package org.apache.wss4j.policy.stax.assertionStates;

import java.util.List;
import javax.xml.namespace.QName;
import org.apache.wss4j.common.WSSPolicyException;
import org.apache.wss4j.policy.AssertionState;
import org.apache.wss4j.policy.SPConstants;
import org.apache.wss4j.policy.model.AbstractSecurityAssertion;
import org.apache.wss4j.policy.stax.Assertable;
import org.apache.wss4j.policy.stax.DummyPolicyAsserter;
import org.apache.wss4j.policy.stax.PolicyAsserter;
import org.apache.wss4j.stax.securityEvent.WSSecurityEventConstants;
import org.apache.wss4j.stax.utils.WSSUtils;
import org.apache.xml.security.stax.securityEvent.AbstractSecuredElementSecurityEvent;
import org.apache.xml.security.stax.securityEvent.SecurityEvent;
import org.apache.xml.security.stax.securityEvent.SecurityEventConstants;

/* loaded from: input_file:BOOT-INF/lib/wss4j-ws-security-policy-stax-2.2.0.jar:org/apache/wss4j/policy/stax/assertionStates/OnlySignEntireHeadersAndBodyAssertionState.class */
public class OnlySignEntireHeadersAndBodyAssertionState extends AssertionState implements Assertable {
    private String roleOrActor;
    private PolicyAsserter policyAsserter;

    public OnlySignEntireHeadersAndBodyAssertionState(AbstractSecurityAssertion abstractSecurityAssertion, PolicyAsserter policyAsserter, boolean z, String str) {
        super(abstractSecurityAssertion, z);
        this.roleOrActor = str;
        this.policyAsserter = policyAsserter;
        if (this.policyAsserter == null) {
            this.policyAsserter = new DummyPolicyAsserter();
        }
        if (z) {
            policyAsserter.assertPolicy(new QName(getAssertion().getName().getNamespaceURI(), SPConstants.ONLY_SIGN_ENTIRE_HEADERS_AND_BODY));
        }
    }

    @Override // org.apache.wss4j.policy.stax.Assertable
    public SecurityEventConstants.Event[] getSecurityEventType() {
        return new SecurityEventConstants.Event[]{WSSecurityEventConstants.SIGNED_PART, WSSecurityEventConstants.SignedElement};
    }

    @Override // org.apache.wss4j.policy.stax.Assertable
    public boolean assertEvent(SecurityEvent securityEvent) throws WSSPolicyException {
        String namespaceURI = getAssertion().getName().getNamespaceURI();
        AbstractSecuredElementSecurityEvent abstractSecuredElementSecurityEvent = (AbstractSecuredElementSecurityEvent) securityEvent;
        if (!abstractSecuredElementSecurityEvent.isSigned() || abstractSecuredElementSecurityEvent.isAttachment()) {
            this.policyAsserter.assertPolicy(new QName(namespaceURI, SPConstants.ONLY_SIGN_ENTIRE_HEADERS_AND_BODY));
            return true;
        }
        List<QName> elementPath = abstractSecuredElementSecurityEvent.getElementPath();
        if (elementPath.size() == 4 && WSSUtils.isInSecurityHeader(abstractSecuredElementSecurityEvent.getXmlSecEvent(), elementPath, this.roleOrActor)) {
            setAsserted(true);
            this.policyAsserter.assertPolicy(new QName(namespaceURI, SPConstants.ONLY_SIGN_ENTIRE_HEADERS_AND_BODY));
            return true;
        }
        if (elementPath.size() == 3 && WSSUtils.isInSOAPHeader(elementPath)) {
            setAsserted(true);
            this.policyAsserter.assertPolicy(new QName(namespaceURI, SPConstants.ONLY_SIGN_ENTIRE_HEADERS_AND_BODY));
            return true;
        }
        if (elementPath.size() == 2 && WSSUtils.isInSOAPBody(elementPath)) {
            setAsserted(true);
            this.policyAsserter.assertPolicy(new QName(namespaceURI, SPConstants.ONLY_SIGN_ENTIRE_HEADERS_AND_BODY));
            return true;
        }
        setAsserted(false);
        setErrorMessage("OnlySignEntireHeadersAndBody not fulfilled, offending element: " + WSSUtils.pathAsString(elementPath));
        this.policyAsserter.unassertPolicy(new QName(namespaceURI, SPConstants.ONLY_SIGN_ENTIRE_HEADERS_AND_BODY), getErrorMessage());
        return false;
    }
}
