package org.apache.ws.axis.security;

import java.io.ByteArrayOutputStream;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.Vector;
import javax.security.auth.callback.CallbackHandler;
import javax.xml.namespace.QName;
import org.apache.axis.AxisFault;
import org.apache.axis.Message;
import org.apache.axis.MessageContext;
import org.apache.axis.SOAPPart;
import org.apache.axis.message.SOAPHeaderElement;
import org.apache.axis.utils.XMLUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.cxf.jaxrs.model.wadl.DocTarget;
import org.apache.ws.axis.security.handler.WSDoAllHandler;
import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.handler.RequestData;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.apache.ws.security.handler.WSHandlerResult;
import org.apache.ws.security.message.token.Timestamp;
import org.apache.ws.security.util.WSSecurityUtil;
import org.w3c.dom.Document;

/* loaded from: input_file:WEB-INF/lib/wss4j-1.5.11.wso2v15.jar:org/apache/ws/axis/security/WSDoAllReceiver.class */
public class WSDoAllReceiver extends WSDoAllHandler {
    protected static Log log = LogFactory.getLog(WSDoAllReceiver.class.getName());
    private static Log tlog = LogFactory.getLog("org.apache.ws.security.TIME");

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r21v0, types: [java.lang.Throwable, org.apache.ws.security.WSSecurityException] */
    /* JADX WARN: Type inference failed for: r30v0, types: [java.lang.Throwable, org.apache.ws.security.WSSecurityException] */
    public void invoke(MessageContext messageContext) throws AxisFault {
        Timestamp timestamp;
        X509Certificate certificate;
        boolean isDebugEnabled = log.isDebugEnabled();
        if (isDebugEnabled) {
            log.debug("WSDoAllReceiver: enter invoke() with msg type: " + messageContext.getCurrentMessage().getMessageType());
        }
        long j = 0;
        long j2 = 0;
        long j3 = 0;
        long j4 = 0;
        if (tlog.isDebugEnabled()) {
            j = System.currentTimeMillis();
        }
        RequestData requestData = new RequestData();
        try {
            try {
                requestData.setMsgContext(messageContext);
                Vector vector = new Vector();
                String str = (String) getOption("action");
                String str2 = str;
                if (str == null) {
                    str2 = (String) messageContext.getProperty("action");
                }
                if (str2 == null) {
                    throw new AxisFault("WSDoAllReceiver: No action defined");
                }
                int decodeAction = WSSecurityUtil.decodeAction(str2, vector);
                String str3 = (String) getOption("actor");
                Message currentMessage = messageContext.getCurrentMessage();
                if (currentMessage == null) {
                    return;
                }
                try {
                    Document asDocument = currentMessage.getSOAPEnvelope().getAsDocument();
                    if (isDebugEnabled) {
                        log.debug("Received SOAP request: ");
                        log.debug(XMLUtils.PrettyDocumentToString(asDocument));
                    }
                    String messageType = currentMessage.getMessageType();
                    if (messageType != null && messageType.equals(DocTarget.RESPONSE)) {
                        if (WSSecurityUtil.findElement(asDocument.getDocumentElement(), "Fault", WSSecurityUtil.getSOAPConstants(asDocument.getDocumentElement()).getEnvelopeURI()) != null) {
                            requestData.clear();
                            return;
                        }
                    }
                    CallbackHandler callbackHandler = null;
                    if ((decodeAction & 5) != 0) {
                        callbackHandler = getPasswordCB(requestData);
                    }
                    doReceiverAction(decodeAction, requestData);
                    if (tlog.isDebugEnabled()) {
                        j2 = System.currentTimeMillis();
                    }
                    try {
                        Vector processSecurityHeader = secEngine.processSecurityHeader(asDocument, str3, callbackHandler, requestData.getSigCrypto(), requestData.getDecCrypto());
                        if (tlog.isDebugEnabled()) {
                            j3 = System.currentTimeMillis();
                        }
                        if (processSecurityHeader == null) {
                            if (decodeAction != 0) {
                                throw new AxisFault("WSDoAllReceiver: Request does not contain required Security header");
                            }
                            requestData.clear();
                            return;
                        }
                        if (requestData.getWssConfig().isEnableSignatureConfirmation() && messageContext.getPastPivot()) {
                            checkSignatureConfirmation(requestData, processSecurityHeader);
                        }
                        ArrayList arrayList = new ArrayList();
                        Iterator it = currentMessage.getSOAPEnvelope().getHeaders().iterator();
                        while (it.hasNext()) {
                            SOAPHeaderElement sOAPHeaderElement = (SOAPHeaderElement) it.next();
                            if (sOAPHeaderElement.isProcessed()) {
                                arrayList.add(sOAPHeaderElement.getQName());
                            }
                        }
                        SOAPPart sOAPPart = currentMessage.getSOAPPart();
                        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                        org.apache.xml.security.utils.XMLUtils.outputDOM(asDocument, byteArrayOutputStream, true);
                        sOAPPart.setCurrentMessage(byteArrayOutputStream.toByteArray(), 4);
                        if (isDebugEnabled) {
                            log.debug("Processed received SOAP request");
                            log.debug(XMLUtils.PrettyDocumentToString(asDocument));
                        }
                        if (tlog.isDebugEnabled()) {
                            j4 = System.currentTimeMillis();
                        }
                        Iterator it2 = arrayList.iterator();
                        while (it2.hasNext()) {
                            QName qName = (QName) it2.next();
                            Enumeration headersByName = currentMessage.getSOAPEnvelope().getHeadersByName(qName.getNamespaceURI(), qName.getLocalPart());
                            while (headersByName.hasMoreElements()) {
                                ((SOAPHeaderElement) headersByName.nextElement()).setProcessed(true);
                            }
                        }
                        try {
                            Iterator examineHeaderElements = currentMessage.getSOAPEnvelope().getHeader().examineHeaderElements(str3);
                            SOAPHeaderElement sOAPHeaderElement2 = null;
                            while (true) {
                                if (!examineHeaderElements.hasNext()) {
                                    break;
                                }
                                SOAPHeaderElement sOAPHeaderElement3 = (SOAPHeaderElement) examineHeaderElements.next();
                                if (sOAPHeaderElement3.getLocalName().equals("Security") && sOAPHeaderElement3.getNamespaceURI().equals("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd")) {
                                    sOAPHeaderElement2 = sOAPHeaderElement3;
                                    break;
                                }
                            }
                            sOAPHeaderElement2.setProcessed(true);
                            WSSecurityEngineResult fetchActionResult = WSSecurityUtil.fetchActionResult(processSecurityHeader, 2);
                            if (fetchActionResult != null && (certificate = fetchActionResult.getCertificate()) != null && !verifyTrust(certificate, requestData)) {
                                throw new AxisFault("WSDoAllReceiver: The certificate used for the signature is not trusted");
                            }
                            WSSecurityEngineResult fetchActionResult2 = WSSecurityUtil.fetchActionResult(processSecurityHeader, 32);
                            if (fetchActionResult2 != null && (timestamp = fetchActionResult2.getTimestamp()) != null && !verifyTimestamp(timestamp, decodeTimeToLive(requestData))) {
                                throw new AxisFault("WSDoAllReceiver: The timestamp could not be validated");
                            }
                            if (!checkReceiverResults(processSecurityHeader, vector)) {
                                throw new AxisFault("WSDoAllReceiver: security processing failed (actions mismatch)");
                            }
                            Vector vector2 = (Vector) messageContext.getProperty(WSHandlerConstants.RECV_RESULTS);
                            Vector vector3 = vector2;
                            if (vector2 == null) {
                                vector3 = new Vector();
                                messageContext.setProperty(WSHandlerConstants.RECV_RESULTS, vector3);
                            }
                            vector3.add(0, new WSHandlerResult(str3, processSecurityHeader));
                            if (tlog.isDebugEnabled()) {
                                long currentTimeMillis = System.currentTimeMillis();
                                tlog.debug("Receive request: total= " + (currentTimeMillis - j) + " request preparation= " + (j2 - j) + " request processing= " + (j3 - j2) + " request to Axis= " + (j4 - j3) + " header, cert verify, timestamp= " + (currentTimeMillis - j4) + "\n");
                            }
                            if (isDebugEnabled) {
                                log.debug("WSDoAllReceiver: exit invoke()");
                            }
                            requestData.clear();
                        } catch (Exception e) {
                            if (isDebugEnabled) {
                                log.debug(e.getMessage(), e);
                            }
                            throw new AxisFault("WSDoAllReceiver: cannot get SOAP header after security processing", e);
                        }
                    } catch (WSSecurityException e2) {
                        if (isDebugEnabled) {
                            log.debug(e2.getMessage(), e2);
                        }
                        throw new AxisFault("WSDoAllReceiver: security processing failed", (Throwable) e2);
                    }
                } catch (Exception e3) {
                    if (isDebugEnabled) {
                        log.debug(e3.getMessage(), e3);
                    }
                    throw new AxisFault("WSDoAllReceiver: cannot convert into document", e3);
                }
            } catch (WSSecurityException e4) {
                if (isDebugEnabled) {
                    log.debug(e4.getMessage(), e4);
                }
                throw new AxisFault(e4.getMessage(), (Throwable) e4);
            }
        } finally {
            requestData.clear();
        }
    }
}
