package org.apache.cxf.ws.security.wss4j;

import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.logging.Logger;
import javax.xml.namespace.QName;
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.MessageUtils;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.ws.policy.AssertionInfo;
import org.apache.cxf.ws.policy.AssertionInfoMap;
import org.apache.wss4j.policy.model.AlgorithmSuite;
import org.apache.wss4j.stax.securityEvent.OperationSecurityEvent;
import org.apache.wss4j.stax.securityEvent.WSSecurityEventConstants;
import org.apache.xml.security.stax.securityEvent.SecurityEvent;
import org.apache.xml.security.stax.securityEvent.SecurityEventConstants;

/* loaded from: input_file:org/apache/cxf/ws/security/wss4j/PolicyStaxActionInInterceptor.class */
public class PolicyStaxActionInInterceptor extends AbstractPhaseInterceptor<SoapMessage> {
    private static final Logger LOG = LogUtils.getL7dLogger(PolicyStaxActionInInterceptor.class);

    public PolicyStaxActionInInterceptor() {
        super("pre-protocol");
        getBefore().add(StaxSecurityContextInInterceptor.class.getName());
    }

    public void handleMessage(SoapMessage soapMessage) throws Fault {
        OperationSecurityEvent findEvent;
        AssertionInfoMap assertionInfoMap = (AssertionInfoMap) soapMessage.get(AssertionInfoMap.class);
        List<SecurityEvent> list = (List) soapMessage.get(SecurityEvent.class.getName() + ".in");
        if (assertionInfoMap == null || list == null) {
            return;
        }
        if (MessageUtils.isRequestor(soapMessage) && list.contains(WSSecurityEventConstants.NoSecurity) && (findEvent = findEvent(WSSecurityEventConstants.Operation, list)) != null && soapMessage.getVersion().getFault().equals(findEvent.getOperation())) {
            LOG.warning("Request does not contain Security header, but it's a fault.");
        } else {
            assertAllSecurityAssertions(assertionInfoMap);
        }
    }

    private SecurityEvent findEvent(SecurityEventConstants.Event event, List<SecurityEvent> list) {
        for (SecurityEvent securityEvent : list) {
            if (event == securityEvent.getSecurityEventType()) {
                return securityEvent;
            }
        }
        return null;
    }

    private void assertAllSecurityAssertions(AssertionInfoMap assertionInfoMap) {
        for (Map.Entry entry : assertionInfoMap.entrySet()) {
            String namespaceURI = ((QName) entry.getKey()).getNamespaceURI();
            if ("http://schemas.xmlsoap.org/ws/2005/07/securitypolicy".equals(namespaceURI) || "http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702".equals(namespaceURI) || "http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802".equals(namespaceURI)) {
                Collection<AssertionInfo> collection = (Collection) entry.getValue();
                if (collection != null && !collection.isEmpty()) {
                    if ("AlgorithmSuite".equals(((QName) entry.getKey()).getLocalPart())) {
                        assertAlgorithmSuites(collection, assertionInfoMap);
                    } else {
                        Iterator<AssertionInfo> it = collection.iterator();
                        while (it.hasNext()) {
                            it.next().setAsserted(true);
                        }
                    }
                }
            }
        }
    }

    private void assertAlgorithmSuites(Collection<AssertionInfo> collection, AssertionInfoMap assertionInfoMap) {
        Collection collection2;
        for (AssertionInfo assertionInfo : collection) {
            assertionInfo.setAsserted(true);
            AlgorithmSuite assertion = assertionInfo.getAssertion();
            AlgorithmSuite.AlgorithmSuiteType algorithmSuiteType = assertion.getAlgorithmSuiteType();
            String namespace = algorithmSuiteType.getNamespace();
            if (namespace != null && !namespace.equals(assertion.getName().getNamespaceURI()) && (collection2 = (Collection) assertionInfoMap.get(new QName(namespace, algorithmSuiteType.getName()))) != null && !collection2.isEmpty()) {
                Iterator it = collection2.iterator();
                while (it.hasNext()) {
                    ((AssertionInfo) it.next()).setAsserted(true);
                }
            }
        }
    }
}
