package org.apache.cxf.ws.security.policy.interceptors;

import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import javax.security.auth.callback.CallbackHandler;
import net.sf.ehcache.constructs.CacheDecoratorFactory;
import org.apache.cxf.Bus;
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.common.classloader.ClassLoaderUtils;
import org.apache.cxf.endpoint.Endpoint;
import org.apache.cxf.helpers.CastUtils;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.interceptor.Interceptor;
import org.apache.cxf.message.Exchange;
import org.apache.cxf.message.Message;
import org.apache.cxf.security.SecurityContext;
import org.apache.cxf.service.Service;
import org.apache.cxf.service.invoker.Invoker;
import org.apache.cxf.service.model.BindingOperationInfo;
import org.apache.cxf.service.model.EndpointInfo;
import org.apache.cxf.transport.Destination;
import org.apache.cxf.ws.addressing.MAPAggregator;
import org.apache.cxf.ws.addressing.policy.MetadataConstants;
import org.apache.cxf.ws.policy.AssertionInfo;
import org.apache.cxf.ws.policy.AssertionInfoMap;
import org.apache.cxf.ws.policy.EndpointPolicy;
import org.apache.cxf.ws.policy.PolicyEngine;
import org.apache.cxf.ws.policy.builder.primitive.PrimitiveAssertion;
import org.apache.cxf.ws.security.SecurityConstants;
import org.apache.cxf.ws.security.policy.SP11Constants;
import org.apache.cxf.ws.security.policy.SP12Constants;
import org.apache.cxf.ws.security.policy.SPConstants;
import org.apache.cxf.ws.security.policy.model.AlgorithmSuite;
import org.apache.cxf.ws.security.policy.model.Binding;
import org.apache.cxf.ws.security.policy.model.Trust10;
import org.apache.cxf.ws.security.policy.model.Trust13;
import org.apache.cxf.ws.security.tokenstore.SecurityToken;
import org.apache.cxf.ws.security.tokenstore.TokenStore;
import org.apache.cxf.ws.security.tokenstore.TokenStoreFactory;
import org.apache.cxf.ws.security.trust.STSUtils;
import org.apache.neethi.Assertion;
import org.apache.neethi.Policy;
import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.ws.security.conversation.ConversationConstants;
import org.apache.ws.security.conversation.ConversationException;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.apache.ws.security.handler.WSHandlerResult;
import org.apache.ws.security.message.token.SecurityContextToken;

/* loaded from: input_file:repository/org/mule/apache/cxf/cxf-rt-ws-security/2.7.19-MULE-006/cxf-rt-ws-security-2.7.19-MULE-006.jar:org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.class */
public final class NegotiationUtils {
    private NegotiationUtils() {
    }

    public static Trust10 getTrust10(AssertionInfoMap assertionInfoMap) {
        Collection<AssertionInfo> collection = assertionInfoMap.get(SPConstants.TRUST_10);
        if (collection == null || collection.isEmpty()) {
            collection = assertionInfoMap.get(SP11Constants.TRUST_10);
        }
        if (collection == null || collection.isEmpty()) {
            return null;
        }
        return (Trust10) collection.iterator().next().getAssertion();
    }

    public static Trust13 getTrust13(AssertionInfoMap assertionInfoMap) {
        Collection<AssertionInfo> collection = assertionInfoMap.get(SP12Constants.TRUST_13);
        if (collection == null || collection.isEmpty()) {
            return null;
        }
        return (Trust13) collection.iterator().next().getAssertion();
    }

    public static TokenStore getTokenStore(Message message) {
        return getTokenStore(message, true);
    }

    public static TokenStore getTokenStore(Message message, boolean z) {
        TokenStore tokenStore;
        EndpointInfo endpointInfo = ((Endpoint) message.getExchange().get(Endpoint.class)).getEndpointInfo();
        synchronized (endpointInfo) {
            TokenStore tokenStore2 = (TokenStore) message.getContextualProperty(SecurityConstants.TOKEN_STORE_CACHE_INSTANCE);
            if (tokenStore2 == null) {
                tokenStore2 = (TokenStore) endpointInfo.getProperty(SecurityConstants.TOKEN_STORE_CACHE_INSTANCE);
            }
            if (z && tokenStore2 == null) {
                TokenStoreFactory newInstance = TokenStoreFactory.newInstance();
                String str = SecurityConstants.TOKEN_STORE_CACHE_INSTANCE;
                String str2 = (String) message.getContextualProperty(SecurityConstants.CACHE_IDENTIFIER);
                if (str2 != null) {
                    str = str + CacheDecoratorFactory.DASH + str2;
                } else if (endpointInfo.getName() != null) {
                    int hashCode = endpointInfo.getName().toString().hashCode();
                    str = hashCode < 0 ? str + hashCode : str + CacheDecoratorFactory.DASH + hashCode;
                }
                tokenStore2 = newInstance.newTokenStore(str, message);
                endpointInfo.setProperty(SecurityConstants.TOKEN_STORE_CACHE_INSTANCE, tokenStore2);
            }
            tokenStore = tokenStore2;
        }
        return tokenStore;
    }

    public static Assertion getAddressingPolicy(AssertionInfoMap assertionInfoMap, boolean z) {
        Collection<AssertionInfo> collection;
        Collection<AssertionInfo> collection2;
        Collection<AssertionInfo> collection3 = assertionInfoMap.get(MetadataConstants.USING_ADDRESSING_2004_QNAME);
        Assertion assertion = null;
        if (null != collection3 && !collection3.isEmpty()) {
            assertion = collection3.iterator().next().getAssertion();
        }
        if (assertion == null && null != (collection2 = assertionInfoMap.get(MetadataConstants.USING_ADDRESSING_2005_QNAME)) && !collection2.isEmpty()) {
            assertion = collection2.iterator().next().getAssertion();
        }
        if (assertion == null && null != (collection = assertionInfoMap.get(MetadataConstants.USING_ADDRESSING_2006_QNAME)) && !collection.isEmpty()) {
            assertion = collection.iterator().next().getAssertion();
        }
        return assertion == null ? new PrimitiveAssertion(MetadataConstants.USING_ADDRESSING_2006_QNAME, z) : z ? new PrimitiveAssertion(assertion.getName(), z) : assertion;
    }

    public static AlgorithmSuite getAlgorithmSuite(AssertionInfoMap assertionInfoMap) {
        Binding binding = null;
        Collection<AssertionInfo> collection = assertionInfoMap.get(SP12Constants.TRANSPORT_BINDING);
        if (collection != null) {
            Iterator<AssertionInfo> it = collection.iterator();
            while (it.hasNext()) {
                binding = (Binding) it.next().getAssertion();
            }
        } else {
            Collection<AssertionInfo> collection2 = assertionInfoMap.get(SP12Constants.ASYMMETRIC_BINDING);
            if (collection2 != null) {
                Iterator<AssertionInfo> it2 = collection2.iterator();
                while (it2.hasNext()) {
                    binding = (Binding) it2.next().getAssertion();
                }
            } else {
                Collection<AssertionInfo> collection3 = assertionInfoMap.get(SP12Constants.SYMMETRIC_BINDING);
                if (collection3 != null) {
                    Iterator<AssertionInfo> it3 = collection3.iterator();
                    while (it3.hasNext()) {
                        binding = (Binding) it3.next().getAssertion();
                    }
                }
            }
        }
        if (binding != null) {
            return binding.getAlgorithmSuite();
        }
        return null;
    }

    public static int getWSCVersion(String str) throws ConversationException {
        if (str == null) {
            return 1;
        }
        if (str.startsWith("http://schemas.xmlsoap.org/ws/2005/02/sc")) {
            return ConversationConstants.getWSTVersion("http://schemas.xmlsoap.org/ws/2005/02/sc");
        }
        if (str.startsWith("http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512")) {
            return ConversationConstants.getWSTVersion("http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512");
        }
        throw new ConversationException("unsupportedSecConvVersion");
    }

    public static void recalcEffectivePolicy(SoapMessage soapMessage, String str, Policy policy, Invoker invoker, boolean z) {
        Exchange exchange = soapMessage.getExchange();
        Bus bus = exchange.getBus();
        PolicyEngine policyEngine = (PolicyEngine) bus.getExtension(PolicyEngine.class);
        if (null == policyEngine) {
            return;
        }
        Destination destination = exchange.getDestination();
        try {
            Endpoint endpoint = soapMessage.getExchange().getEndpoint();
            TokenStore tokenStore = getTokenStore(soapMessage);
            Endpoint createSCEndpoint = z ? STSUtils.createSCEndpoint(bus, str, endpoint.getEndpointInfo().getTransportId(), destination.getAddress().getAddress().getValue(), soapMessage.getVersion().getBindingId(), policy) : STSUtils.createSTSEndpoint(bus, str, endpoint.getEndpointInfo().getTransportId(), destination.getAddress().getAddress().getValue(), soapMessage.getVersion().getBindingId(), policy, null);
            createSCEndpoint.getEndpointInfo().setProperty(TokenStore.class.getName(), tokenStore);
            soapMessage.getExchange().put(TokenStore.class.getName(), tokenStore);
            EndpointPolicy serverEndpointPolicy = policyEngine.getServerEndpointPolicy(createSCEndpoint.getEndpointInfo(), destination);
            Iterator<Interceptor<? extends Message>> it = serverEndpointPolicy.getInterceptors().iterator();
            while (it.hasNext()) {
                soapMessage.getInterceptorChain().add(it.next());
            }
            Collection<Assertion> vocabulary = serverEndpointPolicy.getVocabulary();
            if (null != vocabulary) {
                soapMessage.put((Class<Class>) AssertionInfoMap.class, (Class) new AssertionInfoMap(vocabulary));
            }
            createSCEndpoint.getService().setInvoker(invoker);
            exchange.put((Class<Class>) Endpoint.class, (Class) createSCEndpoint);
            exchange.put((Class<Class>) Service.class, (Class) createSCEndpoint.getService());
            exchange.put((Class<Class>) org.apache.cxf.binding.Binding.class, (Class) createSCEndpoint.getBinding());
            exchange.remove(BindingOperationInfo.class);
            soapMessage.put(MAPAggregator.ACTION_VERIFIED, (Object) Boolean.TRUE);
        } catch (Exception e) {
            throw new Fault(e);
        }
    }

    public static boolean parseSCTResult(SoapMessage soapMessage) {
        byte[] bArr;
        List cast = CastUtils.cast((List<?>) soapMessage.get(WSHandlerConstants.RECV_RESULTS));
        if (cast == null) {
            return false;
        }
        Iterator it = cast.iterator();
        while (it.hasNext()) {
            for (WSSecurityEngineResult wSSecurityEngineResult : ((WSHandlerResult) it.next()).getResults()) {
                if (((Integer) wSSecurityEngineResult.get("action")).intValue() == 1024) {
                    SecurityContextToken securityContextToken = (SecurityContextToken) wSSecurityEngineResult.get(WSSecurityEngineResult.TAG_SECURITY_CONTEXT_TOKEN);
                    soapMessage.getExchange().put(SecurityConstants.TOKEN_ID, securityContextToken.getIdentifier());
                    SecurityToken token = getTokenStore(soapMessage).getToken(securityContextToken.getIdentifier());
                    if (token == null && (bArr = (byte[]) wSSecurityEngineResult.get(WSSecurityEngineResult.TAG_SECRET)) != null) {
                        token = new SecurityToken(securityContextToken.getIdentifier());
                        token.setToken(securityContextToken.getElement());
                        token.setSecret(bArr);
                        token.setTokenType(securityContextToken.getTokenType());
                        getTokenStore(soapMessage).add(token);
                    }
                    SecurityContext securityContext = token.getSecurityContext();
                    if (securityContext == null) {
                        return true;
                    }
                    soapMessage.put((Class<Class>) SecurityContext.class, (Class) securityContext);
                    return true;
                }
            }
        }
        return false;
    }

    public static CallbackHandler getCallbackHandler(Object obj, Class<?> cls) {
        CallbackHandler callbackHandler = null;
        if (obj instanceof CallbackHandler) {
            callbackHandler = (CallbackHandler) obj;
        } else if (obj instanceof String) {
            try {
                callbackHandler = (CallbackHandler) ClassLoaderUtils.loadClass((String) obj, cls).newInstance();
            } catch (Exception e) {
                callbackHandler = null;
            }
        }
        return callbackHandler;
    }
}
