package com.sun.xml.wss.jaxws.impl;

import com.sun.xml.ws.api.message.Message;
import com.sun.xml.ws.api.message.Messages;
import com.sun.xml.ws.api.message.Packet;
import com.sun.xml.ws.api.message.stream.InputStreamMessage;
import com.sun.xml.ws.api.message.stream.XMLStreamReaderMessage;
import com.sun.xml.ws.api.model.wsdl.WSDLBoundOperation;
import com.sun.xml.ws.api.model.wsdl.WSDLFault;
import com.sun.xml.ws.api.model.wsdl.WSDLOperation;
import com.sun.xml.ws.api.pipe.NextAction;
import com.sun.xml.ws.api.pipe.Tube;
import com.sun.xml.ws.api.pipe.TubeCloner;
import com.sun.xml.ws.api.pipe.helper.AbstractTubeImpl;
import com.sun.xml.ws.api.security.CallbackHandlerFeature;
import com.sun.xml.ws.api.security.secconv.WSSecureConversationRuntimeException;
import com.sun.xml.ws.api.server.WSEndpoint;
import com.sun.xml.ws.api.server.WebServiceContextDelegate;
import com.sun.xml.ws.assembler.dev.ServerTubelineAssemblyContext;
import com.sun.xml.ws.commons.ha.HaContext;
import com.sun.xml.ws.policy.Policy;
import com.sun.xml.ws.policy.PolicyAssertion;
import com.sun.xml.ws.policy.PolicyException;
import com.sun.xml.ws.runtime.dev.Session;
import com.sun.xml.ws.runtime.dev.SessionManager;
import com.sun.xml.ws.security.IssuedTokenContext;
import com.sun.xml.ws.security.SecurityContextToken;
import com.sun.xml.ws.security.impl.IssuedTokenContextImpl;
import com.sun.xml.ws.security.impl.policyconv.SecurityPolicyHolder;
import com.sun.xml.ws.security.opt.impl.JAXBFilterProcessingContext;
import com.sun.xml.ws.security.opt.impl.util.SOAPUtil;
import com.sun.xml.ws.security.policy.SecureConversationToken;
import com.sun.xml.ws.security.policy.Token;
import com.sun.xml.ws.security.secconv.WSSCContract;
import com.sun.xml.ws.security.secconv.WSSCFactory;
import com.sun.xml.ws.security.secconv.WSSecureConversationException;
import com.sun.xml.ws.security.trust.WSTrustConstants;
import com.sun.xml.ws.security.trust.WSTrustElementFactory;
import com.sun.xml.ws.security.trust.elements.BaseSTSResponse;
import com.sun.xml.ws.security.trust.elements.RequestSecurityToken;
import com.sun.xml.wss.NonceManager;
import com.sun.xml.wss.ProcessingContext;
import com.sun.xml.wss.RealmAuthenticationAdapter;
import com.sun.xml.wss.SubjectAccessor;
import com.sun.xml.wss.XWSSecurityException;
import com.sun.xml.wss.impl.MessageConstants;
import com.sun.xml.wss.impl.NewSecurityRecipient;
import com.sun.xml.wss.impl.ProcessingContextImpl;
import com.sun.xml.wss.impl.WssSoapFaultException;
import com.sun.xml.wss.impl.XWSSecurityRuntimeException;
import com.sun.xml.wss.impl.misc.DefaultCallbackHandler;
import com.sun.xml.wss.impl.misc.DefaultSecurityEnvironmentImpl;
import com.sun.xml.wss.impl.policy.mls.MessagePolicy;
import com.sun.xml.wss.jaxws.impl.logging.LogStringsMessages;
import com.sun.xml.wss.provider.wsit.PipeConstants;
import com.sun.xml.wss.provider.wsit.PolicyAlternativeHolder;
import com.sun.xml.wss.provider.wsit.PolicyResolverFactory;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.InvocationTargetException;
import java.net.URI;
import java.net.URL;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.Iterator;
import java.util.List;
import java.util.Properties;
import java.util.Set;
import java.util.logging.Level;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.xml.bind.JAXBElement;
import javax.xml.bind.JAXBException;
import javax.xml.namespace.QName;
import javax.xml.soap.SOAPException;
import javax.xml.soap.SOAPMessage;
import javax.xml.ws.WebServiceException;
import javax.xml.ws.soap.SOAPFaultException;

/* loaded from: input_file:com/sun/xml/wss/jaxws/impl/SecurityServerTube.class */
public class SecurityServerTube extends SecurityTubeBase {
    private static final String WSCONTEXT_DELEGATE = "META-INF/services/com.sun.xml.ws.api.server.WebServiceContextDelegate";
    private Class contextDelegate;
    private SessionManager sessionManager;
    private Set trustConfig;
    private Set wsscConfig;
    private CallbackHandler handler;
    private Packet tmpPacket;
    private boolean isTrustMessage;
    private boolean isSCIssueMessage;
    private boolean isSCCancelMessage;
    private String reqAction;
    private WSEndpoint wsEndpoint;

    public SecurityServerTube(ServerTubelineAssemblyContext serverTubelineAssemblyContext, Tube tube) {
        super(new ServerTubeConfiguration(serverTubelineAssemblyContext.getPolicyMap(), serverTubelineAssemblyContext.getWsdlPort(), serverTubelineAssemblyContext.getEndpoint()), tube);
        this.contextDelegate = null;
        this.sessionManager = null;
        this.trustConfig = null;
        this.wsscConfig = null;
        this.handler = null;
        this.reqAction = null;
        this.wsEndpoint = null;
        this.wsEndpoint = serverTubelineAssemblyContext.getEndpoint();
        try {
            Set<PolicyAssertion> set = null;
            Iterator<PolicyAlternativeHolder> it = this.policyAlternatives.iterator();
            while (it.hasNext()) {
                for (SecurityPolicyHolder securityPolicyHolder : it.next().getInMessagePolicyMap().values()) {
                    if (set != null) {
                        set.addAll(securityPolicyHolder.getConfigAssertions("http://schemas.sun.com/2006/03/wss/server"));
                    } else {
                        set = securityPolicyHolder.getConfigAssertions("http://schemas.sun.com/2006/03/wss/server");
                    }
                    if (this.trustConfig != null) {
                        this.trustConfig.addAll(securityPolicyHolder.getConfigAssertions(com.sun.xml.ws.security.impl.policy.Constants.SUN_TRUST_SERVER_SECURITY_POLICY_NS));
                    } else {
                        this.trustConfig = securityPolicyHolder.getConfigAssertions(com.sun.xml.ws.security.impl.policy.Constants.SUN_TRUST_SERVER_SECURITY_POLICY_NS);
                    }
                    if (this.wsscConfig != null) {
                        this.wsscConfig.addAll(securityPolicyHolder.getConfigAssertions(com.sun.xml.ws.security.impl.policy.Constants.SUN_SECURE_SERVER_CONVERSATION_POLICY_NS));
                    } else {
                        this.wsscConfig = securityPolicyHolder.getConfigAssertions(com.sun.xml.ws.security.impl.policy.Constants.SUN_SECURE_SERVER_CONVERSATION_POLICY_NS);
                    }
                }
            }
            Properties properties = new Properties();
            this.handler = configureServerHandler(set, properties);
            this.secEnv = new DefaultSecurityEnvironmentImpl(this.handler, properties);
            String metaINFServiceClass = getMetaINFServiceClass(WSCONTEXT_DELEGATE);
            if (metaINFServiceClass != null) {
                this.contextDelegate = loadClass(metaINFServiceClass);
            }
            this.sessionManager = SessionManager.getSessionManager(((ServerTubeConfiguration) this.tubeConfig).getEndpoint(), getSecureConversationPolicies(null, null).isEmpty() ? false : true, properties);
            properties.put(PipeConstants.ENDPOINT, serverTubelineAssemblyContext.getEndpoint());
            properties.put(PipeConstants.POLICY, serverTubelineAssemblyContext.getPolicyMap());
            properties.put(PipeConstants.WSDL_MODEL, serverTubelineAssemblyContext.getWsdlPort());
        } catch (Exception e) {
            log.log(Level.SEVERE, LogStringsMessages.WSSTUBE_0028_ERROR_CREATING_NEW_INSTANCE_SEC_SERVER_TUBE(), (Throwable) e);
            throw new RuntimeException(LogStringsMessages.WSSTUBE_0028_ERROR_CREATING_NEW_INSTANCE_SEC_SERVER_TUBE(), e);
        }
    }

    protected SecurityServerTube(SecurityServerTube securityServerTube, TubeCloner tubeCloner) {
        super(securityServerTube, tubeCloner);
        this.contextDelegate = null;
        this.sessionManager = null;
        this.trustConfig = null;
        this.wsscConfig = null;
        this.handler = null;
        this.reqAction = null;
        this.wsEndpoint = null;
        this.sessionManager = securityServerTube.sessionManager;
        this.trustConfig = securityServerTube.trustConfig;
        this.wsscConfig = securityServerTube.wsscConfig;
        this.handler = securityServerTube.handler;
        this.contextDelegate = securityServerTube.contextDelegate;
    }

    @Override // com.sun.xml.ws.api.pipe.helper.AbstractTubeImpl, com.sun.xml.ws.api.pipe.Tube
    public AbstractTubeImpl copy(TubeCloner tubeCloner) {
        return new SecurityServerTube(this, tubeCloner);
    }

    @Override // com.sun.xml.ws.api.pipe.helper.AbstractFilterTubeImpl, com.sun.xml.ws.api.pipe.Tube
    public NextAction processRequest(Packet packet) {
        Message create;
        try {
            HaContext.initFrom(packet);
            Message internalMessage = packet.getInternalMessage();
            this.isSCIssueMessage = false;
            this.isSCCancelMessage = false;
            this.isTrustMessage = false;
            this.tmpPacket = null;
            boolean z = false;
            if (this.contextDelegate != null) {
                try {
                    try {
                        try {
                            try {
                                packet.webServiceContextDelegate = (WebServiceContextDelegate) this.contextDelegate.getConstructor(WebServiceContextDelegate.class).newInstance(packet.webServiceContextDelegate);
                            } catch (IllegalAccessException e) {
                                log.log(Level.SEVERE, LogStringsMessages.WSSTUBE_0036_ERROR_INSTATIATE_WEBSERVICE_CONTEXT_DELEGATE(), (Throwable) e);
                                throw new RuntimeException(e);
                            }
                        } catch (IllegalArgumentException e2) {
                            log.log(Level.SEVERE, LogStringsMessages.WSSTUBE_0036_ERROR_INSTATIATE_WEBSERVICE_CONTEXT_DELEGATE(), (Throwable) e2);
                            throw new RuntimeException(e2);
                        }
                    } catch (NoSuchMethodException e3) {
                        log.log(Level.SEVERE, LogStringsMessages.WSSTUBE_0036_ERROR_INSTATIATE_WEBSERVICE_CONTEXT_DELEGATE(), (Throwable) e3);
                        throw new RuntimeException(e3);
                    } catch (InvocationTargetException e4) {
                        log.log(Level.SEVERE, LogStringsMessages.WSSTUBE_0036_ERROR_INSTATIATE_WEBSERVICE_CONTEXT_DELEGATE(), (Throwable) e4);
                        throw new RuntimeException(e4);
                    }
                } catch (InstantiationException e5) {
                    log.log(Level.SEVERE, LogStringsMessages.WSSTUBE_0036_ERROR_INSTATIATE_WEBSERVICE_CONTEXT_DELEGATE(), (Throwable) e5);
                    throw new RuntimeException(e5);
                } catch (SecurityException e6) {
                    log.log(Level.SEVERE, LogStringsMessages.WSSTUBE_0036_ERROR_INSTATIATE_WEBSERVICE_CONTEXT_DELEGATE(), (Throwable) e6);
                    throw new RuntimeException(e6);
                }
            }
            ProcessingContext initializeInboundProcessingContext = initializeInboundProcessingContext(packet);
            initializeInboundProcessingContext.setExtraneousProperty(ProcessingContext.OPERATION_RESOLVER, PolicyResolverFactory.createPolicyResolver(this.policyAlternatives, this.cachedOperation, this.tubeConfig, this.addVer, false, this.rmVer, this.mcVer));
            initializeInboundProcessingContext.setExtraneousProperty("SessionManager", this.sessionManager);
            try {
                try {
                    try {
                        create = !this.optimized ? Messages.create(verifyInboundMessage(internalMessage.readAsSOAPMessage(), initializeInboundProcessingContext)) : verifyInboundMessage(internalMessage, initializeInboundProcessingContext);
                    } catch (XWSSecurityException e7) {
                        z = true;
                        log.log(Level.SEVERE, LogStringsMessages.WSSTUBE_0025_ERROR_VERIFY_INBOUND_MSG(), (Throwable) e7);
                        SOAPFaultException sOAPFaultException = SOAPUtil.getSOAPFaultException(e7, this.soapFactory, this.soapVersion);
                        if (sOAPFaultException.getCause() == null) {
                            sOAPFaultException.initCause(e7);
                        }
                        create = Messages.create((Throwable) sOAPFaultException, this.soapVersion);
                    } catch (WebServiceException e8) {
                        z = true;
                        log.log(Level.SEVERE, LogStringsMessages.WSSTUBE_0025_ERROR_VERIFY_INBOUND_MSG(), (Throwable) e8);
                        SOAPFaultException sOAPFaultException2 = SOAPUtil.getSOAPFaultException((Exception) e8, this.soapFactory, this.soapVersion);
                        if (sOAPFaultException2.getCause() == null) {
                            sOAPFaultException2.initCause(e8);
                        }
                        create = Messages.create((Throwable) sOAPFaultException2, this.soapVersion);
                    }
                } catch (WssSoapFaultException e9) {
                    z = true;
                    log.log(Level.SEVERE, LogStringsMessages.WSSTUBE_0025_ERROR_VERIFY_INBOUND_MSG(), (Throwable) e9);
                    SOAPFaultException sOAPFaultException3 = SOAPUtil.getSOAPFaultException(e9, this.soapFactory, this.soapVersion);
                    if (sOAPFaultException3.getCause() == null) {
                        sOAPFaultException3.initCause(e9);
                    }
                    create = Messages.create((Throwable) sOAPFaultException3, this.soapVersion);
                } catch (XWSSecurityRuntimeException e10) {
                    z = true;
                    log.log(Level.SEVERE, LogStringsMessages.WSSTUBE_0025_ERROR_VERIFY_INBOUND_MSG(), (Throwable) e10);
                    SOAPFaultException sOAPFaultException4 = SOAPUtil.getSOAPFaultException(e10, this.soapFactory, this.soapVersion);
                    if (sOAPFaultException4.getCause() == null) {
                        sOAPFaultException4.initCause(e10);
                    }
                    create = Messages.create((Throwable) sOAPFaultException4, this.soapVersion);
                }
            } catch (WSSecureConversationRuntimeException e11) {
                z = true;
                log.log(Level.SEVERE, LogStringsMessages.WSSTUBE_0025_ERROR_VERIFY_INBOUND_MSG(), (Throwable) e11);
                QName faultCode = e11.getFaultCode();
                if (faultCode != null) {
                    faultCode = new QName(this.wsscVer.getNamespaceURI(), faultCode.getLocalPart());
                }
                create = Messages.create((Throwable) SOAPUtil.getSOAPFaultException(faultCode, e11, this.soapFactory, this.soapVersion), this.soapVersion);
            } catch (SOAPException e12) {
                log.log(Level.SEVERE, LogStringsMessages.WSSTUBE_0025_ERROR_VERIFY_INBOUND_MSG(), (Throwable) e12);
                z = true;
                SOAPFaultException sOAPFaultException5 = SOAPUtil.getSOAPFaultException((Exception) e12, this.soapFactory, this.soapVersion);
                if (sOAPFaultException5.getCause() == null) {
                    sOAPFaultException5.initCause(e12);
                }
                create = Messages.create((Throwable) sOAPFaultException5, this.soapVersion);
            }
            Packet packet2 = null;
            if (z) {
                if (isAddressingEnabled()) {
                    if (this.optimized) {
                        packet.setMessage(((JAXBFilterProcessingContext) initializeInboundProcessingContext).getPVMessage());
                    }
                    packet2 = packet.createServerResponse(create, this.addVer, this.soapVersion, this.addVer.getDefaultFaultAction());
                } else {
                    packet.setMessage(create);
                    packet2 = packet;
                }
            }
            packet.setMessage(create);
            if (isAddressingEnabled()) {
                this.reqAction = getAction(packet);
                if (this.wsscVer.getSCTRequestAction().equals(this.reqAction) || this.wsscVer.getSCTRenewRequestAction().equals(this.reqAction)) {
                    this.isSCIssueMessage = true;
                    if (this.wsscConfig != null) {
                        packet.invocationProperties.put(com.sun.xml.ws.security.impl.policy.Constants.SUN_SECURE_SERVER_CONVERSATION_POLICY_NS, this.wsscConfig.iterator());
                    }
                } else if (this.wsscVer.getSCTCancelRequestAction().equals(this.reqAction)) {
                    this.isSCCancelMessage = true;
                } else if (this.wsTrustVer.getIssueRequestAction().equals(this.reqAction) || this.wsTrustVer.getValidateRequestAction().equals(this.reqAction)) {
                    this.isTrustMessage = true;
                    if (this.trustConfig != null) {
                        packet.invocationProperties.put(com.sun.xml.ws.security.impl.policy.Constants.SUN_TRUST_SERVER_SECURITY_POLICY_NS, this.trustConfig.iterator());
                    }
                    packet.invocationProperties.put(WSTrustConstants.SECURITY_ENVIRONMENT, this.secEnv);
                    packet.invocationProperties.put(WSTrustConstants.WST_VERSION, this.wsTrustVer);
                    IssuedTokenContext trustContext = ((ProcessingContextImpl) initializeInboundProcessingContext).getTrustContext();
                    if (trustContext != null && trustContext.getAuthnContextClass() != null) {
                        packet.invocationProperties.put(WSTrustConstants.AUTHN_CONTEXT_CLASS, trustContext.getAuthnContextClass());
                    }
                }
                if (this.isSCIssueMessage) {
                    List<PolicyAssertion> inBoundSCP = getInBoundSCP(packet.getMessage());
                    if (!inBoundSCP.isEmpty()) {
                        packet.invocationProperties.put(Constants.SC_ASSERTION, inBoundSCP.get(0));
                    }
                }
            }
            if (!this.isSCIssueMessage) {
                this.cachedOperation = create.getOperation(this.tubeConfig.getWSDLPort());
                if (this.cachedOperation == null && this.addVer != null) {
                    if (z) {
                        this.cachedOperation = getWSDLOpFromAction(packet, true, true);
                    } else {
                        this.cachedOperation = getWSDLOpFromAction(packet, true);
                    }
                }
            }
            if (z) {
                NextAction processResponse = processResponse(packet2);
                HaContext.clear();
                return processResponse;
            }
            if (this.isSCIssueMessage || this.isSCCancelMessage) {
                Packet invokeSecureConversationContract = invokeSecureConversationContract(packet, initializeInboundProcessingContext, this.isSCIssueMessage, this.reqAction);
                this.tmpPacket = packet;
                NextAction processResponse2 = processResponse(invokeSecureConversationContract);
                HaContext.clear();
                return processResponse2;
            }
            updateSCBootstrapCredentials(packet, initializeInboundProcessingContext);
            this.tmpPacket = packet;
            NextAction doInvoke = doInvoke(this.next, packet);
            HaContext.clear();
            return doInvoke;
        } catch (Throwable th) {
            HaContext.clear();
            throw th;
        }
    }

    @Override // com.sun.xml.ws.api.pipe.helper.AbstractFilterTubeImpl, com.sun.xml.ws.api.pipe.Tube
    public NextAction processResponse(Packet packet) {
        Message create;
        if (packet.getMessage() == null) {
            return doReturnWith(packet);
        }
        if (!this.optimized) {
            try {
                packet.setMessage(Messages.create(packet.getMessage().readAsSOAPMessage()));
            } catch (SOAPException e) {
                log.log(Level.SEVERE, LogStringsMessages.WSSTUBE_0005_PROBLEM_PROC_SOAP_MESSAGE(), e);
                return doThrow(new WebServiceException(LogStringsMessages.WSSTUBE_0005_PROBLEM_PROC_SOAP_MESSAGE(), e));
            }
        }
        ProcessingContext initializeOutgoingProcessingContext = initializeOutgoingProcessingContext(packet, this.isSCIssueMessage, this.isTrustMessage);
        initializeOutgoingProcessingContext.setExtraneousProperty("SessionManager", this.sessionManager);
        try {
            try {
                try {
                    create = packet.getMessage();
                    if (initializeOutgoingProcessingContext.getSecurityPolicy() != null && ((MessagePolicy) initializeOutgoingProcessingContext.getSecurityPolicy()).size() > 0) {
                        create = !this.optimized ? Messages.create(secureOutboundMessage(create.readAsSOAPMessage(), initializeOutgoingProcessingContext)) : secureOutboundMessage(create, initializeOutgoingProcessingContext);
                    }
                    if (isSCCancel(packet)) {
                        removeContext(this.tmpPacket);
                    }
                    this.tmpPacket = null;
                } catch (Throwable th) {
                    if (isSCCancel(packet)) {
                        removeContext(this.tmpPacket);
                    }
                    this.tmpPacket = null;
                    throw th;
                }
            } catch (SOAPException e2) {
                log.log(Level.SEVERE, LogStringsMessages.WSSTUBE_0024_ERROR_SECURING_OUTBOUND_MSG(), e2);
                NextAction doThrow = doThrow(new WebServiceException(LogStringsMessages.WSSTUBE_0024_ERROR_SECURING_OUTBOUND_MSG(), e2));
                if (isSCCancel(packet)) {
                    removeContext(this.tmpPacket);
                }
                this.tmpPacket = null;
                return doThrow;
            }
        } catch (WssSoapFaultException e3) {
            create = Messages.create(getSOAPFault(e3));
            if (isSCCancel(packet)) {
                removeContext(this.tmpPacket);
            }
            this.tmpPacket = null;
        }
        resetCachedOperation();
        packet.setMessage(create);
        return doReturnWith(packet);
    }

    @Override // com.sun.xml.ws.api.pipe.helper.AbstractFilterTubeImpl, com.sun.xml.ws.api.pipe.Tube
    public NextAction processException(Throwable th) {
        if (!(th instanceof WebServiceException)) {
            th = new WebServiceException(th);
        }
        return doThrow(th);
    }

    private void removeContext(Packet packet) {
        String uri;
        SecurityContextToken securityContextToken = (SecurityContextToken) packet.invocationProperties.get(MessageConstants.INCOMING_SCT);
        if (securityContextToken == null || (uri = securityContextToken.getIdentifier().toString()) == null) {
            return;
        }
        this.issuedTokenContextMap.remove(uri);
        this.sessionManager.terminateSession(uri);
    }

    @Override // com.sun.xml.ws.api.pipe.helper.AbstractFilterTubeImpl, com.sun.xml.ws.api.pipe.Tube, com.sun.xml.ws.api.pipe.Pipe
    public void preDestroy() {
        super.preDestroy();
        this.issuedTokenContextMap.clear();
        SessionManager.removeSessionManager(((ServerTubeConfiguration) this.tubeConfig).getEndpoint());
        NonceManager.deleteInstance(this.wsEndpoint);
    }

    public Packet processMessage(XMLStreamReaderMessage xMLStreamReaderMessage) {
        throw new UnsupportedOperationException();
    }

    public InputStreamMessage processInputStream(XMLStreamReaderMessage xMLStreamReaderMessage) {
        throw new UnsupportedOperationException();
    }

    public InputStreamMessage processInputStream(Message message) {
        throw new UnsupportedOperationException();
    }

    protected ProcessingContext initializeOutgoingProcessingContext(Packet packet, boolean z, boolean z2) {
        return initializeOutgoingProcessingContext(packet, z);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.sun.xml.wss.jaxws.impl.SecurityTubeBase
    public ProcessingContext initializeOutgoingProcessingContext(Packet packet, boolean z) {
        ProcessingContextImpl processingContextImpl;
        if (this.optimized) {
            processingContextImpl = new JAXBFilterProcessingContext(packet.invocationProperties);
            ((JAXBFilterProcessingContext) processingContextImpl).setAddressingVersion(this.addVer);
            ((JAXBFilterProcessingContext) processingContextImpl).setSOAPVersion(this.soapVersion);
            ((JAXBFilterProcessingContext) processingContextImpl).setBSP(this.bsp10);
        } else {
            processingContextImpl = new ProcessingContextImpl(packet.invocationProperties);
        }
        if (this.addVer != null) {
            processingContextImpl.setAction(getAction(packet));
        }
        processingContextImpl.setSecurityPolicyVersion(this.spVersion.namespaceUri);
        try {
            PolicyAlternativeHolder resolveAlternative = resolveAlternative(packet, z);
            MessagePolicy outgoingFaultPolicy = packet.getMessage().isFault() ? getOutgoingFaultPolicy(packet) : (isRMMessage(packet) || isMakeConnectionMessage(packet)) ? resolveAlternative.getOutProtocolPM().get("RM").getMessagePolicy() : isSCCancel(packet) ? resolveAlternative.getOutProtocolPM().get("SC-CANCEL").getMessagePolicy() : getOutgoingXWSSecurityPolicy(packet, z);
            if (outgoingFaultPolicy != null) {
                processingContextImpl.setSecurityPolicy(outgoingFaultPolicy);
            }
            if (isTrustMessage(packet)) {
                processingContextImpl.isTrustMessage(true);
            }
            if (z || outgoingFaultPolicy.getAlgorithmSuite() != null) {
                processingContextImpl.setAlgorithmSuite(outgoingFaultPolicy.getAlgorithmSuite());
            } else {
                processingContextImpl.setAlgorithmSuite(getAlgoSuite(getBindingAlgorithmSuite(packet)));
            }
            processingContextImpl.setSecurityEnvironment(this.secEnv);
            processingContextImpl.isInboundMessage(false);
            processingContextImpl.getExtraneousProperties().put("WSDLPort", this.tubeConfig.getWSDLPort());
            return processingContextImpl;
        } catch (XWSSecurityException e) {
            log.log(Level.SEVERE, LogStringsMessages.WSSTUBE_0006_PROBLEM_INIT_OUT_PROC_CONTEXT(), (Throwable) e);
            throw new RuntimeException(LogStringsMessages.WSSTUBE_0006_PROBLEM_INIT_OUT_PROC_CONTEXT(), e);
        }
    }

    @Override // com.sun.xml.wss.jaxws.impl.SecurityTubeBase
    protected MessagePolicy getOutgoingXWSSecurityPolicy(Packet packet, boolean z) {
        if (z) {
            return getOutgoingXWSBootstrapPolicy((Token) packet.invocationProperties.get(Constants.SC_ASSERTION));
        }
        PolicyAlternativeHolder resolveAlternative = resolveAlternative(packet, z);
        WSDLBoundOperation wSDLBoundOperation = this.cachedOperation;
        if (resolveAlternative.getOutMessagePolicyMap() == null) {
            return new MessagePolicy();
        }
        if (isTrustMessage(packet) || this.cachedOperation == null) {
            this.cachedOperation = getWSDLOpFromAction(packet, false);
        }
        SecurityPolicyHolder securityPolicyHolder = resolveAlternative.getOutMessagePolicyMap().get(this.cachedOperation);
        return securityPolicyHolder == null ? new MessagePolicy() : securityPolicyHolder.getMessagePolicy();
    }

    protected MessagePolicy getOutgoingFaultPolicy(Packet packet) {
        PolicyAlternativeHolder resolveAlternative = resolveAlternative(packet, false);
        if (this.cachedOperation == null) {
            return null;
        }
        WSDLOperation operation = this.cachedOperation.getOperation();
        QName firstDetailEntryName = packet.getMessage().getFirstDetailEntryName();
        WSDLFault wSDLFault = null;
        if (firstDetailEntryName != null) {
            wSDLFault = operation.getFault(firstDetailEntryName);
        }
        SecurityPolicyHolder securityPolicyHolder = resolveAlternative.getOutMessagePolicyMap().get(this.cachedOperation);
        if (wSDLFault == null) {
            return securityPolicyHolder != null ? securityPolicyHolder.getMessagePolicy() : new MessagePolicy();
        }
        SecurityPolicyHolder faultPolicy = securityPolicyHolder.getFaultPolicy(wSDLFault);
        return faultPolicy == null ? new MessagePolicy() : faultPolicy.getMessagePolicy();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.sun.xml.wss.jaxws.impl.SecurityTubeBase
    public SOAPMessage verifyInboundMessage(SOAPMessage sOAPMessage, ProcessingContext processingContext) throws WssSoapFaultException, XWSSecurityException {
        processingContext.setSOAPMessage(sOAPMessage);
        NewSecurityRecipient.validateMessage(processingContext);
        return processingContext.getSOAPMessage();
    }

    private Packet invokeSecureConversationContract(Packet packet, ProcessingContext processingContext, boolean z, String str) {
        String sCTCancelResponseAction;
        BaseSTSResponse cancel;
        IssuedTokenContextImpl issuedTokenContextImpl = new IssuedTokenContextImpl();
        issuedTokenContextImpl.getOtherProperties().put("SessionManager", this.sessionManager);
        Message message = packet.getMessage();
        try {
            issuedTokenContextImpl.setRequestorSubject(SubjectAccessor.getRequesterSubject(processingContext));
            WSTrustElementFactory newInstance = WSTrustElementFactory.newInstance(this.wsscVer);
            RequestSecurityToken createRSTFrom = newInstance.createRSTFrom((JAXBElement) message.readPayloadAsJAXB(WSTrustElementFactory.getContext(this.wsTrustVer).createUnmarshaller()));
            URI requestType = createRSTFrom.getRequestType();
            WSSCContract newWSSCContract = WSSCFactory.newWSSCContract(this.wsscVer);
            newWSSCContract.setWSSCServerConfig((Iterator) packet.invocationProperties.get(com.sun.xml.ws.security.impl.policy.Constants.SUN_SECURE_SERVER_CONVERSATION_POLICY_NS));
            if (requestType.toString().equals(this.wsTrustVer.getIssueRequestTypeURI())) {
                cancel = newWSSCContract.issue(createRSTFrom, issuedTokenContextImpl, (SecureConversationToken) getOutBoundSCP(packet.getMessage()).get(0));
                sCTCancelResponseAction = this.wsscVer.getSCTResponseAction();
                String uri = ((SecurityContextToken) issuedTokenContextImpl.getSecurityToken()).getIdentifier().toString();
                Session session = this.sessionManager.getSession(uri);
                if (session == null) {
                    log.log(Level.SEVERE, LogStringsMessages.WSSTUBE_0029_ERROR_SESSION_CREATION());
                    throw new WSSecureConversationException(LogStringsMessages.WSSTUBE_0029_ERROR_SESSION_CREATION());
                }
                packet.invocationProperties.put(Session.SESSION_ID_KEY, uri);
                packet.invocationProperties.put(Session.SESSION_KEY, session.getUserData());
            } else if (requestType.toString().equals(this.wsTrustVer.getRenewRequestTypeURI())) {
                List<PolicyAssertion> outBoundSCP = getOutBoundSCP(packet.getMessage());
                sCTCancelResponseAction = this.wsscVer.getSCTRenewResponseAction();
                cancel = newWSSCContract.renew(createRSTFrom, issuedTokenContextImpl, (SecureConversationToken) outBoundSCP.get(0));
            } else {
                if (!requestType.toString().equals(this.wsTrustVer.getCancelRequestTypeURI())) {
                    log.log(Level.SEVERE, LogStringsMessages.WSSTUBE_0030_UNSUPPORTED_OPERATION_EXCEPTION(requestType));
                    throw new UnsupportedOperationException(LogStringsMessages.WSSTUBE_0030_UNSUPPORTED_OPERATION_EXCEPTION(requestType));
                }
                sCTCancelResponseAction = this.wsscVer.getSCTCancelResponseAction();
                cancel = newWSSCContract.cancel(createRSTFrom, issuedTokenContextImpl);
            }
            Packet addAddressingHeaders = addAddressingHeaders(packet, Messages.create(WSTrustElementFactory.getContext(this.wsTrustVer).createMarshaller(), newInstance.toJAXBElement(cancel), this.soapVersion), sCTCancelResponseAction);
            if (z) {
                List<PolicyAssertion> outBoundSCP2 = getOutBoundSCP(packet.getMessage());
                if (!outBoundSCP2.isEmpty()) {
                    addAddressingHeaders.invocationProperties.put(Constants.SC_ASSERTION, outBoundSCP2.get(0));
                }
            }
            return addAddressingHeaders;
        } catch (JAXBException e) {
            log.log(Level.SEVERE, LogStringsMessages.WSSTUBE_0001_PROBLEM_MAR_UNMAR(), e);
            throw new RuntimeException(LogStringsMessages.WSSTUBE_0001_PROBLEM_MAR_UNMAR(), e);
        } catch (WSSecureConversationException e2) {
            log.log(Level.SEVERE, LogStringsMessages.WSSTUBE_0031_ERROR_INVOKE_SC_CONTRACT(), (Throwable) e2);
            throw new RuntimeException(LogStringsMessages.WSSTUBE_0031_ERROR_INVOKE_SC_CONTRACT(), e2);
        } catch (XWSSecurityException e3) {
            log.log(Level.SEVERE, LogStringsMessages.WSSTUBE_0031_ERROR_INVOKE_SC_CONTRACT(), (Throwable) e3);
            throw new RuntimeException(LogStringsMessages.WSSTUBE_0031_ERROR_INVOKE_SC_CONTRACT(), e3);
        }
    }

    public InputStreamMessage processInputStream(Packet packet) {
        throw new UnsupportedOperationException("Will be supported for optimized path");
    }

    @Override // com.sun.xml.wss.jaxws.impl.SecurityTubeBase
    protected SecurityPolicyHolder addOutgoingMP(WSDLBoundOperation wSDLBoundOperation, Policy policy, PolicyAlternativeHolder policyAlternativeHolder) throws PolicyException {
        SecurityPolicyHolder constructPolicyHolder = constructPolicyHolder(policy, true, true);
        policyAlternativeHolder.getInMessagePolicyMap().put(wSDLBoundOperation, constructPolicyHolder);
        return constructPolicyHolder;
    }

    @Override // com.sun.xml.wss.jaxws.impl.SecurityTubeBase
    protected SecurityPolicyHolder addIncomingMP(WSDLBoundOperation wSDLBoundOperation, Policy policy, PolicyAlternativeHolder policyAlternativeHolder) throws PolicyException {
        SecurityPolicyHolder constructPolicyHolder = constructPolicyHolder(policy, true, false);
        policyAlternativeHolder.getOutMessagePolicyMap().put(wSDLBoundOperation, constructPolicyHolder);
        return constructPolicyHolder;
    }

    @Override // com.sun.xml.wss.jaxws.impl.SecurityTubeBase
    protected void addIncomingProtocolPolicy(Policy policy, String str, PolicyAlternativeHolder policyAlternativeHolder) throws PolicyException {
        policyAlternativeHolder.getOutProtocolPM().put(str, constructPolicyHolder(policy, true, false, true));
    }

    @Override // com.sun.xml.wss.jaxws.impl.SecurityTubeBase
    protected void addOutgoingProtocolPolicy(Policy policy, String str, PolicyAlternativeHolder policyAlternativeHolder) throws PolicyException {
        policyAlternativeHolder.getInProtocolPM().put(str, constructPolicyHolder(policy, true, true, false));
    }

    @Override // com.sun.xml.wss.jaxws.impl.SecurityTubeBase
    protected void addIncomingFaultPolicy(Policy policy, SecurityPolicyHolder securityPolicyHolder, WSDLFault wSDLFault) throws PolicyException {
        securityPolicyHolder.addFaultPolicy(wSDLFault, constructPolicyHolder(policy, true, false));
    }

    @Override // com.sun.xml.wss.jaxws.impl.SecurityTubeBase
    protected void addOutgoingFaultPolicy(Policy policy, SecurityPolicyHolder securityPolicyHolder, WSDLFault wSDLFault) throws PolicyException {
        securityPolicyHolder.addFaultPolicy(wSDLFault, constructPolicyHolder(policy, true, true));
    }

    @Override // com.sun.xml.wss.jaxws.impl.SecurityTubeBase
    protected String getAction(WSDLOperation wSDLOperation, boolean z) {
        return z ? wSDLOperation.getInput().getAction() : wSDLOperation.getOutput().getAction();
    }

    private Packet addAddressingHeaders(Packet packet, Message message, String str) {
        Packet createServerResponse = packet.createServerResponse(message, this.addVer, this.soapVersion, str);
        createServerResponse.proxy = packet.proxy;
        createServerResponse.invocationProperties.putAll(packet.invocationProperties);
        return createServerResponse;
    }

    private CallbackHandler configureServerHandler(Set<PolicyAssertion> set, Properties properties) {
        CallbackHandlerFeature callbackHandlerFeature = (CallbackHandlerFeature) this.tubeConfig.getBinding().getFeature(CallbackHandlerFeature.class);
        if (callbackHandlerFeature != null) {
            return callbackHandlerFeature.getHandler();
        }
        String populateConfigProperties = populateConfigProperties(set, properties);
        try {
            if (populateConfigProperties == null) {
                return new DefaultCallbackHandler("server", properties, getRealmAuthenticationAdapter(((ServerTubeConfiguration) this.tubeConfig).getEndpoint()));
            }
            Object newInstance = loadClass(populateConfigProperties).newInstance();
            if (newInstance instanceof CallbackHandler) {
                return (CallbackHandler) newInstance;
            }
            log.log(Level.SEVERE, LogStringsMessages.WSSTUBE_0033_INVALID_CALLBACK_HANDLER_CLASS(populateConfigProperties));
            throw new RuntimeException(LogStringsMessages.WSSTUBE_0033_INVALID_CALLBACK_HANDLER_CLASS(populateConfigProperties));
        } catch (Exception e) {
            log.log(Level.SEVERE, LogStringsMessages.WSSTUBE_0032_ERROR_CONFIGURE_SERVER_HANDLER(), (Throwable) e);
            throw new RuntimeException(LogStringsMessages.WSSTUBE_0032_ERROR_CONFIGURE_SERVER_HANDLER(), e);
        }
    }

    private RealmAuthenticationAdapter getRealmAuthenticationAdapter(WSEndpoint wSEndpoint) {
        Object spi;
        Class<?> cls = null;
        ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
        if (contextClassLoader != null) {
            try {
                cls = contextClassLoader.loadClass("javax.servlet.ServletContext");
            } catch (ClassNotFoundException e) {
                return null;
            }
        }
        if (cls == null) {
            try {
                cls = getClass().getClassLoader().loadClass("javax.servlet.ServletContext");
            } catch (ClassNotFoundException e2) {
                return null;
            }
        }
        if (cls == null || (spi = wSEndpoint.getContainer().getSPI(cls)) == null) {
            return null;
        }
        return RealmAuthenticationAdapter.newInstance(spi);
    }

    private void updateSCBootstrapCredentials(Packet packet, ProcessingContext processingContext) {
        SecurityContextToken securityContextToken = (SecurityContextToken) packet.invocationProperties.get(MessageConstants.INCOMING_SCT);
        if (securityContextToken != null) {
            String uri = securityContextToken.getIdentifier().toString();
            packet.invocationProperties.put(Session.SESSION_ID_KEY, uri);
            packet.invocationProperties.put(Session.SESSION_KEY, this.sessionManager.getSession(uri).getUserData());
            IssuedTokenContext securityContext = this.sessionManager.getSecurityContext(uri, true);
            if (securityContext != null) {
                copySubject(securityContext.getRequestorSubject(), DefaultSecurityEnvironmentImpl.getSubject(packet.invocationProperties));
            }
        }
    }

    private static void copySubject(final Subject subject, final Subject subject2) {
        if (subject == null || subject2 == null) {
            return;
        }
        AccessController.doPrivileged(new PrivilegedAction() { // from class: com.sun.xml.wss.jaxws.impl.SecurityServerTube.1
            @Override // java.security.PrivilegedAction
            public Object run() {
                subject2.getPrincipals().addAll(subject.getPrincipals());
                subject2.getPublicCredentials().addAll(subject.getPublicCredentials());
                subject2.getPrivateCredentials().addAll(subject.getPrivateCredentials());
                return null;
            }
        });
    }

    private static String getMetaINFServiceClass(String str) {
        URL loadFromClasspath = loadFromClasspath(str);
        if (loadFromClasspath == null) {
            return null;
        }
        InputStream inputStream = null;
        try {
            try {
                inputStream = loadFromClasspath.openStream();
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                for (int read = inputStream.read(); read != -1; read = inputStream.read()) {
                    byteArrayOutputStream.write(read);
                }
                String byteArrayOutputStream2 = byteArrayOutputStream.toString();
                try {
                    inputStream.close();
                } catch (IOException e) {
                    log.log(Level.WARNING, (String) null, (Throwable) e);
                }
                return byteArrayOutputStream2;
            } catch (IOException e2) {
                log.log(Level.SEVERE, (String) null, (Throwable) e2);
                throw new WebServiceException(e2);
            }
        } catch (Throwable th) {
            try {
                inputStream.close();
            } catch (IOException e3) {
                log.log(Level.WARNING, (String) null, (Throwable) e3);
            }
            throw th;
        }
    }

    public static URL loadFromClasspath(String str) {
        ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
        return contextClassLoader == null ? ClassLoader.getSystemResource(str) : contextClassLoader.getResource(str);
    }
}
