package com.sun.enterprise.security.webservices.server;

import com.sun.enterprise.util.Utility;
import com.sun.xml.ws.api.model.SEIModel;
import com.sun.xml.ws.api.model.wsdl.WSDLBoundOperation;
import com.sun.xml.ws.api.model.wsdl.WSDLPort;
import com.sun.xml.ws.api.pipe.Pipe;
import com.sun.xml.ws.api.server.WSEndpoint;
import com.sun.xml.ws.policy.Policy;
import com.sun.xml.ws.policy.PolicyException;
import com.sun.xml.ws.policy.PolicyMap;
import com.sun.xml.ws.policy.PolicyMapKey;
import com.sun.xml.wss.provider.wsit.PipeConstants;
import jakarta.inject.Singleton;
import java.util.HashMap;
import java.util.Iterator;
import org.glassfish.webservices.ServerPipeCreator;
import org.jvnet.hk2.annotations.Service;

@Singleton
@Service
/* loaded from: input_file:com/sun/enterprise/security/webservices/server/ServerSecurityPipeCreator.class */
public class ServerSecurityPipeCreator extends ServerPipeCreator {
    private static final String SECURITY_POLICY_NAMESPACE_URI_SUBMISSION = "http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";
    private static final String SECURITY_POLICY_NAMESPACE_URI_SPECVERSION = "http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";

    @Override // org.glassfish.webservices.ServerPipeCreator, com.sun.xml.ws.assembler.metro.ServerPipelineHook
    public Pipe createSecurityPipe(PolicyMap policyMap, SEIModel sEIModel, WSDLPort wSDLPort, WSEndpoint wSEndpoint, Pipe pipe) {
        HashMap hashMap = new HashMap();
        hashMap.put(PipeConstants.POLICY, policyMap);
        hashMap.put(PipeConstants.SEI_MODEL, sEIModel);
        hashMap.put(PipeConstants.WSDL_MODEL, wSDLPort);
        hashMap.put(PipeConstants.ENDPOINT, wSEndpoint);
        hashMap.put(PipeConstants.SERVICE_ENDPOINT, this.endpoint);
        hashMap.put(PipeConstants.NEXT_PIPE, pipe);
        hashMap.put(PipeConstants.CONTAINER, wSEndpoint.getContainer());
        if (isSecurityEnabled(policyMap, wSDLPort)) {
            this.endpoint.setSecurePipeline();
        }
        return new ServerSecurityPipe(hashMap, pipe, this.isHttpBinding);
    }

    public static boolean isSecurityEnabled(PolicyMap policyMap, WSDLPort wSDLPort) {
        if (Utility.isAnyNull(policyMap, wSDLPort)) {
            return false;
        }
        try {
            if (isSecured(policyMap.getEndpointEffectivePolicy(PolicyMap.createWsdlEndpointScopeKey(wSDLPort.getOwner().getName(), wSDLPort.getName())))) {
                return true;
            }
            Iterator<? extends WSDLBoundOperation> it = wSDLPort.getBinding().getBindingOperations().iterator();
            while (it.hasNext()) {
                PolicyMapKey createWsdlOperationScopeKey = PolicyMap.createWsdlOperationScopeKey(wSDLPort.getOwner().getName(), wSDLPort.getName(), it.next().getName());
                if (isSecured(policyMap.getOperationEffectivePolicy(createWsdlOperationScopeKey)) || isSecured(policyMap.getInputMessageEffectivePolicy(createWsdlOperationScopeKey)) || isSecured(policyMap.getOutputMessageEffectivePolicy(createWsdlOperationScopeKey)) || isSecured(policyMap.getFaultMessageEffectivePolicy(createWsdlOperationScopeKey))) {
                    return true;
                }
            }
            return false;
        } catch (PolicyException e) {
            return false;
        }
    }

    private static boolean isSecured(Policy policy) {
        if (policy == null) {
            return false;
        }
        return policy.contains("http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702") || policy.contains("http://schemas.xmlsoap.org/ws/2005/07/securitypolicy");
    }
}
