package org.picketlink.identity.federation.api.wstrust;

import java.net.ConnectException;
import java.net.URI;
import java.security.Principal;
import org.picketlink.common.PicketLinkLogger;
import org.picketlink.common.PicketLinkLoggerFactory;
import org.picketlink.common.exceptions.ParsingException;
import org.picketlink.common.exceptions.fed.WSTrustException;
import org.picketlink.identity.federation.core.wstrust.STSClient;
import org.picketlink.identity.federation.core.wstrust.STSClientConfig;
import org.picketlink.identity.federation.core.wstrust.STSClientFactory;
import org.picketlink.identity.federation.core.wstrust.STSClientPool;
import org.picketlink.identity.federation.core.wstrust.WSTrustUtil;
import org.picketlink.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.w3c.dom.Element;

/* loaded from: input_file:org/picketlink/identity/federation/api/wstrust/WSTrustClient.class */
public class WSTrustClient {
    private static final PicketLinkLogger logger = PicketLinkLoggerFactory.getLogger();
    private final STSClient[] clients;

    /* loaded from: input_file:org/picketlink/identity/federation/api/wstrust/WSTrustClient$SecurityInfo.class */
    public static class SecurityInfo {
        private final String username;
        private final String passwd;

        public SecurityInfo(String str, char[] cArr) {
            this.username = str;
            this.passwd = new String(cArr);
        }

        public SecurityInfo(String str, String str2) {
            this.username = str;
            this.passwd = str2;
        }
    }

    public WSTrustClient(String str, String str2, String str3, SecurityInfo securityInfo) throws ParsingException {
        this(str, str2, new String[]{str3}, securityInfo);
    }

    public WSTrustClient(String str, String str2, String[] strArr, SecurityInfo securityInfo) throws ParsingException {
        if (str == null || str2 == null || strArr == null || securityInfo == null) {
            throw logger.nullArgumentError("The service name, port, endpoint URIs and security info parameters cannot be null");
        }
        if (strArr.length == 0) {
            throw logger.nullArgumentError("At least one endpoint URI must be provided");
        }
        this.clients = new STSClient[strArr.length];
        STSClientConfig.Builder builder = new STSClientConfig.Builder();
        builder.serviceName(str).portName(str2).username(securityInfo.username).password(securityInfo.passwd);
        STSClientPool sTSClientFactory = STSClientFactory.getInstance();
        int i = 0;
        for (String str3 : strArr) {
            builder.endpointAddress(str3);
            STSClientConfig build = builder.build();
            sTSClientFactory.createPool(build);
            int i2 = i;
            i++;
            this.clients[i2] = sTSClientFactory.getClient(build);
        }
    }

    public Element issueToken(String str) throws WSTrustException {
        if (str == null) {
            throw logger.nullArgumentError("The token type");
        }
        RequestSecurityToken requestSecurityToken = new RequestSecurityToken();
        requestSecurityToken.setTokenType(URI.create(str));
        return issueInternal(requestSecurityToken, 0);
    }

    public Element issueTokenForEndpoint(String str) throws WSTrustException {
        if (str == null) {
            throw logger.nullArgumentError("The endpoint URI");
        }
        RequestSecurityToken requestSecurityToken = new RequestSecurityToken();
        requestSecurityToken.setAppliesTo(WSTrustUtil.createAppliesTo(str));
        return issueInternal(requestSecurityToken, 0);
    }

    public Element issueToken(String str, String str2) throws WSTrustException {
        if (str == null && str2 == null) {
            throw logger.nullArgumentError("Either the token type or endpoint URI must be specified");
        }
        RequestSecurityToken requestSecurityToken = new RequestSecurityToken();
        if (str2 != null) {
            requestSecurityToken.setTokenType(URI.create(str2));
        }
        if (str != null) {
            requestSecurityToken.setAppliesTo(WSTrustUtil.createAppliesTo(str));
        }
        return issueInternal(requestSecurityToken, 0);
    }

    public Element issueTokenOnBehalfOf(String str, String str2, Principal principal) throws WSTrustException {
        if (str == null && str2 == null) {
            throw logger.nullArgumentError("Either the token type or endpoint URI must be specified");
        }
        if (principal == null) {
            throw logger.nullArgumentError("The on-behalf-of principal");
        }
        RequestSecurityToken requestSecurityToken = new RequestSecurityToken();
        if (str2 != null) {
            requestSecurityToken.setTokenType(URI.create(str2));
        }
        if (str != null) {
            requestSecurityToken.setAppliesTo(WSTrustUtil.createAppliesTo(str));
        }
        requestSecurityToken.setOnBehalfOf(WSTrustUtil.createOnBehalfOfWithUsername(principal.getName(), "ID"));
        return issueInternal(requestSecurityToken, 0);
    }

    public Element issueToken(RequestSecurityToken requestSecurityToken) throws WSTrustException {
        if (requestSecurityToken == null) {
            throw logger.nullArgumentError("request");
        }
        return issueInternal(requestSecurityToken, 0);
    }

    public Element renewToken(String str, Element element) throws WSTrustException {
        return renewInternal(str, element, 0);
    }

    public boolean validateToken(Element element) throws WSTrustException {
        return validateInternal(element, 0);
    }

    public boolean cancelToken(Element element) throws WSTrustException {
        return cancelInternal(element, 0);
    }

    private Element issueInternal(RequestSecurityToken requestSecurityToken, int i) throws WSTrustException {
        try {
            return this.clients[i].issueToken(requestSecurityToken);
        } catch (RuntimeException e) {
            if (!isCausedByConnectException(e) || i >= this.clients.length - 1) {
                throw e;
            }
            return issueInternal(requestSecurityToken, i + 1);
        }
    }

    private Element renewInternal(String str, Element element, int i) throws WSTrustException {
        try {
            return this.clients[i].renewToken(str, element);
        } catch (RuntimeException e) {
            if (!isCausedByConnectException(e) || i >= this.clients.length - 1) {
                throw e;
            }
            return renewInternal(str, element, i + 1);
        }
    }

    private boolean validateInternal(Element element, int i) throws WSTrustException {
        try {
            return this.clients[i].validateToken(element);
        } catch (RuntimeException e) {
            if (!isCausedByConnectException(e) || i >= this.clients.length - 1) {
                throw e;
            }
            return validateInternal(element, i + 1);
        }
    }

    private boolean cancelInternal(Element element, int i) throws WSTrustException {
        try {
            return this.clients[i].cancelToken(element);
        } catch (RuntimeException e) {
            if (!isCausedByConnectException(e) || i >= this.clients.length - 1) {
                throw e;
            }
            return cancelInternal(element, i + 1);
        }
    }

    private boolean isCausedByConnectException(Throwable th) {
        while (th.getCause() != null) {
            th = th.getCause();
        }
        return (th instanceof ConnectException) && th.getMessage().equals("Connection refused");
    }

    public void close() {
        STSClientPool sTSClientFactory = STSClientFactory.getInstance();
        for (STSClient sTSClient : this.clients) {
            sTSClientFactory.returnClient(sTSClient);
        }
    }
}
