package com.sun.xml.ws.security.trust.impl.client;

import com.sun.xml.ws.api.security.trust.Claims;
import com.sun.xml.ws.api.security.trust.client.STSIssuedTokenConfiguration;
import com.sun.xml.ws.api.security.trust.client.SecondaryIssuedTokenParameters;
import com.sun.xml.ws.policy.PolicyAssertion;
import com.sun.xml.ws.security.Token;
import com.sun.xml.ws.security.addressing.policy.Address;
import com.sun.xml.ws.security.policy.IssuedToken;
import com.sun.xml.ws.security.policy.Issuer;
import com.sun.xml.ws.security.policy.RequestSecurityTokenTemplate;
import com.sun.xml.ws.security.secext10.AttributedString;
import com.sun.xml.ws.security.secext10.BinarySecurityTokenType;
import com.sun.xml.ws.security.secext10.ObjectFactory;
import com.sun.xml.ws.security.secext10.UsernameTokenType;
import com.sun.xml.ws.security.trust.GenericToken;
import com.sun.xml.ws.security.trust.WSTrustElementFactory;
import com.sun.xml.ws.security.trust.WSTrustVersion;
import com.sun.xml.wss.impl.MessageConstants;
import jakarta.xml.ws.WebServiceException;
import java.net.URI;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import java.util.Map;
import javax.xml.namespace.QName;

/* loaded from: input_file:com/sun/xml/ws/security/trust/impl/client/DefaultSTSIssuedTokenConfiguration.class */
public class DefaultSTSIssuedTokenConfiguration extends STSIssuedTokenConfiguration {
    private static final String PRE_CONFIGURED_STS = "PreconfiguredSTS";
    private static final String NAMESPACE = "namespace";
    private static final String CONFIG_NAMESPACE = "";
    private static final String ENDPOINT = "endPoint";
    private static final String METADATA = "metadata";
    private static final String WSDL_LOCATION = "wsdlLocation";
    private static final String SERVICE_NAME = "serviceName";
    private static final String PORT_NAME = "portName";
    private static final String REQUEST_SECURITY_TOKEN_TEMPLATE = "RequestSecurityTokenTemplate";
    private static final String CLAIMS = "Claims";
    private static final String DIALECT = "Dialect";
    private static final String IDENTITY = "Identity";
    private static final String WST_VERSION = "wstVersion";
    private String tokenType;
    private String keyType;
    private long keySize;
    private String signatureAlg;
    private String encAlg;
    private String canAlg;
    private String keyWrapAlg;
    private Token oboToken;
    private String signWith;
    private String encryptWith;
    private Claims claims;

    public DefaultSTSIssuedTokenConfiguration() {
        this.tokenType = null;
        this.keyType = null;
        this.keySize = -1L;
        this.signatureAlg = null;
        this.encAlg = null;
        this.canAlg = null;
        this.keyWrapAlg = null;
        this.oboToken = null;
        this.signWith = null;
        this.encryptWith = null;
        this.claims = null;
    }

    public DefaultSTSIssuedTokenConfiguration(String str, IssuedToken issuedToken, PolicyAssertion policyAssertion) {
        this.tokenType = null;
        this.keyType = null;
        this.keySize = -1L;
        this.signatureAlg = null;
        this.encAlg = null;
        this.canAlg = null;
        this.keyWrapAlg = null;
        this.oboToken = null;
        this.signWith = null;
        this.encryptWith = null;
        this.claims = null;
        if (str != null) {
            this.protocol = str;
        }
        parseAssertions(issuedToken, policyAssertion);
    }

    public DefaultSTSIssuedTokenConfiguration(String str, String str2) {
        super(str, str2);
        this.tokenType = null;
        this.keyType = null;
        this.keySize = -1L;
        this.signatureAlg = null;
        this.encAlg = null;
        this.canAlg = null;
        this.keyWrapAlg = null;
        this.oboToken = null;
        this.signWith = null;
        this.encryptWith = null;
        this.claims = null;
    }

    public DefaultSTSIssuedTokenConfiguration(String str, String str2, String str3, String str4, String str5) {
        super(str, str2, str3, str4, str5);
        this.tokenType = null;
        this.keyType = null;
        this.keySize = -1L;
        this.signatureAlg = null;
        this.encAlg = null;
        this.canAlg = null;
        this.keyWrapAlg = null;
        this.oboToken = null;
        this.signWith = null;
        this.encryptWith = null;
        this.claims = null;
    }

    public DefaultSTSIssuedTokenConfiguration(String str, String str2, String str3) {
        super(str, str2, str3);
        this.tokenType = null;
        this.keyType = null;
        this.keySize = -1L;
        this.signatureAlg = null;
        this.encAlg = null;
        this.canAlg = null;
        this.keyWrapAlg = null;
        this.oboToken = null;
        this.signWith = null;
        this.encryptWith = null;
        this.claims = null;
    }

    public DefaultSTSIssuedTokenConfiguration(String str, String str2, String str3, String str4, String str5, String str6) {
        super(str, str2, str3, str4, str5, str6);
        this.tokenType = null;
        this.keyType = null;
        this.keySize = -1L;
        this.signatureAlg = null;
        this.encAlg = null;
        this.canAlg = null;
        this.keyWrapAlg = null;
        this.oboToken = null;
        this.signWith = null;
        this.encryptWith = null;
        this.claims = null;
    }

    public void setProtocol(String str) {
        this.protocol = str;
    }

    public void setSTSInfo(String str, String str2) {
        this.stsEndpoint = str;
        this.stsMEXAddress = str2;
    }

    public void setSTSInfo(String str, String str2, String str3, String str4, String str5, String str6) {
        this.protocol = str;
        this.stsEndpoint = str2;
        this.stsWSDLLocation = str3;
        this.stsServiceName = str4;
        this.stsPortName = str5;
        this.stsNamespace = str6;
    }

    public void setTokenType(String str) {
        this.tokenType = str;
    }

    public void setKeyType(String str) {
        this.keyType = str;
    }

    public void setKeySize(long j) {
        this.keySize = j;
    }

    public void setSignWith(String str) {
        this.signWith = str;
    }

    public void setEncryptWith(String str) {
        this.encryptWith = str;
    }

    public void setSignatureAlgorithm(String str) {
        this.signatureAlg = str;
    }

    public void setEncryptionAlgorithm(String str) {
        this.encAlg = str;
    }

    public void setCanonicalizationAlgorithm(String str) {
        this.canAlg = str;
    }

    public void setKeyWrapAlgorithm(String str) {
        this.keyWrapAlg = str;
    }

    public void setClaims(Claims claims) {
        this.claims = claims;
    }

    public void setOBOToken(Token token) {
        this.oboToken = token;
    }

    public void setOBOToken(String str, String str2) {
        this.oboToken = createUsernameToken(str, str2);
    }

    public void setOBOToken(X509Certificate x509Certificate) {
        this.oboToken = createBinaryTokenForCertificate(x509Certificate);
    }

    public void setActAsToken(String str, String str2) {
        getOtherOptions().put(STSIssuedTokenConfiguration.ACT_AS, createUsernameToken(str, str2));
    }

    public void setActAsToken(X509Certificate x509Certificate) {
        getOtherOptions().put(STSIssuedTokenConfiguration.ACT_AS, createBinaryTokenForCertificate(x509Certificate));
    }

    @Override // com.sun.xml.ws.api.security.trust.client.STSIssuedTokenConfiguration
    public String getTokenType() {
        return this.tokenType;
    }

    @Override // com.sun.xml.ws.api.security.trust.client.STSIssuedTokenConfiguration
    public String getKeyType() {
        return this.keyType;
    }

    @Override // com.sun.xml.ws.api.security.trust.client.STSIssuedTokenConfiguration
    public long getKeySize() {
        return this.keySize;
    }

    @Override // com.sun.xml.ws.api.security.trust.client.STSIssuedTokenConfiguration
    public String getSignatureAlgorithm() {
        return this.signatureAlg;
    }

    @Override // com.sun.xml.ws.api.security.trust.client.STSIssuedTokenConfiguration
    public String getEncryptionAlgorithm() {
        return this.encAlg;
    }

    @Override // com.sun.xml.ws.api.security.trust.client.STSIssuedTokenConfiguration
    public String getCanonicalizationAlgorithm() {
        return this.canAlg;
    }

    @Override // com.sun.xml.ws.api.security.trust.client.STSIssuedTokenConfiguration
    public String getKeyWrapAlgorithm() {
        return this.keyWrapAlg;
    }

    @Override // com.sun.xml.ws.api.security.trust.client.STSIssuedTokenConfiguration
    public String getSignWith() {
        return this.signWith;
    }

    @Override // com.sun.xml.ws.api.security.trust.client.STSIssuedTokenConfiguration
    public String getEncryptWith() {
        return this.encryptWith;
    }

    @Override // com.sun.xml.ws.api.security.trust.client.STSIssuedTokenConfiguration
    public Claims getClaims() {
        return this.claims;
    }

    @Override // com.sun.xml.ws.api.security.trust.client.STSIssuedTokenConfiguration
    public Token getOBOToken() {
        return this.oboToken;
    }

    public void setSecondaryIssuedTokenParameters(SecondaryIssuedTokenParameters secondaryIssuedTokenParameters) {
        this.sisPara = secondaryIssuedTokenParameters;
    }

    private void parseAssertions(IssuedToken issuedToken, PolicyAssertion policyAssertion) {
        URI uri;
        Issuer issuer = issuedToken.getIssuer();
        URI uri2 = null;
        if (issuer != null) {
            uri2 = issuedToken.getIssuer().getAddress().getURI();
            if (issuer.getIdentity() != null) {
                getOtherOptions().put("Identity", issuer.getIdentity());
            }
        }
        if (uri2 != null) {
            this.stsEndpoint = uri2.toString();
            Address metadataAddress = issuer.getMetadataAddress();
            if (metadataAddress != null && (uri = metadataAddress.getURI()) != null) {
                this.stsMEXAddress = uri.toString();
            }
            if (this.stsMEXAddress == null) {
                this.stsMEXAddress = this.stsEndpoint + "/mex";
            }
        }
        String str = null;
        if (policyAssertion != null && PRE_CONFIGURED_STS.equals(policyAssertion.getName().getLocalPart())) {
            Map attributes = policyAssertion.getAttributes();
            str = trim((String) attributes.get(new QName("", "wstVersion")));
            if (uri2 == null) {
                this.stsNamespace = trim((String) attributes.get(new QName("", NAMESPACE)));
                this.stsEndpoint = trim((String) attributes.get(new QName("", "endPoint")));
                if (this.stsEndpoint == null) {
                    this.stsEndpoint = trim((String) attributes.get(new QName("", "endPoint".toLowerCase())));
                }
                this.stsMEXAddress = trim((String) attributes.get(new QName("", METADATA)));
                if (this.stsMEXAddress == null) {
                    this.stsWSDLLocation = trim((String) attributes.get(new QName("", WSDL_LOCATION)));
                    this.stsServiceName = trim((String) attributes.get(new QName("", SERVICE_NAME)));
                    this.stsPortName = trim((String) attributes.get(new QName("", PORT_NAME)));
                }
            }
            String str2 = (String) attributes.get(new QName("", STSIssuedTokenConfiguration.SHARE_TOKEN));
            if ("true".equals(str2)) {
                getOtherOptions().put(STSIssuedTokenConfiguration.SHARE_TOKEN, str2);
            }
            String str3 = (String) attributes.get(new QName("", STSIssuedTokenConfiguration.RENEW_EXPIRED_TOKEN));
            if ("true".equals(str3)) {
                getOtherOptions().put(STSIssuedTokenConfiguration.RENEW_EXPIRED_TOKEN, str3);
            }
            String str4 = (String) attributes.get(new QName("", STSIssuedTokenConfiguration.MAX_CLOCK_SKEW));
            if (str4 != null) {
                getOtherOptions().put(STSIssuedTokenConfiguration.MAX_CLOCK_SKEW, str4);
            }
            if (policyAssertion.hasParameters()) {
                Iterator parametersIterator = policyAssertion.getParametersIterator();
                while (true) {
                    if (!parametersIterator.hasNext()) {
                        break;
                    }
                    PolicyAssertion policyAssertion2 = (PolicyAssertion) parametersIterator.next();
                    if ("LifeTime".equals(policyAssertion2.getName().getLocalPart())) {
                        getOtherOptions().put("LifeTime", Integer.valueOf(Integer.parseInt(policyAssertion2.getValue())));
                        break;
                    }
                }
            }
        }
        if (str == null) {
            str = this.protocol;
        }
        RequestSecurityTokenTemplate requestSecurityTokenTemplate = issuedToken.getRequestSecurityTokenTemplate();
        if (requestSecurityTokenTemplate != null) {
            Claims claims = null;
            if (this.protocol.equals(WSTrustVersion.WS_TRUST_13.getNamespaceURI())) {
                if (issuedToken.getClaims() != null) {
                    claims = getClaims(issuedToken, str);
                }
            } else if (requestSecurityTokenTemplate.getClaims() != null) {
                claims = getClaims(issuedToken, str);
            }
            if (!this.protocol.equals(str)) {
                copy(requestSecurityTokenTemplate, str, this.protocol);
                setClaims(claims);
                this.protocol = str;
            } else if (!this.protocol.equals(WSTrustVersion.WS_TRUST_13.getNamespaceURI())) {
                copy(requestSecurityTokenTemplate);
                setClaims(claims);
            } else {
                SecondaryIssuedTokenParametersImpl secondaryIssuedTokenParametersImpl = new SecondaryIssuedTokenParametersImpl();
                copy(requestSecurityTokenTemplate, secondaryIssuedTokenParametersImpl);
                secondaryIssuedTokenParametersImpl.setClaims(claims);
                this.sisPara = secondaryIssuedTokenParametersImpl;
            }
        }
    }

    private Claims getClaims(IssuedToken issuedToken, String str) {
        Claims createClaims;
        try {
            if (this.protocol.equals(WSTrustVersion.WS_TRUST_13.getNamespaceURI())) {
                createClaims = WSTrustElementFactory.newInstance(WSTrustVersion.WS_TRUST_13.getNamespaceURI()).createClaims(issuedToken.getClaims().getClaimsAsElement());
            } else {
                createClaims = WSTrustElementFactory.newInstance(WSTrustVersion.WS_TRUST_10.getNamespaceURI()).createClaims(issuedToken.getRequestSecurityTokenTemplate().getClaims().getClaimsAsElement());
            }
            return WSTrustElementFactory.newInstance(WSTrustVersion.getInstance(str)).createClaims(createClaims);
        } catch (Exception e) {
            throw new WebServiceException(e);
        }
    }

    private void copy(RequestSecurityTokenTemplate requestSecurityTokenTemplate) {
        setTokenType(trim(requestSecurityTokenTemplate.getTokenType()));
        setKeyType(trim(requestSecurityTokenTemplate.getKeyType()));
        setKeySize(requestSecurityTokenTemplate.getKeySize());
        setSignWith(trim(requestSecurityTokenTemplate.getSignWith()));
        setEncryptWith(trim(requestSecurityTokenTemplate.getEncryptWith()));
        setSignatureAlgorithm(trim(requestSecurityTokenTemplate.getSignatureAlgorithm()));
        setEncryptionAlgorithm(trim(requestSecurityTokenTemplate.getEncryptionAlgorithm()));
        setCanonicalizationAlgorithm(trim(requestSecurityTokenTemplate.getCanonicalizationAlgorithm()));
    }

    private void copy(RequestSecurityTokenTemplate requestSecurityTokenTemplate, SecondaryIssuedTokenParametersImpl secondaryIssuedTokenParametersImpl) {
        secondaryIssuedTokenParametersImpl.setTokenType(trim(requestSecurityTokenTemplate.getTokenType()));
        secondaryIssuedTokenParametersImpl.setKeyType(trim(requestSecurityTokenTemplate.getKeyType()));
        secondaryIssuedTokenParametersImpl.setKeySize(requestSecurityTokenTemplate.getKeySize());
        secondaryIssuedTokenParametersImpl.setSignWith(trim(requestSecurityTokenTemplate.getSignWith()));
        secondaryIssuedTokenParametersImpl.setEncryptWith(trim(requestSecurityTokenTemplate.getEncryptWith()));
        secondaryIssuedTokenParametersImpl.setSignatureAlgorithm(trim(requestSecurityTokenTemplate.getSignatureAlgorithm()));
        secondaryIssuedTokenParametersImpl.setEncryptionAlgorithm(trim(requestSecurityTokenTemplate.getEncryptionAlgorithm()));
        secondaryIssuedTokenParametersImpl.setCanonicalizationAlgorithm(trim(requestSecurityTokenTemplate.getCanonicalizationAlgorithm()));
        secondaryIssuedTokenParametersImpl.setKeyWrapAlgorithm(trim(requestSecurityTokenTemplate.getKeyWrapAlgorithm()));
    }

    private void copy(RequestSecurityTokenTemplate requestSecurityTokenTemplate, String str, String str2) {
        WSTrustVersion wSTrustVersion = WSTrustVersion.getInstance(str);
        WSTrustVersion wSTrustVersion2 = WSTrustVersion.getInstance(str2);
        String trim = trim(requestSecurityTokenTemplate.getKeyType());
        if (wSTrustVersion2.getPublicKeyTypeURI().equals(trim)) {
            setKeyType(wSTrustVersion.getPublicKeyTypeURI());
        } else if (wSTrustVersion2.getSymmetricKeyTypeURI().equals(trim)) {
            setKeyType(wSTrustVersion.getSymmetricKeyTypeURI());
        } else if (wSTrustVersion2.getBearerKeyTypeURI().equals(trim)) {
            setKeyType(wSTrustVersion.getBearerKeyTypeURI());
        }
        setTokenType(trim(requestSecurityTokenTemplate.getTokenType()));
        setKeySize(requestSecurityTokenTemplate.getKeySize());
        setSignWith(trim(requestSecurityTokenTemplate.getSignWith()));
        setEncryptWith(trim(requestSecurityTokenTemplate.getEncryptWith()));
        setSignatureAlgorithm(trim(requestSecurityTokenTemplate.getSignatureAlgorithm()));
        setEncryptionAlgorithm(trim(requestSecurityTokenTemplate.getEncryptionAlgorithm()));
        setCanonicalizationAlgorithm(trim(requestSecurityTokenTemplate.getCanonicalizationAlgorithm()));
    }

    public void copy(STSIssuedTokenConfiguration sTSIssuedTokenConfiguration) {
        if (sTSIssuedTokenConfiguration.getProtocol() != null) {
            this.protocol = sTSIssuedTokenConfiguration.getProtocol();
        }
        if (this.stsEndpoint == null && sTSIssuedTokenConfiguration.getSTSEndpoint() != null) {
            this.stsEndpoint = sTSIssuedTokenConfiguration.getSTSEndpoint();
            if (sTSIssuedTokenConfiguration.getSTSMEXAddress() != null) {
                this.stsMEXAddress = sTSIssuedTokenConfiguration.getSTSMEXAddress();
            } else if (sTSIssuedTokenConfiguration.getSTSWSDLLocation() != null) {
                this.stsWSDLLocation = sTSIssuedTokenConfiguration.getSTSWSDLLocation();
                this.stsServiceName = sTSIssuedTokenConfiguration.getSTSServiceName();
                this.stsPortName = sTSIssuedTokenConfiguration.getSTSPortName();
                this.stsNamespace = sTSIssuedTokenConfiguration.getSTSNamespace();
            }
        }
        if (this.tokenType == null && sTSIssuedTokenConfiguration.getTokenType() != null) {
            this.tokenType = sTSIssuedTokenConfiguration.getTokenType();
        }
        if (this.keyType == null && sTSIssuedTokenConfiguration.getKeyType() != null) {
            this.keyType = sTSIssuedTokenConfiguration.getKeyType();
        }
        if (this.keySize < 1 && sTSIssuedTokenConfiguration.getKeySize() > 0) {
            this.keySize = sTSIssuedTokenConfiguration.getKeySize();
        }
        if (this.signatureAlg == null && sTSIssuedTokenConfiguration.getSignatureAlgorithm() != null) {
            this.signatureAlg = sTSIssuedTokenConfiguration.getSignatureAlgorithm();
        }
        if (this.encAlg == null && sTSIssuedTokenConfiguration.getEncryptionAlgorithm() != null) {
            this.encAlg = sTSIssuedTokenConfiguration.getEncryptionAlgorithm();
        }
        if (sTSIssuedTokenConfiguration.getCanonicalizationAlgorithm() != null) {
            this.canAlg = sTSIssuedTokenConfiguration.getCanonicalizationAlgorithm();
        }
        if (this.keyWrapAlg == null && sTSIssuedTokenConfiguration.getKeyWrapAlgorithm() != null) {
            this.keyWrapAlg = sTSIssuedTokenConfiguration.getKeyWrapAlgorithm();
        }
        if (this.signWith == null && sTSIssuedTokenConfiguration.getSignWith() != null) {
            this.signWith = sTSIssuedTokenConfiguration.getSignWith();
        }
        if (this.encryptWith == null && sTSIssuedTokenConfiguration.getEncryptWith() != null) {
            this.encryptWith = sTSIssuedTokenConfiguration.getEncryptWith();
        }
        if (sTSIssuedTokenConfiguration.getOBOToken() != null) {
            this.oboToken = sTSIssuedTokenConfiguration.getOBOToken();
        }
        if (this.claims == null && sTSIssuedTokenConfiguration.getClaims() != null) {
            this.claims = sTSIssuedTokenConfiguration.getClaims();
        }
        getOtherOptions().putAll(sTSIssuedTokenConfiguration.getOtherOptions());
        if (sTSIssuedTokenConfiguration.getOtherOptions().containsKey("IssuedToken")) {
            getOtherOptions().remove("IssuedToken");
        }
    }

    private Token createUsernameToken(String str, String str2) {
        ObjectFactory objectFactory = new ObjectFactory();
        UsernameTokenType createUsernameTokenType = objectFactory.createUsernameTokenType();
        AttributedString createAttributedString = objectFactory.createAttributedString();
        createAttributedString.setValue(str);
        AttributedString createAttributedString2 = objectFactory.createAttributedString();
        createAttributedString2.setValue(str2);
        createUsernameTokenType.setUsername(createAttributedString);
        createUsernameTokenType.setPassword(createAttributedString2);
        return new GenericToken(objectFactory.createUsernameToken(createUsernameTokenType));
    }

    private Token createBinaryTokenForCertificate(X509Certificate x509Certificate) {
        ObjectFactory objectFactory = new ObjectFactory();
        BinarySecurityTokenType createBinarySecurityTokenType = objectFactory.createBinarySecurityTokenType();
        createBinarySecurityTokenType.setValueType(MessageConstants.X509v3_NS);
        createBinarySecurityTokenType.setEncodingType(MessageConstants.BASE64_ENCODING_NS);
        try {
            createBinarySecurityTokenType.setValue(x509Certificate.getEncoded());
            return new GenericToken(objectFactory.createBinarySecurityToken(createBinarySecurityTokenType));
        } catch (CertificateEncodingException e) {
            throw new RuntimeException(e);
        }
    }

    private String trim(String str) {
        return str != null ? str.trim() : str;
    }
}
