package org.apache.ws.security.handler;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.UnsupportedEncodingException;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import java.util.Vector;
import javax.security.auth.callback.CallbackHandler;
import javax.xml.namespace.QName;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.rpc.JAXRPCException;
import javax.xml.rpc.handler.Handler;
import javax.xml.rpc.handler.HandlerInfo;
import javax.xml.rpc.handler.MessageContext;
import javax.xml.rpc.handler.soap.SOAPMessageContext;
import javax.xml.soap.SOAPException;
import javax.xml.soap.SOAPHeaderElement;
import javax.xml.soap.SOAPMessage;
import javax.xml.soap.SOAPPart;
import javax.xml.transform.Source;
import javax.xml.transform.stream.StreamSource;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.message.token.Timestamp;
import org.apache.ws.security.util.WSSecurityUtil;
import org.apache.ws.security.util.XMLUtils;
import org.w3c.dom.Document;

/* loaded from: input_file:WEB-INF/lib/wss4j-1.5.7.jar:org/apache/ws/security/handler/WSS4JHandler.class */
public class WSS4JHandler extends WSHandler implements Handler {
    private HandlerInfo handlerInfo;
    private static Log log;
    private static boolean doDebug;
    static final String DEPLOYMENT = "deployment";
    static final String CLIENT_DEPLOYMENT = "client";
    static final String SERVER_DEPLOYMENT = "server";
    static final String FLOW = "flow";
    static final String REQUEST_ONLY = "request-only";
    static final String RESPONSE_ONLY = "response-only";
    static final String ALLOW_FORM_OPTIMIZATION = "axis.form.optimization";
    static Class class$org$apache$ws$security$handler$WSS4JHandler;

    public void init(HandlerInfo handlerInfo) {
        this.handlerInfo = handlerInfo;
    }

    public void destroy() {
    }

    public QName[] getHeaders() {
        return this.handlerInfo.getHeaders();
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r6v0, types: [java.lang.Throwable, org.apache.ws.security.WSSecurityException] */
    public boolean handleRequest(MessageContext messageContext) {
        messageContext.setProperty(ALLOW_FORM_OPTIMIZATION, Boolean.TRUE);
        try {
            return processMessage(messageContext, true);
        } catch (WSSecurityException e) {
            if (doDebug) {
                log.debug(e.getMessage(), e);
            }
            throw new JAXRPCException((Throwable) e);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r6v0, types: [java.lang.Throwable, org.apache.ws.security.WSSecurityException] */
    public boolean handleResponse(MessageContext messageContext) {
        messageContext.setProperty(ALLOW_FORM_OPTIMIZATION, Boolean.TRUE);
        try {
            return processMessage(messageContext, false);
        } catch (WSSecurityException e) {
            if (doDebug) {
                log.debug(e.getMessage(), e);
            }
            throw new JAXRPCException((Throwable) e);
        }
    }

    public boolean handleFault(MessageContext messageContext) {
        if (!doDebug) {
            return true;
        }
        log.debug("Entered handleFault");
        return true;
    }

    public boolean processMessage(MessageContext messageContext, boolean z) throws WSSecurityException {
        RequestData requestData = new RequestData();
        requestData.setMsgContext(messageContext);
        doDebug = log.isDebugEnabled();
        String str = (String) getOption(DEPLOYMENT);
        String str2 = str;
        if (str == null) {
            str2 = (String) messageContext.getProperty(DEPLOYMENT);
        }
        if (str2 == null) {
            throw new JAXRPCException("WSS4JHandler.processMessage: No deployment defined");
        }
        String str3 = (String) getOption(FLOW);
        String str4 = str3;
        if (str3 == null) {
            str4 = (String) messageContext.getProperty(FLOW);
        }
        if (str4 == null) {
            str4 = "";
        }
        boolean z2 = (z && !str4.equals(RESPONSE_ONLY)) || !(z || str4.equals(REQUEST_ONLY));
        try {
            if (str2.equals("client") ^ z) {
                if (z2) {
                    boolean doReceiver = doReceiver(messageContext, requestData, z);
                    requestData.clear();
                    return doReceiver;
                }
            } else if (z2) {
                boolean doSender = doSender(messageContext, requestData, z);
                requestData.clear();
                return doSender;
            }
            requestData.clear();
            return true;
        } catch (Throwable th) {
            requestData.clear();
            throw th;
        }
    }

    public boolean doSender(MessageContext messageContext, RequestData requestData, boolean z) throws WSSecurityException {
        String byteArrayOutputStream;
        requestData.getSignatureParts().removeAllElements();
        requestData.getEncryptParts().removeAllElements();
        requestData.setNoSerialization(false);
        Vector vector = new Vector();
        String str = (String) getOption("send.action");
        if (str == null) {
            str = (String) getOption("action");
            if (str == null) {
                str = (String) messageContext.getProperty("action");
            }
        }
        if (str == null) {
            throw new JAXRPCException("WSS4JHandler: No action defined");
        }
        int decodeAction = WSSecurityUtil.decodeAction(str, vector);
        if (decodeAction == 0) {
            return true;
        }
        requestData.setUsername((String) getOption(WSHandlerConstants.USER));
        if (requestData.getUsername() == null || requestData.getUsername().equals("")) {
            requestData.setUsername((String) messageContext.getProperty(WSHandlerConstants.USER));
            messageContext.setProperty(WSHandlerConstants.USER, (Object) null);
        }
        if ((decodeAction & 67) != 0 && (requestData.getUsername() == null || requestData.getUsername().equals(""))) {
            throw new JAXRPCException("WSS4JHandler: Empty username for specified action");
        }
        if (doDebug) {
            log.debug(new StringBuffer().append("Action: ").append(decodeAction).toString());
            log.debug(new StringBuffer().append("Actor: ").append(requestData.getActor()).toString());
        }
        SOAPMessage message = ((SOAPMessageContext) messageContext).getMessage();
        log.debug(new StringBuffer().append("Form optimization: ").append((Boolean) messageContext.getProperty(ALLOW_FORM_OPTIMIZATION)).toString());
        SOAPPart sOAPPart = message.getSOAPPart();
        Document document = (Document) messageContext.getProperty(WSHandlerConstants.SND_SECURITY);
        Document document2 = document;
        if (document == null) {
            try {
                document2 = messageToDocument(message);
            } catch (Exception e) {
                if (doDebug) {
                    log.debug(e.getMessage(), e);
                }
                throw new JAXRPCException("WSS4JHandler: cannot get SOAP envlope from message", e);
            }
        }
        if (doDebug) {
            log.debug("WSS4JHandler: orginal SOAP request: ");
            log.debug(XMLUtils.PrettyDocumentToString(document2));
        }
        doSenderAction(decodeAction, document2, requestData, vector, z);
        if (requestData.isNoSerialization()) {
            messageContext.setProperty(WSHandlerConstants.SND_SECURITY, document2);
        } else {
            ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
            org.apache.xml.security.utils.XMLUtils.outputDOM(document2, byteArrayOutputStream2, true);
            if (doDebug) {
                try {
                    byteArrayOutputStream = byteArrayOutputStream2.toString("UTF-8");
                } catch (UnsupportedEncodingException e2) {
                    if (doDebug) {
                        log.debug(e2.getMessage(), e2);
                    }
                    byteArrayOutputStream = byteArrayOutputStream2.toString();
                }
                log.debug("Send request:");
                log.debug(byteArrayOutputStream);
            }
            try {
                sOAPPart.setContent(new StreamSource(new ByteArrayInputStream(byteArrayOutputStream2.toByteArray())));
                messageContext.setProperty(WSHandlerConstants.SND_SECURITY, (Object) null);
            } catch (SOAPException e3) {
                if (doDebug) {
                    log.debug(e3.getMessage(), e3);
                }
                throw new JAXRPCException(new StringBuffer().append("Couldn't set content on SOAPPart").append(e3.getMessage()).toString(), e3);
            }
        }
        if (!doDebug) {
            return true;
        }
        log.debug("WSS4JHandler: exit invoke()");
        return true;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r21v0, types: [java.lang.Throwable, org.apache.ws.security.WSSecurityException] */
    public boolean doReceiver(MessageContext messageContext, RequestData requestData, boolean z) throws WSSecurityException {
        Timestamp timestamp;
        X509Certificate x509Certificate;
        Vector vector = new Vector();
        String str = (String) getOption("receive.action");
        if (str == null) {
            str = (String) getOption("action");
            if (str == null) {
                str = (String) messageContext.getProperty("action");
            }
        }
        if (str == null) {
            throw new JAXRPCException("WSS4JHandler: No action defined");
        }
        int decodeAction = WSSecurityUtil.decodeAction(str, vector);
        String str2 = (String) getOption("actor");
        SOAPMessage message = ((SOAPMessageContext) messageContext).getMessage();
        SOAPPart sOAPPart = message.getSOAPPart();
        try {
            Document messageToDocument = messageToDocument(message);
            if (WSSecurityUtil.findElement(messageToDocument.getDocumentElement(), "Fault", WSSecurityUtil.getSOAPConstants(messageToDocument.getDocumentElement()).getEnvelopeURI()) != null) {
                return false;
            }
            CallbackHandler callbackHandler = null;
            if ((decodeAction & 5) != 0) {
                callbackHandler = getPasswordCB(requestData);
            }
            doReceiverAction(decodeAction, requestData);
            try {
                Vector processSecurityHeader = secEngine.processSecurityHeader(messageToDocument, str2, callbackHandler, requestData.getSigCrypto(), requestData.getDecCrypto());
                if (processSecurityHeader == null) {
                    if (decodeAction == 0) {
                        return true;
                    }
                    throw new JAXRPCException("WSS4JHandler: Request does not contain required Security header");
                }
                if (requestData.getWssConfig().isEnableSignatureConfirmation() && !z) {
                    checkSignatureConfirmation(requestData, processSecurityHeader);
                }
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                org.apache.xml.security.utils.XMLUtils.outputDOM(messageToDocument, byteArrayOutputStream, true);
                try {
                    sOAPPart.setContent(new StreamSource(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())));
                    if (doDebug) {
                        log.debug("Processed received SOAP request");
                    }
                    try {
                        Iterator examineHeaderElements = message.getSOAPPart().getEnvelope().getHeader().examineHeaderElements(str2);
                        SOAPHeaderElement sOAPHeaderElement = null;
                        while (true) {
                            if (!examineHeaderElements.hasNext()) {
                                break;
                            }
                            SOAPHeaderElement sOAPHeaderElement2 = (SOAPHeaderElement) examineHeaderElements.next();
                            if (sOAPHeaderElement2.getElementName().getLocalName().equals(WSConstants.WSSE_LN) && sOAPHeaderElement2.getNamespaceURI().equals(WSConstants.WSSE_NS)) {
                                sOAPHeaderElement = sOAPHeaderElement2;
                                break;
                            }
                        }
                        sOAPHeaderElement.setMustUnderstand(false);
                        WSSecurityEngineResult fetchActionResult = WSSecurityUtil.fetchActionResult(processSecurityHeader, 2);
                        if (fetchActionResult != null && (x509Certificate = (X509Certificate) fetchActionResult.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE)) != null && !verifyTrust(x509Certificate, requestData)) {
                            throw new JAXRPCException("WSS4JHandler: The certificate used for the signature is not trusted");
                        }
                        WSSecurityEngineResult fetchActionResult2 = WSSecurityUtil.fetchActionResult(processSecurityHeader, 32);
                        if (fetchActionResult2 != null && (timestamp = (Timestamp) fetchActionResult2.get(WSSecurityEngineResult.TAG_TIMESTAMP)) != null && requestData.getWssConfig().isTimeStampStrict() && !verifyTimestamp(timestamp, decodeTimeToLive(requestData))) {
                            throw new JAXRPCException("WSS4JHandler: The timestamp could not be validated");
                        }
                        if (!checkReceiverResults(processSecurityHeader, vector)) {
                            throw new JAXRPCException("WSS4JHandler: security processing failed (actions mismatch)");
                        }
                        Vector vector2 = (Vector) messageContext.getProperty(WSHandlerConstants.RECV_RESULTS);
                        Vector vector3 = vector2;
                        if (vector2 == null) {
                            vector3 = new Vector();
                            messageContext.setProperty(WSHandlerConstants.RECV_RESULTS, vector3);
                        }
                        vector3.add(0, new WSHandlerResult(str2, processSecurityHeader));
                        if (!doDebug) {
                            return true;
                        }
                        log.debug("WSS4JHandler: exit invoke()");
                        return true;
                    } catch (Exception e) {
                        if (doDebug) {
                            log.debug(e.getMessage(), e);
                        }
                        throw new JAXRPCException("WSS4JHandler: cannot get SOAP header after security processing", e);
                    }
                } catch (SOAPException e2) {
                    if (doDebug) {
                        log.debug(e2.getMessage(), e2);
                    }
                    throw new JAXRPCException(new StringBuffer().append("Couldn't set content on SOAPPart").append(e2.getMessage()).toString(), e2);
                }
            } catch (WSSecurityException e3) {
                if (doDebug) {
                    log.debug(e3.getMessage(), e3);
                }
                throw new JAXRPCException("WSS4JHandler: security processing failed", (Throwable) e3);
            }
        } catch (Exception e4) {
            if (doDebug) {
                log.debug(e4.getMessage(), e4);
            }
            throw new JAXRPCException("WSS4JHandler: cannot convert into document", e4);
        }
    }

    public static Document messageToDocument(SOAPMessage sOAPMessage) {
        try {
            Source content = sOAPMessage.getSOAPPart().getContent();
            DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
            newInstance.setNamespaceAware(true);
            return newInstance.newDocumentBuilder().parse(XMLUtils.sourceToInputSource(content));
        } catch (Exception e) {
            if (doDebug) {
                log.debug(e.getMessage(), e);
            }
            throw new JAXRPCException("messageToDocument: cannot convert SOAPMessage into Document", e);
        }
    }

    @Override // org.apache.ws.security.handler.WSHandler
    public Object getOption(String str) {
        return this.handlerInfo.getHandlerConfig().get(str);
    }

    @Override // org.apache.ws.security.handler.WSHandler
    public Object getProperty(Object obj, String str) {
        return ((MessageContext) obj).getProperty(str);
    }

    @Override // org.apache.ws.security.handler.WSHandler
    public void setProperty(Object obj, String str, Object obj2) {
        ((MessageContext) obj).setProperty(str, obj2);
    }

    @Override // org.apache.ws.security.handler.WSHandler
    public String getPassword(Object obj) {
        return (String) ((MessageContext) obj).getProperty("javax.xml.rpc.security.auth.password");
    }

    @Override // org.apache.ws.security.handler.WSHandler
    public void setPassword(Object obj, String str) {
        ((MessageContext) obj).setProperty("javax.xml.rpc.security.auth.password", str);
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$apache$ws$security$handler$WSS4JHandler == null) {
            cls = class$("org.apache.ws.security.handler.WSS4JHandler");
            class$org$apache$ws$security$handler$WSS4JHandler = cls;
        } else {
            cls = class$org$apache$ws$security$handler$WSS4JHandler;
        }
        log = LogFactory.getLog(cls.getName());
        doDebug = log.isDebugEnabled();
    }
}
