package org.jboss.identity.federation.core.wstrust;

import java.net.URL;
import javax.annotation.Resource;
import javax.xml.bind.JAXBElement;
import javax.xml.transform.Source;
import javax.xml.transform.dom.DOMSource;
import javax.xml.ws.Service;
import javax.xml.ws.ServiceMode;
import javax.xml.ws.WebServiceContext;
import javax.xml.ws.WebServiceException;
import javax.xml.ws.WebServiceProvider;
import org.apache.log4j.Logger;
import org.jboss.identity.federation.core.config.STSType;
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.exceptions.ParsingException;
import org.jboss.identity.federation.core.util.JAXBUtil;
import org.jboss.identity.federation.core.wstrust.wrappers.BaseRequestSecurityToken;
import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityToken;
import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityTokenCollection;
import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponse;
import org.jboss.identity.federation.core.wstrust.wrappers.RequestSecurityTokenResponseCollection;
import org.w3c.dom.Document;

@ServiceMode(Service.Mode.PAYLOAD)
@WebServiceProvider(serviceName = "JBossSTS", portName = "JBossSTSPort", targetNamespace = "http://org.jboss.identity.trust/sts", wsdlLocation = "WEB-INF/wsdl/JBossSTS.wsdl")
/* loaded from: input_file:org/jboss/identity/federation/core/wstrust/JBossSTS.class */
public class JBossSTS implements SecurityTokenService {
    private static Logger logger = Logger.getLogger(JBossSTS.class);

    @Resource
    protected WebServiceContext context;
    protected STSConfiguration config;

    @Override // org.jboss.identity.federation.core.wstrust.SecurityTokenService
    public Source invoke(Source source) {
        try {
            BaseRequestSecurityToken parseRequestSecurityToken = WSTrustJAXBFactory.getInstance().parseRequestSecurityToken(source);
            if (parseRequestSecurityToken instanceof RequestSecurityToken) {
                return handleTokenRequest((RequestSecurityToken) parseRequestSecurityToken);
            }
            if (parseRequestSecurityToken instanceof RequestSecurityTokenCollection) {
                return handleTokenRequestCollection((RequestSecurityTokenCollection) parseRequestSecurityToken);
            }
            throw new WebServiceException("Invalid security token request");
        } catch (ParsingException e) {
            throw new RuntimeException(e);
        }
    }

    protected Source handleTokenRequest(RequestSecurityToken requestSecurityToken) {
        requestSecurityToken.setRSTDocument(WSTrustJAXBFactory.getInstance().getSAMLDocumentHolderOnThread().getSamlDocument());
        if (this.config == null) {
            try {
                if (logger.isInfoEnabled()) {
                    logger.info("Loading STS configuration");
                }
                this.config = getConfiguration();
            } catch (ConfigurationException e) {
                throw new WebServiceException("Encountered configuration exception:", e);
            }
        }
        WSTrustRequestHandler requestHandler = this.config.getRequestHandler();
        String uri = requestSecurityToken.getRequestType().toString();
        if (logger.isDebugEnabled()) {
            logger.debug("STS received request of type " + uri);
        }
        try {
            if (uri.equals(WSTrustConstants.ISSUE_REQUEST)) {
                return new DOMSource(requestHandler.postProcess((Document) ((DOMSource) marshallResponse(requestHandler.issue(requestSecurityToken, this.context.getUserPrincipal()))).getNode(), requestSecurityToken));
            }
            if (uri.equals(WSTrustConstants.RENEW_REQUEST)) {
                return marshallResponse(requestHandler.renew(requestSecurityToken, this.context.getUserPrincipal()));
            }
            if (uri.equals(WSTrustConstants.CANCEL_REQUEST)) {
                return marshallResponse(requestHandler.cancel(requestSecurityToken, this.context.getUserPrincipal()));
            }
            if (uri.equals(WSTrustConstants.VALIDATE_REQUEST)) {
                return marshallResponse(requestHandler.validate(requestSecurityToken, this.context.getUserPrincipal()));
            }
            throw new WSTrustException("Invalid request type: " + uri);
        } catch (WSTrustException e2) {
            throw new WebServiceException("Exception in handling token request:", e2);
        }
    }

    protected Source handleTokenRequestCollection(RequestSecurityTokenCollection requestSecurityTokenCollection) {
        throw new UnsupportedOperationException();
    }

    protected Source marshallResponse(RequestSecurityTokenResponse requestSecurityTokenResponse) {
        RequestSecurityTokenResponseCollection requestSecurityTokenResponseCollection = new RequestSecurityTokenResponseCollection();
        requestSecurityTokenResponseCollection.addRequestSecurityTokenResponse(requestSecurityTokenResponse);
        return WSTrustJAXBFactory.getInstance().marshallRequestSecurityTokenResponse(requestSecurityTokenResponseCollection);
    }

    protected STSConfiguration getConfiguration() throws ConfigurationException {
        URL resource = SecurityActions.getContextClassLoader().getResource("jboss-sts.xml");
        if (resource == null) {
            logger.warn("jboss-sts.xml configuration file not found. Using default configuration values");
            return new JBossSTSConfiguration();
        }
        try {
            JBossSTSConfiguration jBossSTSConfiguration = new JBossSTSConfiguration((STSType) ((JAXBElement) JAXBUtil.getUnmarshaller("org.jboss.identity.federation.core.config").unmarshal(resource.openStream())).getValue());
            if (logger.isInfoEnabled()) {
                logger.info("jboss-sts.xml configuration file loaded");
            }
            return jBossSTSConfiguration;
        } catch (Exception e) {
            throw new RuntimeException("Error parsing the configuration file:", e);
        }
    }
}
