package com.sun.xml.ws.security.trust.impl.client;

import com.sun.xml.ws.addressing.policy.Address;
import com.sun.xml.ws.api.security.trust.Claims;
import com.sun.xml.ws.api.security.trust.client.STSIssuedTokenConfiguration;
import com.sun.xml.ws.api.security.trust.client.SecondaryIssuedTokenParameters;
import com.sun.xml.ws.policy.AssertionSet;
import com.sun.xml.ws.policy.Policy;
import com.sun.xml.ws.policy.PolicyAssertion;
import com.sun.xml.ws.policy.sourcemodel.PolicyModelGenerator;
import com.sun.xml.ws.policy.sourcemodel.XmlPolicyModelMarshaller;
import com.sun.xml.ws.security.Token;
import com.sun.xml.ws.security.impl.policy.PolicyUtil;
import com.sun.xml.ws.security.policy.IssuedToken;
import com.sun.xml.ws.security.policy.Issuer;
import com.sun.xml.ws.security.policy.RequestSecurityTokenTemplate;
import com.sun.xml.ws.security.trust.WSTrustVersion;
import com.sun.xml.ws.security.trust.impl.elements.ClaimsImpl;
import com.sun.xml.ws.security.trust.util.WSTrustUtil;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.net.URI;
import java.util.Arrays;
import java.util.Iterator;
import java.util.Map;
import javax.xml.namespace.QName;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.stream.XMLOutputFactory;
import javax.xml.stream.XMLStreamWriter;
import javax.xml.ws.WebServiceException;
import org.w3c.dom.Element;

/* loaded from: input_file:WEB-INF/lib/wsit-rt-1.1.jar:com/sun/xml/ws/security/trust/impl/client/DefaultSTSIssuedTokenConfiguration.class */
public class DefaultSTSIssuedTokenConfiguration extends STSIssuedTokenConfiguration {
    private static final String PRE_CONFIGURED_STS = "PreconfiguredSTS";
    private static final String NAMESPACE = "namespace";
    private static final String CONFIG_NAMESPACE = "";
    private static final String ENDPOINT = "endPoint";
    private static final String METADATA = "metadata";
    private static final String WSDL_LOCATION = "wsdlLocation";
    private static final String SERVICE_NAME = "serviceName";
    private static final String PORT_NAME = "portName";
    private static final String REQUEST_SECURITY_TOKEN_TEMPLATE = "RequestSecurityTokenTemplate";
    private static final String CLAIMS = "Claims";
    private static final String DIALECT = "Dialect";
    private String tokenType;
    private String keyType;
    private long keySize;
    private String signatureAlg;
    private String encAlg;
    private String canAlg;
    private String keyWrapAlg;
    private Token oboToken;
    private String signWith;
    private String encryptWith;
    private Claims claims;

    public DefaultSTSIssuedTokenConfiguration(String str, IssuedToken issuedToken, PolicyAssertion policyAssertion) {
        this.tokenType = null;
        this.keyType = null;
        this.keySize = -1L;
        this.signatureAlg = null;
        this.encAlg = null;
        this.canAlg = null;
        this.keyWrapAlg = null;
        this.oboToken = null;
        this.signWith = null;
        this.encryptWith = null;
        this.claims = null;
        this.protocol = str;
        parseAssertions(issuedToken, policyAssertion);
    }

    public DefaultSTSIssuedTokenConfiguration(String str, String str2) {
        super(str, str2);
        this.tokenType = null;
        this.keyType = null;
        this.keySize = -1L;
        this.signatureAlg = null;
        this.encAlg = null;
        this.canAlg = null;
        this.keyWrapAlg = null;
        this.oboToken = null;
        this.signWith = null;
        this.encryptWith = null;
        this.claims = null;
    }

    public DefaultSTSIssuedTokenConfiguration(String str, String str2, String str3, String str4, String str5) {
        super(str, str2, str3, str4, str5);
        this.tokenType = null;
        this.keyType = null;
        this.keySize = -1L;
        this.signatureAlg = null;
        this.encAlg = null;
        this.canAlg = null;
        this.keyWrapAlg = null;
        this.oboToken = null;
        this.signWith = null;
        this.encryptWith = null;
        this.claims = null;
    }

    public DefaultSTSIssuedTokenConfiguration(String str, String str2, String str3) {
        super(str, str2, str3);
        this.tokenType = null;
        this.keyType = null;
        this.keySize = -1L;
        this.signatureAlg = null;
        this.encAlg = null;
        this.canAlg = null;
        this.keyWrapAlg = null;
        this.oboToken = null;
        this.signWith = null;
        this.encryptWith = null;
        this.claims = null;
    }

    public DefaultSTSIssuedTokenConfiguration(String str, String str2, String str3, String str4, String str5, String str6) {
        super(str, str2, str3, str4, str5, str6);
        this.tokenType = null;
        this.keyType = null;
        this.keySize = -1L;
        this.signatureAlg = null;
        this.encAlg = null;
        this.canAlg = null;
        this.keyWrapAlg = null;
        this.oboToken = null;
        this.signWith = null;
        this.encryptWith = null;
        this.claims = null;
    }

    public void setTokenType(String str) {
        this.tokenType = str;
    }

    public void setKeyType(String str) {
        this.keyType = str;
    }

    public void setKeySize(long j) {
        this.keySize = j;
    }

    public void setSignWith(String str) {
        this.signWith = str;
    }

    public void setEncryptWith(String str) {
        this.encryptWith = str;
    }

    public void setSignatureAlgorithm(String str) {
        this.signatureAlg = str;
    }

    public void setEncryptionAlgorithm(String str) {
        this.encAlg = str;
    }

    public void setCanonicalizationAlgorithm(String str) {
        this.canAlg = str;
    }

    public void setKeyWrapAlgorithm(String str) {
        this.keyWrapAlg = str;
    }

    public void setClaims(Claims claims) {
        this.claims = claims;
    }

    public void setOBOToken(Token token) {
        this.oboToken = token;
    }

    @Override // com.sun.xml.ws.api.security.trust.client.STSIssuedTokenConfiguration
    public String getTokenType() {
        return this.tokenType;
    }

    @Override // com.sun.xml.ws.api.security.trust.client.STSIssuedTokenConfiguration
    public String getKeyType() {
        return this.keyType;
    }

    @Override // com.sun.xml.ws.api.security.trust.client.STSIssuedTokenConfiguration
    public long getKeySize() {
        return this.keySize;
    }

    @Override // com.sun.xml.ws.api.security.trust.client.STSIssuedTokenConfiguration
    public String getSignatureAlgorithm() {
        return this.signatureAlg;
    }

    @Override // com.sun.xml.ws.api.security.trust.client.STSIssuedTokenConfiguration
    public String getEncryptionAlgorithm() {
        return this.encAlg;
    }

    @Override // com.sun.xml.ws.api.security.trust.client.STSIssuedTokenConfiguration
    public String getCanonicalizationAlgorithm() {
        return this.canAlg;
    }

    @Override // com.sun.xml.ws.api.security.trust.client.STSIssuedTokenConfiguration
    public String getKeyWrapAlgorithm() {
        return this.keyWrapAlg;
    }

    @Override // com.sun.xml.ws.api.security.trust.client.STSIssuedTokenConfiguration
    public String getSignWith() {
        return this.signWith;
    }

    @Override // com.sun.xml.ws.api.security.trust.client.STSIssuedTokenConfiguration
    public String getEncryptWith() {
        return this.encryptWith;
    }

    @Override // com.sun.xml.ws.api.security.trust.client.STSIssuedTokenConfiguration
    public Claims getClaims() {
        return this.claims;
    }

    @Override // com.sun.xml.ws.api.security.trust.client.STSIssuedTokenConfiguration
    public Token getOBOToken() {
        return this.oboToken;
    }

    public void setSecondaryIssuedTokenParameters(SecondaryIssuedTokenParameters secondaryIssuedTokenParameters) {
        this.sisPara = secondaryIssuedTokenParameters;
    }

    /* JADX WARN: Multi-variable type inference failed */
    private void parseAssertions(IssuedToken issuedToken, PolicyAssertion policyAssertion) {
        URI uri = null;
        if (issuedToken.getIssuer() != null) {
            uri = issuedToken.getIssuer().getAddress().getURI();
        }
        if (uri != null) {
            this.stsEndpoint = uri.toString();
            this.stsMEXAddress = getAddressFromMetadata(issuedToken);
            if (this.stsMEXAddress == null) {
                this.stsMEXAddress = this.stsEndpoint;
            }
        } else if (policyAssertion != null && PRE_CONFIGURED_STS.equals(policyAssertion.getName().getLocalPart())) {
            Map<QName, String> attributes = policyAssertion.getAttributes();
            this.stsNamespace = attributes.get(new QName("", "namespace"));
            this.stsEndpoint = attributes.get(new QName("", "endPoint"));
            if (this.stsEndpoint == null) {
                this.stsEndpoint = attributes.get(new QName("", "endPoint".toLowerCase()));
            }
            this.stsMEXAddress = attributes.get(new QName("", "metadata"));
            if (this.stsMEXAddress == null) {
                this.stsWSDLLocation = attributes.get(new QName("", "wsdlLocation"));
                this.stsServiceName = attributes.get(new QName("", SERVICE_NAME));
                this.stsPortName = attributes.get(new QName("", PORT_NAME));
            }
        }
        RequestSecurityTokenTemplate requestSecurityTokenTemplate = issuedToken.getRequestSecurityTokenTemplate();
        if (requestSecurityTokenTemplate != null) {
            if (!this.protocol.equals(WSTrustVersion.WS_TRUST_13.getNamespaceURI())) {
                copy(requestSecurityTokenTemplate);
                setClaims(getClaims((PolicyAssertion) issuedToken));
            } else {
                SecondaryIssuedTokenParametersImpl secondaryIssuedTokenParametersImpl = new SecondaryIssuedTokenParametersImpl();
                copy(requestSecurityTokenTemplate, secondaryIssuedTokenParametersImpl);
                secondaryIssuedTokenParametersImpl.setClaims(getClaims((PolicyAssertion) issuedToken));
                this.sisPara = secondaryIssuedTokenParametersImpl;
            }
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    private String getAddressFromMetadata(IssuedToken issuedToken) {
        PolicyAssertion policyAssertion = (PolicyAssertion) issuedToken.getIssuer();
        PolicyAssertion policyAssertion2 = null;
        PolicyAssertion policyAssertion3 = null;
        PolicyAssertion policyAssertion4 = null;
        PolicyAssertion policyAssertion5 = null;
        Address address = null;
        if (policyAssertion != 0) {
            address = ((Issuer) policyAssertion).getAddress();
            if (policyAssertion.hasNestedAssertions()) {
                Iterator<PolicyAssertion> nestedAssertionsIterator = policyAssertion.getNestedAssertionsIterator();
                while (true) {
                    if (!nestedAssertionsIterator.hasNext()) {
                        break;
                    }
                    PolicyAssertion next = nestedAssertionsIterator.next();
                    if (WSTrustUtil.isAddressingMetadata(next)) {
                        policyAssertion2 = next;
                        break;
                    }
                }
            }
        }
        if (policyAssertion2 != null && policyAssertion2.hasNestedAssertions()) {
            Iterator<PolicyAssertion> nestedAssertionsIterator2 = policyAssertion2.getNestedAssertionsIterator();
            while (true) {
                if (!nestedAssertionsIterator2.hasNext()) {
                    break;
                }
                PolicyAssertion next2 = nestedAssertionsIterator2.next();
                if (WSTrustUtil.isMetadata(next2)) {
                    policyAssertion3 = next2;
                    break;
                }
            }
        }
        if (policyAssertion3 != null && policyAssertion3.hasNestedAssertions()) {
            Iterator<PolicyAssertion> nestedAssertionsIterator3 = policyAssertion3.getNestedAssertionsIterator();
            while (true) {
                if (!nestedAssertionsIterator3.hasNext()) {
                    break;
                }
                PolicyAssertion next3 = nestedAssertionsIterator3.next();
                if (WSTrustUtil.isMetadataSection(next3)) {
                    policyAssertion4 = next3;
                    break;
                }
            }
        }
        if (policyAssertion4 != null && policyAssertion4.hasNestedAssertions()) {
            Iterator<PolicyAssertion> nestedAssertionsIterator4 = policyAssertion4.getNestedAssertionsIterator();
            while (true) {
                if (!nestedAssertionsIterator4.hasNext()) {
                    break;
                }
                PolicyAssertion next4 = nestedAssertionsIterator4.next();
                if (WSTrustUtil.isMetadataReference(next4)) {
                    policyAssertion5 = next4;
                    break;
                }
            }
        }
        if (policyAssertion5 != null && policyAssertion5.hasNestedAssertions()) {
            Iterator<PolicyAssertion> nestedAssertionsIterator5 = policyAssertion5.getNestedAssertionsIterator();
            while (nestedAssertionsIterator5.hasNext()) {
                PolicyAssertion next5 = nestedAssertionsIterator5.next();
                if (PolicyUtil.isAddress(next5)) {
                    address = (Address) next5;
                }
            }
        }
        if (address != null) {
            return address.getURI().toString();
        }
        return null;
    }

    private Claims getClaims(PolicyAssertion policyAssertion) {
        Iterator<PolicyAssertion> nestedAssertionsIterator = policyAssertion.getNestedAssertionsIterator();
        while (nestedAssertionsIterator.hasNext()) {
            PolicyAssertion next = nestedAssertionsIterator.next();
            if ("RequestSecurityTokenTemplate".equals(next.getName().getLocalPart())) {
                Iterator<PolicyAssertion> nestedAssertionsIterator2 = next.getNestedAssertionsIterator();
                while (nestedAssertionsIterator2.hasNext()) {
                    PolicyAssertion next2 = nestedAssertionsIterator2.next();
                    if ("Claims".equals(next2.getName().getLocalPart())) {
                        try {
                            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                            XMLStreamWriter createXMLStreamWriter = XMLOutputFactory.newInstance().createXMLStreamWriter(byteArrayOutputStream);
                            ((XmlPolicyModelMarshaller) XmlPolicyModelMarshaller.getXmlMarshaller(true)).marshal(PolicyModelGenerator.getGenerator().translate(Policy.createPolicy(Arrays.asList(AssertionSet.createAssertionSet(Arrays.asList(next2))))), (Object) createXMLStreamWriter);
                            DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
                            newInstance.setNamespaceAware(true);
                            this.claims = new ClaimsImpl(ClaimsImpl.fromElement((Element) newInstance.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())).getElementsByTagNameNS("*", "Claims").item(0)));
                            createXMLStreamWriter.close();
                        } catch (Exception e) {
                            throw new WebServiceException(e);
                        }
                    }
                }
            }
        }
        return this.claims;
    }

    private void copy(RequestSecurityTokenTemplate requestSecurityTokenTemplate) {
        setTokenType(requestSecurityTokenTemplate.getTokenType());
        setKeyType(requestSecurityTokenTemplate.getKeyType());
        setKeySize(requestSecurityTokenTemplate.getKeySize());
        setSignWith(requestSecurityTokenTemplate.getSignWith());
        setEncryptWith(requestSecurityTokenTemplate.getEncryptWith());
        setSignatureAlgorithm(requestSecurityTokenTemplate.getSignatureAlgorithm());
        setEncryptionAlgorithm(requestSecurityTokenTemplate.getEncryptionAlgorithm());
        setCanonicalizationAlgorithm(requestSecurityTokenTemplate.getCanonicalizationAlgorithm());
    }

    private void copy(RequestSecurityTokenTemplate requestSecurityTokenTemplate, SecondaryIssuedTokenParametersImpl secondaryIssuedTokenParametersImpl) {
        secondaryIssuedTokenParametersImpl.setTokenType(requestSecurityTokenTemplate.getTokenType());
        secondaryIssuedTokenParametersImpl.setKeyType(requestSecurityTokenTemplate.getKeyType());
        secondaryIssuedTokenParametersImpl.setKeySize(requestSecurityTokenTemplate.getKeySize());
        secondaryIssuedTokenParametersImpl.setSignWith(requestSecurityTokenTemplate.getSignWith());
        secondaryIssuedTokenParametersImpl.setEncryptWith(requestSecurityTokenTemplate.getEncryptWith());
        secondaryIssuedTokenParametersImpl.setSignatureAlgorithm(requestSecurityTokenTemplate.getSignatureAlgorithm());
        secondaryIssuedTokenParametersImpl.setEncryptionAlgorithm(requestSecurityTokenTemplate.getEncryptionAlgorithm());
        secondaryIssuedTokenParametersImpl.setCanonicalizationAlgorithm(requestSecurityTokenTemplate.getCanonicalizationAlgorithm());
    }
}
