package weblogic.wsee.security.wssc.base.dk;

import java.security.Key;
import javax.security.auth.Subject;
import javax.xml.namespace.QName;
import javax.xml.rpc.handler.MessageContext;
import org.w3c.dom.Node;
import weblogic.security.service.ContextHandler;
import weblogic.wsee.security.wssc.dk.DKClaims;
import weblogic.wsee.security.wssc.dk.DKCredential;
import weblogic.wsee.security.wssc.dk.DKTokenReference;
import weblogic.wsee.security.wst.helpers.EncryptedKeyInfoBuilder;
import weblogic.xml.crypto.api.MarshalException;
import weblogic.xml.crypto.common.keyinfo.KeyProvider;
import weblogic.xml.crypto.common.keyinfo.SecretKeyProvider;
import weblogic.xml.crypto.wss.SecurityTokenHelper;
import weblogic.xml.crypto.wss.SecurityTokenValidateResult;
import weblogic.xml.crypto.wss.WSSConstants;
import weblogic.xml.crypto.wss.WSSecurityContext;
import weblogic.xml.crypto.wss.WSSecurityException;
import weblogic.xml.crypto.wss.provider.Purpose;
import weblogic.xml.crypto.wss.provider.SecurityToken;
import weblogic.xml.crypto.wss.provider.SecurityTokenHandler;
import weblogic.xml.crypto.wss.provider.SecurityTokenReference;

/* loaded from: input_file:weblogic/wsee/security/wssc/base/dk/DKTokenHandlerBase.class */
public abstract class DKTokenHandlerBase implements SecurityTokenHandler {
    protected abstract QName[] getDK_QNAMES();

    protected abstract String[] getDK_VALUE_TYPES();

    protected abstract DKTokenBase newDKToken();

    protected abstract DKTokenBase newDKToken(DKCredential dKCredential);

    protected abstract String getDK_VALUE_TYPE();

    protected abstract String getSCT_RST_ACTION();

    protected abstract String getXMLNS_WSC();

    @Override // weblogic.xml.crypto.wss.provider.SecurityTokenHandler
    public SecurityToken getSecurityToken(String str, Object obj, ContextHandler contextHandler) throws WSSecurityException {
        if (!(obj instanceof DKCredential)) {
            return null;
        }
        DKCredential dKCredential = (DKCredential) obj;
        if (dKCredential.getLabel() == null) {
            dKCredential.setLabel(DKClaims.getLabelFromContextHandler(contextHandler));
        }
        if (dKCredential.getLength() == -1) {
            dKCredential.setLength(DKClaims.getLengthFromContextHandler(contextHandler));
        }
        return newDKToken(dKCredential);
    }

    @Override // weblogic.xml.crypto.wss.provider.SecurityTokenHandler
    public SecurityToken getSecurityToken(String str, String str2, Purpose purpose, ContextHandler contextHandler) throws WSSecurityException {
        return SecurityTokenHelper.findSecurityTokenInContext(contextHandler, str);
    }

    @Override // weblogic.xml.crypto.wss.provider.SecurityTokenHandler
    public SecurityTokenReference getSTR(QName qName, String str, SecurityToken securityToken) throws WSSecurityException {
        if ((securityToken instanceof DKTokenBase) && qName.equals(WSSConstants.REFERENCE_QNAME)) {
            return new DKTokenReference((DKTokenBase) securityToken);
        }
        return null;
    }

    @Override // weblogic.xml.crypto.wss.provider.SecurityTokenHandler
    public QName[] getQNames() {
        return getDK_QNAMES();
    }

    @Override // weblogic.xml.crypto.wss.provider.SecurityTokenHandler
    public String[] getValueTypes() {
        return getDK_VALUE_TYPES();
    }

    @Override // weblogic.xml.crypto.wss.provider.SecurityTokenHandler
    public SecurityToken newSecurityToken(Node node) throws MarshalException {
        DKTokenBase newDKToken = newDKToken();
        try {
            newDKToken.unmarshal(node);
            return newDKToken;
        } catch (weblogic.xml.dom.marshal.MarshalException e) {
            throw new MarshalException("Failed to unmarshal DerivedKeyToken.", e);
        }
    }

    @Override // weblogic.xml.crypto.wss.provider.SecurityTokenHandler
    public SecurityTokenReference newSecurityTokenReference(Node node) throws weblogic.xml.dom.marshal.MarshalException {
        DKTokenReference dKTokenReference = new DKTokenReference();
        dKTokenReference.unmarshal(node);
        return dKTokenReference;
    }

    @Override // weblogic.xml.crypto.wss.provider.SecurityTokenHandler
    public KeyProvider getKeyProvider(SecurityToken securityToken, MessageContext messageContext) {
        Key secretKey;
        SecretKeyProvider secretKeyProvider = null;
        if ((securityToken instanceof DKTokenBase) && (secretKey = ((DKTokenBase) securityToken).getSecretKey(messageContext)) != null) {
            secretKeyProvider = new SecretKeyProvider(secretKey, (String) null, securityToken.getId() != null ? securityToken.getId().getBytes() : null, SecurityTokenHelper.getURI(securityToken), securityToken);
            EncryptedKeyInfoBuilder.debugKey(secretKey, "secretKey returned from DK TokenHandler of KeyProvider");
        }
        return secretKeyProvider;
    }

    @Override // weblogic.xml.crypto.wss.provider.SecurityTokenHandler
    public SecurityToken getSecurityToken(SecurityTokenReference securityTokenReference, MessageContext messageContext) throws WSSecurityException {
        WSSecurityContext securityContext = WSSecurityContext.getSecurityContext(messageContext);
        if (WSSConstants.REFERENCE_QNAME.equals(securityTokenReference.getSTRType())) {
            return SecurityTokenHelper.findSecurityTokenByIdInContext(securityContext, securityTokenReference.getValueType(), SecurityTokenHelper.getIdFromURI(securityTokenReference.getReferenceURI()));
        }
        if (!WSSConstants.KEY_IDENTIFIER_QNAME.equals(securityTokenReference.getSTRType())) {
            throw new WSSecurityException("Failed to retrieve token for reference " + securityTokenReference, WSSConstants.FAILURE_TOKEN_UNAVAILABLE);
        }
        return SecurityTokenHelper.findSecurityTokenByIdInContext(securityContext, securityTokenReference.getValueType(), new String(securityTokenReference.getKeyIdentifier().getIdentifier()));
    }

    @Override // weblogic.xml.crypto.wss.provider.SecurityTokenHandler
    public SecurityTokenValidateResult validateUnmarshalled(SecurityToken securityToken, MessageContext messageContext) throws WSSecurityException {
        return new SecurityTokenValidateResult(true);
    }

    @Override // weblogic.xml.crypto.wss.provider.SecurityTokenHandler
    public SecurityTokenValidateResult validateProcessed(SecurityToken securityToken, MessageContext messageContext) {
        return new SecurityTokenValidateResult(true);
    }

    @Override // weblogic.xml.crypto.wss.provider.SecurityTokenHandler
    public boolean matches(SecurityToken securityToken, String str, String str2, ContextHandler contextHandler, Purpose purpose) {
        return (securityToken instanceof DKTokenBase) && str.equals(getDK_VALUE_TYPE());
    }

    @Override // weblogic.xml.crypto.wss.provider.SecurityTokenHandler
    public Subject getSubject(SecurityToken securityToken, MessageContext messageContext) throws WSSecurityException {
        return null;
    }
}
