package com.sun.xml.ws.security.trust.impl.client;

import com.sun.xml.rpc.wsdl.parser.Constants;
import com.sun.xml.ws.api.security.trust.WSTrustException;
import com.sun.xml.ws.api.security.trust.client.IssuedTokenProvider;
import com.sun.xml.ws.api.security.trust.client.STSIssuedTokenConfiguration;
import com.sun.xml.ws.security.IssuedTokenContext;
import com.sun.xml.ws.security.trust.WSTrustFactory;
import com.sun.xml.ws.security.trust.logging.LogDomainConstants;
import com.sun.xml.ws.security.trust.logging.LogStringsMessages;
import com.sun.xml.wss.SubjectAccessor;
import java.util.Date;
import java.util.GregorianCalendar;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.Subject;

/* loaded from: input_file:com/sun/xml/ws/security/trust/impl/client/STSIssuedTokenProviderImpl.class */
public class STSIssuedTokenProviderImpl implements IssuedTokenProvider {
    private static final Logger log = Logger.getLogger("com.sun.xml.ws.security.trust", LogDomainConstants.TRUST_IMPL_DOMAIN_BUNDLE);

    @Override // com.sun.xml.ws.api.security.trust.client.IssuedTokenProvider
    public void issue(IssuedTokenContext issuedTokenContext) throws WSTrustException {
        getIssuedTokenContext(issuedTokenContext);
    }

    @Override // com.sun.xml.ws.api.security.trust.client.IssuedTokenProvider
    public void cancel(IssuedTokenContext issuedTokenContext) throws WSTrustException {
    }

    @Override // com.sun.xml.ws.api.security.trust.client.IssuedTokenProvider
    public void renew(IssuedTokenContext issuedTokenContext) throws WSTrustException {
    }

    @Override // com.sun.xml.ws.api.security.trust.client.IssuedTokenProvider
    public void validate(IssuedTokenContext issuedTokenContext) throws WSTrustException {
        WSTrustFactory.newTrustPlugin().processValidate(issuedTokenContext);
    }

    private void updateContext(IssuedTokenContext issuedTokenContext, IssuedTokenContext issuedTokenContext2) {
        issuedTokenContext2.setUnAttachedSecurityTokenReference(issuedTokenContext.getUnAttachedSecurityTokenReference());
        issuedTokenContext2.setSecurityToken(issuedTokenContext.getSecurityToken());
        issuedTokenContext2.setRequestorCertificate(issuedTokenContext.getRequestorCertificate());
        issuedTokenContext2.setProofKeyPair(issuedTokenContext.getProofKeyPair());
        issuedTokenContext2.setProofKey(issuedTokenContext.getProofKey());
        issuedTokenContext2.setExpirationTime(issuedTokenContext.getExpirationTime());
        issuedTokenContext2.setCreationTime(issuedTokenContext.getCreationTime());
        issuedTokenContext2.setAttachedSecurityTokenReference(issuedTokenContext.getAttachedSecurityTokenReference());
    }

    private void getIssuedTokenContext(IssuedTokenContext issuedTokenContext) throws WSTrustException {
        STSIssuedTokenConfiguration sTSIssuedTokenConfiguration = (STSIssuedTokenConfiguration) issuedTokenContext.getSecurityPolicy().get(0);
        issuedTokenContext.setTokenIssuer(sTSIssuedTokenConfiguration.getSTSEndpoint());
        boolean equals = Constants.TRUE.equals(sTSIssuedTokenConfiguration.getOtherOptions().get(STSIssuedTokenConfiguration.SHARE_TOKEN));
        boolean equals2 = Constants.TRUE.equals(sTSIssuedTokenConfiguration.getOtherOptions().get(STSIssuedTokenConfiguration.RENEW_EXPIRED_TOKEN));
        String str = (String) sTSIssuedTokenConfiguration.getOtherOptions().get(STSIssuedTokenConfiguration.MAX_CLOCK_SKEW);
        Subject requesterSubject = SubjectAccessor.getRequesterSubject();
        if (equals && requesterSubject != null) {
            for (IssuedTokenContext issuedTokenContext2 : requesterSubject.getPrivateCredentials(IssuedTokenContext.class)) {
                GregorianCalendar gregorianCalendar = new GregorianCalendar();
                long j = gregorianCalendar.get(15);
                if (gregorianCalendar.getTimeZone().inDaylightTime(gregorianCalendar.getTime())) {
                    j += gregorianCalendar.getTimeZone().getDSTSavings();
                }
                long timeInMillis = gregorianCalendar.getTimeInMillis() - j;
                if (str != null) {
                    timeInMillis -= Long.parseLong(str);
                }
                gregorianCalendar.setTimeInMillis(timeInMillis);
                Date time = gregorianCalendar.getTime();
                if (issuedTokenContext2.getExpirationTime() != null && time.after(issuedTokenContext2.getExpirationTime())) {
                    requesterSubject.getPrivateCredentials().remove(issuedTokenContext2);
                    if (!equals2) {
                        log.log(Level.SEVERE, LogStringsMessages.WST_0046_TOKEN_EXPIRED(issuedTokenContext2.getCreationTime(), issuedTokenContext2.getExpirationTime(), time));
                        throw new WSTrustException(LogStringsMessages.WST_0046_TOKEN_EXPIRED(issuedTokenContext2.getCreationTime(), issuedTokenContext2.getExpirationTime(), time));
                    }
                } else if (issuedTokenContext2.getTokenIssuer().equals(issuedTokenContext.getTokenIssuer())) {
                    updateContext(issuedTokenContext2, issuedTokenContext);
                    return;
                }
            }
        }
        WSTrustFactory.newTrustPlugin().process(issuedTokenContext);
        if (equals) {
            if (requesterSubject == null) {
                requesterSubject = new Subject();
            }
            requesterSubject.getPrivateCredentials().add(issuedTokenContext);
            SubjectAccessor.setRequesterSubject(requesterSubject);
        }
    }
}
