package com.sun.xml.wss.provider.wsit;

import com.sun.istack.NotNull;
import com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509Certificate;
import com.sun.xml.security.core.ai.IdentityType;
import com.sun.xml.stream.buffer.XMLStreamBufferResult;
import com.sun.xml.ws.api.addressing.WSEndpointReference;
import com.sun.xml.ws.api.server.EndpointReferenceExtensionContributor;
import com.sun.xml.ws.api.server.WSEndpoint;
import com.sun.xml.ws.security.impl.policy.Constants;
import com.sun.xml.ws.security.impl.policy.PolicyUtil;
import com.sun.xml.ws.security.opt.impl.util.CertificateRetriever;
import com.sun.xml.ws.security.opt.impl.util.JAXBUtil;
import com.sun.xml.ws.security.secext10.BinarySecurityTokenType;
import com.sun.xml.ws.security.secext10.ObjectFactory;
import com.sun.xml.wss.XWSSecurityException;
import com.sun.xml.wss.impl.MessageConstants;
import com.sun.xml.wss.impl.misc.SecurityUtil;
import com.sun.xml.wss.logging.LogStringsMessages;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.xml.bind.JAXBElement;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.XMLStreamReader;

/* loaded from: input_file:com/sun/xml/wss/provider/wsit/IdentityEPRExtnContributor.class */
public class IdentityEPRExtnContributor extends EndpointReferenceExtensionContributor {
    private Certificate cs = null;
    QName ID_QNAME = null;
    private static Logger log = Logger.getLogger("javax.enterprise.resource.xml.webservices.security", "com.sun.xml.wss.logging.LogStrings");

    public <T> T getSPI(@NotNull Class<T> cls) {
        if (cls.isAssignableFrom(EndpointReferenceExtensionContributor.class)) {
            return (T) new IdentityEPRExtnContributor();
        }
        return null;
    }

    @Override // com.sun.xml.ws.api.server.EndpointReferenceExtensionContributor
    public WSEndpointReference.EPRExtension getEPRExtension(WSEndpoint wSEndpoint, WSEndpointReference.EPRExtension ePRExtension) {
        if (ePRExtension != null) {
            return ePRExtension;
        }
        QName qName = new QName("http://schemas.sun.com/2006/03/wss/server", "EnableEPRIdentity");
        CertificateRetriever certificateRetriever = new CertificateRetriever();
        if (!certificateRetriever.checkforEPRIdentity(wSEndpoint, qName)) {
            return null;
        }
        try {
            URL loadFromClasspath = SecurityUtil.loadFromClasspath("META-INF/ServerCertificate.cert");
            if (loadFromClasspath != null) {
                CertificateFactory certificateFactory = CertificateFactory.getInstance(XMLX509Certificate.JCA_CERT_ID);
                InputStream openStream = loadFromClasspath.openStream();
                this.cs = certificateFactory.generateCertificate(openStream);
                openStream.close();
            } else {
                this.cs = certificateRetriever.getServerKeyStore(wSEndpoint);
                if (this.cs == null) {
                    return null;
                }
            }
            return new WSEndpointReference.EPRExtension() { // from class: com.sun.xml.wss.provider.wsit.IdentityEPRExtnContributor.1
                @Override // com.sun.xml.ws.api.addressing.WSEndpointReference.EPRExtension
                public XMLStreamReader readAsXMLStreamReader() throws XMLStreamException {
                    try {
                        String randomUUID = PolicyUtil.randomUUID();
                        BinarySecurityTokenType binarySecurityTokenType = new BinarySecurityTokenType();
                        binarySecurityTokenType.setValueType(MessageConstants.X509v3_NS);
                        binarySecurityTokenType.setId(randomUUID);
                        binarySecurityTokenType.setEncodingType(MessageConstants.BASE64_ENCODING_NS);
                        if (IdentityEPRExtnContributor.this.cs != null) {
                            binarySecurityTokenType.setValue(IdentityEPRExtnContributor.this.cs.getEncoded());
                        }
                        JAXBElement<BinarySecurityTokenType> createBinarySecurityToken = new ObjectFactory().createBinarySecurityToken(binarySecurityTokenType);
                        IdentityType identityType = new IdentityType();
                        identityType.getDnsOrSpnOrUpn().add(createBinarySecurityToken);
                        return IdentityEPRExtnContributor.this.readHeader(identityType);
                    } catch (CertificateEncodingException e) {
                        IdentityEPRExtnContributor.log.log(Level.SEVERE, LogStringsMessages.WSS_0818_ERROR_PUTTING_CERTIFICATE_EPRIDENTITY(), (Throwable) e);
                        throw new RuntimeException(e);
                    }
                }

                @Override // com.sun.xml.ws.api.addressing.WSEndpointReference.EPRExtension
                public QName getQName() {
                    return new QName("http://schemas.xmlsoap.org/ws/2006/02/addressingidentity", Constants.IDENTITY);
                }
            };
        } catch (XWSSecurityException e) {
            log.log(Level.SEVERE, LogStringsMessages.WSS_0818_ERROR_PUTTING_CERTIFICATE_EPRIDENTITY(), (Throwable) e);
            throw new RuntimeException(e);
        } catch (IOException e2) {
            log.log(Level.SEVERE, LogStringsMessages.WSS_0818_ERROR_PUTTING_CERTIFICATE_EPRIDENTITY(), (Throwable) e2);
            throw new RuntimeException(e2);
        } catch (CertificateException e3) {
            log.log(Level.SEVERE, LogStringsMessages.WSS_0818_ERROR_PUTTING_CERTIFICATE_EPRIDENTITY(), (Throwable) e3);
            throw new RuntimeException(e3);
        }
    }

    @Override // com.sun.xml.ws.api.server.EndpointReferenceExtensionContributor
    public QName getQName() {
        return this.ID_QNAME;
    }

    public XMLStreamReader readHeader(IdentityType identityType) throws XMLStreamException {
        XMLStreamBufferResult xMLStreamBufferResult = new XMLStreamBufferResult();
        JAXBElement<IdentityType> createIdentity = new com.sun.xml.security.core.ai.ObjectFactory().createIdentity(identityType);
        try {
            Marshaller createMarshaller = JAXBUtil.getJAXBContext().createMarshaller();
            createMarshaller.setProperty("com.sun.xml.bind.xmlDeclaration", false);
            createMarshaller.marshal(createIdentity, xMLStreamBufferResult);
            return xMLStreamBufferResult.getXMLStreamBuffer().readAsXMLStreamReader();
        } catch (JAXBException e) {
            log.log(Level.SEVERE, LogStringsMessages.WSS_0818_ERROR_PUTTING_CERTIFICATE_EPRIDENTITY(), e);
            throw new XMLStreamException(e);
        }
    }
}
