElements();
            while (examineAllHeaderElements.hasNext()) {
                SOAPHeaderElement sOAPHeaderElement = (SOAPHeaderElement) examineAllHeaderElements.next();
                if (DOMUtils.equalsQName(sOAPHeaderElement, qName)) {
                    arrayList.add(sOAPHeaderElement);
                }
            }
            return arrayList;
        } catch (SOAPException e) {
            throw new PolicyException("Could not access SOAP Headers");
        }
    }

    private Element getSecurityHeaderFromContext() throws PolicyException {
        Element element = null;
        WSSecurityContext securityContext = WSSecurityContext.getSecurityContext(this.mctx);
        if (securityContext != null) {
            element = securityContext.getSecurityElement();
        }
        if (element == null) {
            try {
                NodeList elementsByTagNameNS = this.mctx.getMessage().getSOAPHeader().getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security");
                if (elementsByTagNameNS.getLength() > 0) {
                    element = (Element) elementsByTagNameNS.item(0);
                }
            } catch (SOAPException e) {
            }
        }
        if (element != null) {
            return element;
        }
        if (!LOGGER.isLoggable(Level.FINE)) {
            throw new PolicyException("Can not retrieve wsee:Security header from the message.");
        }
        throw new PolicyException("Can not retrieve wsee:Security header from the message: " + Util.printNode(this.mctx.getMessage().getSOAPPart()));
    }

    private Collection getSecurityHeader(QName qName) throws PolicyException {
        ArrayList arrayList = new ArrayList();
        Element securityHeaderFromContext = getSecurityHeaderFromContext();
        boolean z = qName.getNamespaceURI() == null || qName.getNamespaceURI().length() == 0;
        NodeList childNodes = securityHeaderFromContext.getChildNodes();
        for (int i = 0; i < childNodes.getLength(); i++) {
            Node item = childNodes.item(i);
            if (item.getNodeType() == 1) {
                if (z) {
                    if (item.getLocalName().equals(qName.getLocalPart())) {
                        arrayList.add(item);
                    }
                } else if (DOMUtils.equalsQName(item, qName)) {
                    arrayList.add(item);
                }
            }
        }
        if (arrayList.size() == 0) {
            throw new PolicyException("Can not retrieve header: " + qName);
        }
        return arrayList;
    }

    private Collection getSOAPSystemHeaders() throws PolicyException {
        ArrayList arrayList = new ArrayList();
        try {
            Node firstChild = this.msg.getSOAPPart().getEnvelope().getHeader().getFirstChild();
            while (true) {
                Node node = firstChild;
                if (node == null) {
                    return arrayList;
                }
                if (1 == node.getNodeType()) {
                    Element element = (Element) node;
                    Iterator it = WLS_SYSTEM_SOAP_HEADERS.iterator();
                    while (it.hasNext()) {
                        if (DOMUtils.equalsQName(element, (QName) it.next())) {
                            arrayList.add(element);
                        }
                    }
                }
                firstChild = node.getNextSibling();
            }
        } catch (SOAPException e) {
            throw new PolicyException("Could not access SOAP Headers");
        }
    }

    static {
        HashSet hashSet = new HashSet();
        hashSet.addAll(WsrmHeader.getQNames(AcknowledgementHeader.class));
        hashSet.addAll(WsrmHeader.getQNames(AckRequestedHeader.class));
        hashSet.addAll(WsrmHeader.getQNames(SequenceHeader.class));
        hashSet.add(WSAddressingConstants.WSA_HEADER_ACTION_10);
        hashSet.add(WSAddressingConstants.WSA_HEADER_ACTION);
        hashSet.add(WSAddressingConstants.WSA_HEADER_FAULT_TO_10);
        hashSet.add(WSAddressingConstants.WSA_HEADER_FAULT_TO);
        hashSet.add(WSAddressingConstants.WSA_HEADER_SOURCE_10);
        hashSet.add(WSAddressingConstants.WSA_HEADER_SOURCE);
        hashSet.add(WSAddressingConstants.WSA_HEADER_MESSAGE_ID_10);
        hashSet.add(WSAddressingConstants.WSA_HEADER_MESSAGE_ID);
        hashSet.add(WSAddressingConstants.WSA_HEADER_RELATES_TO_10);
        hashSet.add(WSAddressingConstants.WSA_HEADER_RELATES_TO);
        hashSet.add(WSAddressingConstants.WSA_HEADER_REPLY_TO_10);
        hashSet.add(WSAddressingConstants.WSA_HEADER_REPLY_TO);
        hashSet.add(SetCookieHeader.NAME);
        hashSet.add(TimestampHeader.NAME);
        hashSet.add(WSAddressingConstants.WSA_HEADER_TO_10);
        hashSet.add(WSAddressingConstants.WSA_HEADER_TO);
        WLS_SYSTEM_SOAP_HEADERS = hashSet;
        LOGGER = Logger.getLogger(MessagePartsEvaluator.class.getName());
    }
}
