package com.sun.xml.ws.security.secconv;

import com.sun.enterprise.deployment.runtime.web.SessionConfig;
import com.sun.xml.ws.api.security.trust.WSTrustException;
import com.sun.xml.ws.policy.PolicyAssertion;
import com.sun.xml.ws.policy.impl.bindings.AppliesTo;
import com.sun.xml.ws.runtime.dev.Session;
import com.sun.xml.ws.runtime.dev.SessionManager;
import com.sun.xml.ws.security.IssuedTokenContext;
import com.sun.xml.ws.security.SecurityContextToken;
import com.sun.xml.ws.security.SecurityContextTokenInfo;
import com.sun.xml.ws.security.Token;
import com.sun.xml.ws.security.impl.policy.PolicyUtil;
import com.sun.xml.ws.security.impl.policy.Trust10;
import com.sun.xml.ws.security.impl.policy.Trust13;
import com.sun.xml.ws.security.policy.SecureConversationToken;
import com.sun.xml.ws.security.policy.SecurityPolicyVersion;
import com.sun.xml.ws.security.policy.SymmetricBinding;
import com.sun.xml.ws.security.secconv.impl.SecurityContextTokenInfoImpl;
import com.sun.xml.ws.security.secconv.impl.wssx.WSSCVersion13;
import com.sun.xml.ws.security.secconv.logging.LogDomainConstants;
import com.sun.xml.ws.security.secconv.logging.LogStringsMessages;
import com.sun.xml.ws.security.trust.WSTrustElementFactory;
import com.sun.xml.ws.security.trust.WSTrustVersion;
import com.sun.xml.ws.security.trust.elements.BaseSTSRequest;
import com.sun.xml.ws.security.trust.elements.BaseSTSResponse;
import com.sun.xml.ws.security.trust.elements.BinarySecret;
import com.sun.xml.ws.security.trust.elements.Entropy;
import com.sun.xml.ws.security.trust.elements.Lifetime;
import com.sun.xml.ws.security.trust.elements.RenewTarget;
import com.sun.xml.ws.security.trust.elements.RequestSecurityToken;
import com.sun.xml.ws.security.trust.elements.RequestSecurityTokenResponse;
import com.sun.xml.ws.security.trust.elements.RequestSecurityTokenResponseCollection;
import com.sun.xml.ws.security.trust.elements.RequestedAttachedReference;
import com.sun.xml.ws.security.trust.elements.RequestedProofToken;
import com.sun.xml.ws.security.trust.elements.RequestedSecurityToken;
import com.sun.xml.ws.security.trust.elements.RequestedUnattachedReference;
import com.sun.xml.ws.security.trust.elements.str.DirectReference;
import com.sun.xml.ws.security.trust.elements.str.Reference;
import com.sun.xml.ws.security.trust.elements.str.SecurityTokenReference;
import com.sun.xml.ws.security.trust.util.WSTrustUtil;
import com.sun.xml.ws.security.wsu10.AttributedDateTime;
import com.sun.xml.wss.XWSSecurityException;
import com.sun.xml.wss.impl.misc.SecurityUtil;
import com.sun.xml.wss.saml.util.SAMLUtil;
import java.net.URI;
import java.net.URISyntaxException;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.GregorianCalendar;
import java.util.Iterator;
import java.util.Locale;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.Subject;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.XMLStreamReader;
import org.w3c.dom.Element;

/* loaded from: input_file:com/sun/xml/ws/security/secconv/WSSCContract.class */
public class WSSCContract {
    private long currentTime;
    private static final int DEFAULT_KEY_SIZE = 128;
    public static final String LIFETIME = "LifeTime";
    public static final String SC_CONFIGURATION = "SCConfiguration";
    private static final Logger log = Logger.getLogger("com.sun.xml.ws.security.secconv", LogDomainConstants.WSSC_IMPL_DOMAIN_BUNDLE);
    private static final SimpleDateFormat calendarFormatter = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'.'SSS'Z'", Locale.getDefault());
    private SymmetricBinding symBinding = null;
    private boolean reqServerEntr = true;
    private boolean reqClientEntr = false;
    private WSSCVersion wsscVer = WSSCVersion.WSSC_10;
    private WSTrustVersion wsTrustVer = WSTrustVersion.WS_TRUST_10;
    private WSTrustElementFactory wsscEleFac = WSTrustElementFactory.newInstance(WSSCVersion.WSSC_10);
    private long TIMEOUT = 36000000;

    public WSSCContract() {
    }

    public WSSCContract(WSSCVersion wSSCVersion) {
        init(wSSCVersion);
    }

    public final void init(WSSCVersion wSSCVersion) {
        if (wSSCVersion instanceof WSSCVersion13) {
            this.wsscVer = wSSCVersion;
            this.wsTrustVer = WSTrustVersion.WS_TRUST_13;
            this.wsscEleFac = WSTrustElementFactory.newInstance(WSSCVersion.WSSC_13);
        }
    }

    public BaseSTSResponse issue(BaseSTSRequest baseSTSRequest, IssuedTokenContext issuedTokenContext, SecureConversationToken secureConversationToken) throws WSSecureConversationException {
        URI create = URI.create(this.wsscVer.getSCTTokenTypeURI());
        URI uri = null;
        URI create2 = URI.create(this.wsTrustVer.getCKPSHA1algorithmURI());
        String context = ((RequestSecurityToken) baseSTSRequest).getContext();
        if (context != null) {
            try {
                uri = new URI(context);
            } catch (URISyntaxException e) {
                log.log(Level.SEVERE, LogStringsMessages.WSSC_0008_URISYNTAX_EXCEPTION(((RequestSecurityToken) baseSTSRequest).getContext()), (Throwable) e);
                throw new WSSecureConversationException(LogStringsMessages.WSSC_0008_URISYNTAX_EXCEPTION(((RequestSecurityToken) baseSTSRequest).getContext()), e);
            }
        }
        AppliesTo appliesTo = ((RequestSecurityToken) baseSTSRequest).getAppliesTo();
        RequestedProofToken createRequestedProofToken = this.wsscEleFac.createRequestedProofToken();
        byte[] bArr = null;
        Entropy entropy = ((RequestSecurityToken) baseSTSRequest).getEntropy();
        if (entropy != null) {
            BinarySecret binarySecret = entropy.getBinarySecret();
            if (binarySecret != null) {
                bArr = binarySecret.getRawValue();
                if (log.isLoggable(Level.FINE)) {
                    log.log(Level.FINE, LogStringsMessages.WSSC_0009_CLIENT_ENTROPY_VALUE(entropy.toString()));
                }
            } else if (log.isLoggable(Level.FINE)) {
                log.log(Level.FINE, LogStringsMessages.WSSC_0009_CLIENT_ENTROPY_VALUE("null"));
            }
        }
        BaseSTSResponse createRSTR = createRSTR(create2, secureConversationToken, baseSTSRequest, appliesTo, bArr, createRequestedProofToken, create, entropy, issuedTokenContext, uri);
        if (log.isLoggable(Level.FINE)) {
            log.log(Level.FINE, LogStringsMessages.WSSC_0014_RSTR_RESPONSE(WSTrustUtil.elemToString(createRSTR, this.wsTrustVer)));
        }
        updateSubject(issuedTokenContext);
        return createRSTR;
    }

    /* JADX WARN: Multi-variable type inference failed */
    private void parseAssertion(SecureConversationToken secureConversationToken, Entropy entropy) throws WSSecureConversationException, WSSecureConversationException {
        Trust10 trust10 = null;
        Trust13 trust13 = null;
        Iterator<PolicyAssertion> it = secureConversationToken.getBootstrapPolicy().getAssertionSet().iterator();
        while (it.hasNext()) {
            PolicyAssertion next = it.next();
            SecurityPolicyVersion sPVersion = getSPVersion(next);
            if (PolicyUtil.isTrust13(next, sPVersion)) {
                trust13 = (Trust13) next;
            } else if (PolicyUtil.isTrust10(next, sPVersion)) {
                trust10 = (Trust10) next;
            } else if (PolicyUtil.isSymmetricBinding(next, sPVersion)) {
                this.symBinding = (SymmetricBinding) next;
            }
        }
        if (trust10 != null) {
            Set requiredProperties = trust10.getRequiredProperties();
            this.reqServerEntr = requiredProperties.contains("RequireServerEntropy");
            this.reqClientEntr = requiredProperties.contains("RequireClientEntropy");
        }
        if (trust13 != null) {
            Set requiredProperties2 = trust13.getRequiredProperties();
            this.reqServerEntr = requiredProperties2.contains("RequireServerEntropy");
            this.reqClientEntr = requiredProperties2.contains("RequireClientEntropy");
        }
        if (entropy == null) {
            if (this.reqClientEntr) {
                log.log(Level.SEVERE, LogStringsMessages.WSSC_0010_CLIENT_ENTROPY_CANNOT_NULL());
                throw new WSSecureConversationException(LogStringsMessages.WSSC_0010_CLIENT_ENTROPY_CANNOT_NULL());
            }
            this.reqServerEntr = true;
        }
    }

    private BaseSTSResponse createRSTR(URI uri, SecureConversationToken secureConversationToken, BaseSTSRequest baseSTSRequest, AppliesTo appliesTo, byte[] bArr, RequestedProofToken requestedProofToken, URI uri2, Entropy entropy, IssuedTokenContext issuedTokenContext, URI uri3) throws WSSecureConversationException, WSSecureConversationException {
        parseAssertion(secureConversationToken, entropy);
        int keySize = (int) ((RequestSecurityToken) baseSTSRequest).getKeySize();
        if (keySize < 1 && this.symBinding != null) {
            keySize = this.symBinding.getAlgorithmSuite().getMinSKLAlgorithm();
        }
        if (keySize < 1) {
            keySize = 128;
        }
        if (log.isLoggable(Level.FINE)) {
            log.log(Level.FINE, LogStringsMessages.WSSC_0011_KEY_SIZE_VALUE(Integer.valueOf(keySize), 128));
        }
        byte[] generateRandomSecret = WSTrustUtil.generateRandomSecret(keySize / 8);
        String symmetricKeyTypeURI = (bArr == null || bArr.length == 0) ? this.wsTrustVer.getSymmetricKeyTypeURI() : this.wsTrustVer.getNonceBinarySecretTypeURI();
        Entropy entropy2 = null;
        if (this.reqServerEntr) {
            BinarySecret createBinarySecret = this.wsscEleFac.createBinarySecret(generateRandomSecret, symmetricKeyTypeURI);
            if (symmetricKeyTypeURI.equals(this.wsTrustVer.getNonceBinarySecretTypeURI())) {
                entropy2 = this.wsscEleFac.createEntropy(createBinarySecret);
                requestedProofToken.setProofTokenType(RequestedProofToken.COMPUTED_KEY_TYPE);
                requestedProofToken.setComputedKey(uri);
                try {
                    generateRandomSecret = SecurityUtil.P_SHA1(bArr, generateRandomSecret, keySize / 8);
                } catch (Exception e) {
                    log.log(Level.SEVERE, LogStringsMessages.WSSC_0012_COMPUTE_SECKEY(), (Throwable) e);
                    throw new WSSecureConversationException(LogStringsMessages.WSSC_0012_COMPUTE_SECKEY(), e);
                }
            } else {
                requestedProofToken.setProofTokenType("BinarySecret");
                requestedProofToken.setBinarySecret(createBinarySecret);
            }
        } else if (entropy != null) {
            generateRandomSecret = bArr;
            requestedProofToken.setProofTokenType("BinarySecret");
            requestedProofToken.setBinarySecret(entropy.getBinarySecret());
        }
        Lifetime lifetime = ((RequestSecurityToken) baseSTSRequest).getLifetime();
        if (lifetime != null) {
            long lifeSpan = WSTrustUtil.getLifeSpan(lifetime);
            if (lifeSpan > 0) {
                setSCTokenTimeout(lifeSpan);
            }
        }
        return createResponse(entropy2, uri3, appliesTo, generateRandomSecret, requestedProofToken, issuedTokenContext, uri2);
    }

    private BaseSTSResponse createResponse(Entropy entropy, URI uri, AppliesTo appliesTo, byte[] bArr, RequestedProofToken requestedProofToken, IssuedTokenContext issuedTokenContext, URI uri2) throws WSSecureConversationException {
        SecurityContextToken createSecurityContextToken = WSTrustUtil.createSecurityContextToken(this.wsscEleFac);
        RequestedSecurityToken createRequestedSecurityToken = this.wsscEleFac.createRequestedSecurityToken(createSecurityContextToken);
        SecurityTokenReference createSecurityTokenReference = createSecurityTokenReference(createSecurityContextToken.getWsuId(), false);
        RequestedAttachedReference createRequestedAttachedReference = this.wsscEleFac.createRequestedAttachedReference(createSecurityTokenReference);
        SecurityTokenReference createSecurityTokenReference2 = createSecurityTokenReference(createSecurityContextToken.getIdentifier().toString(), true);
        RequestedUnattachedReference createRequestedUnattachedReference = this.wsscEleFac.createRequestedUnattachedReference(createSecurityTokenReference2);
        long currentTimeWithOffset = WSTrustUtil.getCurrentTimeWithOffset();
        Lifetime createLifetime = WSTrustUtil.createLifetime(currentTimeWithOffset, getSCTokenTimeout(), this.wsTrustVer);
        try {
            BaseSTSResponse createRSTRCollectionForIssue = this.wsscVer.getNamespaceURI().equals(WSSCVersion.WSSC_13.getNamespaceURI()) ? this.wsscEleFac.createRSTRCollectionForIssue(uri2, uri, createRequestedSecurityToken, appliesTo, createRequestedAttachedReference, createRequestedUnattachedReference, requestedProofToken, entropy, createLifetime) : this.wsscEleFac.createRSTRForIssue(uri2, uri, createRequestedSecurityToken, appliesTo, createRequestedAttachedReference, createRequestedUnattachedReference, requestedProofToken, entropy, createLifetime);
            if (log.isLoggable(Level.FINE)) {
                log.log(Level.FINE, LogStringsMessages.WSSC_1010_CREATING_SESSION(createSecurityContextToken.getIdentifier()));
            }
            populateITC(currentTimeWithOffset, bArr, createSecurityContextToken, createSecurityTokenReference, issuedTokenContext, createSecurityTokenReference2);
            return createRSTRCollectionForIssue;
        } catch (WSTrustException e) {
            log.log(Level.SEVERE, LogStringsMessages.WSSC_0020_PROBLEM_CREATING_RSTR(), (Throwable) e);
            throw new WSSecureConversationException(LogStringsMessages.WSSC_0020_PROBLEM_CREATING_RSTR(), e);
        }
    }

    private void populateITC(long j, byte[] bArr, SecurityContextToken securityContextToken, SecurityTokenReference securityTokenReference, IssuedTokenContext issuedTokenContext, SecurityTokenReference securityTokenReference2) {
        issuedTokenContext.setSecurityToken(securityContextToken);
        issuedTokenContext.setAttachedSecurityTokenReference(securityTokenReference);
        issuedTokenContext.setUnAttachedSecurityTokenReference(securityTokenReference2);
        issuedTokenContext.setProofKey(bArr);
        issuedTokenContext.setCreationTime(new Date(j));
        issuedTokenContext.setExpirationTime(new Date(j + getSCTokenTimeout()));
        SecurityContextTokenInfoImpl securityContextTokenInfoImpl = new SecurityContextTokenInfoImpl();
        securityContextTokenInfoImpl.setIdentifier(securityContextToken.getIdentifier().toString());
        securityContextTokenInfoImpl.setExternalId(securityContextToken.getWsuId());
        securityContextTokenInfoImpl.addInstance(null, bArr);
        securityContextTokenInfoImpl.setCreationTime(new Date(j));
        securityContextTokenInfoImpl.setExpirationTime(new Date(j + getSCTokenTimeout()));
        SessionManager sessionManager = (SessionManager) issuedTokenContext.getOtherProperties().get(SessionConfig.SESSION_MANAGER);
        sessionManager.createSession(securityContextToken.getIdentifier().toString(), (SecurityContextTokenInfo) securityContextTokenInfoImpl);
        issuedTokenContext.setSecurityContextTokenInfo(securityContextTokenInfoImpl);
        sessionManager.addSecurityContext(securityContextToken.getIdentifier().toString(), issuedTokenContext);
    }

    private void populateRenewedITC(Session session, byte[] bArr, SecurityContextToken securityContextToken, IssuedTokenContext issuedTokenContext, SecurityTokenReference securityTokenReference) {
        issuedTokenContext.setSecurityToken(securityContextToken);
        issuedTokenContext.setAttachedSecurityTokenReference(securityTokenReference);
        issuedTokenContext.setCreationTime(new Date(this.currentTime));
        issuedTokenContext.setExpirationTime(new Date(this.currentTime + getSCTokenTimeout()));
        SecurityContextTokenInfo securityInfo = session.getSecurityInfo();
        securityInfo.setExternalId(securityContextToken.getWsuId());
        securityInfo.setExternalId(securityContextToken.getInstance());
        securityInfo.setCreationTime(new Date(this.currentTime));
        securityInfo.setExpirationTime(new Date(this.currentTime + getSCTokenTimeout()));
        session.setSecurityInfo(securityInfo);
        SecurityContextTokenInfoImpl securityContextTokenInfoImpl = new SecurityContextTokenInfoImpl();
        securityContextTokenInfoImpl.setIdentifier(securityContextToken.getIdentifier().toString());
        securityContextTokenInfoImpl.setInstance(securityContextToken.getInstance());
        securityContextTokenInfoImpl.setExternalId(securityContextToken.getWsuId());
        securityContextTokenInfoImpl.addInstance(securityContextToken.getInstance(), bArr);
        issuedTokenContext.setSecurityContextTokenInfo(securityContextTokenInfoImpl);
    }

    public RequestSecurityTokenResponseCollection issueMultiple(RequestSecurityToken requestSecurityToken, IssuedTokenContext issuedTokenContext) throws WSSecureConversationException {
        return null;
    }

    public BaseSTSResponse renew(BaseSTSRequest baseSTSRequest, IssuedTokenContext issuedTokenContext, SecureConversationToken secureConversationToken) throws WSSecureConversationException {
        if (secureConversationToken.isMustNotSendRenew()) {
            throw new WSSecureConversationException("Service doesn't support Token Renewal, as MustNotSendRenew is enabled in the service policy");
        }
        URI create = URI.create(this.wsscVer.getSCTTokenTypeURI());
        URI uri = null;
        URI create2 = URI.create(this.wsTrustVer.getCKPSHA1algorithmURI());
        RenewTarget renewTarget = ((RequestSecurityToken) baseSTSRequest).getRenewTarget();
        String context = ((RequestSecurityToken) baseSTSRequest).getContext();
        if (context != null) {
            try {
                uri = new URI(context);
            } catch (URISyntaxException e) {
                log.log(Level.SEVERE, LogStringsMessages.WSSC_0008_URISYNTAX_EXCEPTION(((RequestSecurityToken) baseSTSRequest).getContext()), (Throwable) e);
                throw new WSSecureConversationException(LogStringsMessages.WSSC_0008_URISYNTAX_EXCEPTION(((RequestSecurityToken) baseSTSRequest).getContext()), e);
            }
        }
        RequestedProofToken createRequestedProofToken = this.wsscEleFac.createRequestedProofToken();
        byte[] bArr = null;
        Entropy entropy = ((RequestSecurityToken) baseSTSRequest).getEntropy();
        if (entropy != null) {
            BinarySecret binarySecret = entropy.getBinarySecret();
            if (binarySecret != null) {
                bArr = binarySecret.getRawValue();
                if (log.isLoggable(Level.FINE)) {
                    log.log(Level.FINE, LogStringsMessages.WSSC_0009_CLIENT_ENTROPY_VALUE(entropy.toString()));
                }
            } else if (log.isLoggable(Level.FINE)) {
                log.log(Level.FINE, LogStringsMessages.WSSC_0009_CLIENT_ENTROPY_VALUE("null"));
            }
        }
        parseAssertion(secureConversationToken, entropy);
        int keySize = (int) ((RequestSecurityToken) baseSTSRequest).getKeySize();
        if (keySize < 1 && this.symBinding != null) {
            keySize = this.symBinding.getAlgorithmSuite().getMinSKLAlgorithm();
        }
        if (keySize < 1) {
            keySize = 128;
        }
        if (log.isLoggable(Level.FINE)) {
            log.log(Level.FINE, LogStringsMessages.WSSC_0011_KEY_SIZE_VALUE(Integer.valueOf(keySize), 128));
        }
        byte[] generateRandomSecret = WSTrustUtil.generateRandomSecret(keySize / 8);
        String symmetricKeyTypeURI = (bArr == null || bArr.length == 0) ? this.wsTrustVer.getSymmetricKeyTypeURI() : this.wsTrustVer.getNonceBinarySecretTypeURI();
        Entropy entropy2 = null;
        if (this.reqServerEntr) {
            BinarySecret createBinarySecret = this.wsscEleFac.createBinarySecret(generateRandomSecret, symmetricKeyTypeURI);
            if (symmetricKeyTypeURI.equals(this.wsTrustVer.getNonceBinarySecretTypeURI())) {
                entropy2 = this.wsscEleFac.createEntropy(createBinarySecret);
                createRequestedProofToken.setProofTokenType(RequestedProofToken.COMPUTED_KEY_TYPE);
                createRequestedProofToken.setComputedKey(create2);
                try {
                    generateRandomSecret = SecurityUtil.P_SHA1(bArr, generateRandomSecret, keySize / 8);
                } catch (Exception e2) {
                    log.log(Level.SEVERE, LogStringsMessages.WSSC_0012_COMPUTE_SECKEY(), (Throwable) e2);
                    throw new WSSecureConversationException(LogStringsMessages.WSSC_0012_COMPUTE_SECKEY(), e2);
                }
            } else {
                createRequestedProofToken.setProofTokenType("BinarySecret");
                createRequestedProofToken.setBinarySecret(createBinarySecret);
            }
        } else if (entropy != null) {
            generateRandomSecret = bArr;
            createRequestedProofToken.setProofTokenType("BinarySecret");
            createRequestedProofToken.setBinarySecret(entropy.getBinarySecret());
        }
        Lifetime lifetime = ((RequestSecurityToken) baseSTSRequest).getLifetime();
        if (lifetime != null) {
            long lifeSpan = WSTrustUtil.getLifeSpan(lifetime);
            if (lifeSpan > 0) {
                setSCTokenTimeout(lifeSpan);
            }
        }
        return createRenewResponse(renewTarget, entropy2, uri, generateRandomSecret, createRequestedProofToken, issuedTokenContext, create);
    }

    private BaseSTSResponse createRenewResponse(RenewTarget renewTarget, Entropy entropy, URI uri, byte[] bArr, RequestedProofToken requestedProofToken, IssuedTokenContext issuedTokenContext, URI uri2) throws WSSecureConversationException {
        BaseSTSResponse createRSTRForRenew;
        SecurityTokenReference securityTokenReference = renewTarget.getSecurityTokenReference();
        SessionManager sessionManager = (SessionManager) issuedTokenContext.getOtherProperties().get(SessionConfig.SESSION_MANAGER);
        String str = null;
        Reference reference = securityTokenReference.getReference();
        if (reference.getType().equals("Reference")) {
            str = ((DirectReference) reference).getURIAttr().toString();
        }
        SecurityContextToken createSecurityContextToken = WSTrustUtil.createSecurityContextToken(this.wsscEleFac, str);
        RequestedSecurityToken createRequestedSecurityToken = this.wsscEleFac.createRequestedSecurityToken(createSecurityContextToken);
        SecurityTokenReference createSecurityTokenReferenceForRenew = createSecurityTokenReferenceForRenew(createSecurityContextToken.getWsuId(), false, createSecurityContextToken.getInstance());
        RequestedAttachedReference createRequestedAttachedReference = this.wsscEleFac.createRequestedAttachedReference(createSecurityTokenReferenceForRenew);
        IssuedTokenContext securityContext = sessionManager.getSecurityContext(str, false);
        if (securityContext == null || securityContext.getSecurityToken() == null) {
            log.log(Level.SEVERE, LogStringsMessages.WSSC_0015_UNKNOWN_CONTEXT(str));
            throw new WSSecureConversationException(LogStringsMessages.WSSC_0015_UNKNOWN_CONTEXT(str));
        }
        Lifetime createLifetime = createLifetime();
        if (this.wsscVer.getNamespaceURI().equals(WSSCVersion.WSSC_13.getNamespaceURI())) {
            try {
                RequestSecurityTokenResponse createRSTRForRenew2 = this.wsscEleFac.createRSTRForRenew(uri2, uri, createRequestedSecurityToken, createRequestedAttachedReference, null, requestedProofToken, entropy, createLifetime);
                ArrayList arrayList = new ArrayList();
                arrayList.add(createRSTRForRenew2);
                createRSTRForRenew = ((WSSCElementFactory13) this.wsscEleFac).createRSTRCollectionForIssue(arrayList);
            } catch (WSTrustException e) {
                log.log(Level.SEVERE, LogStringsMessages.WSSC_0020_PROBLEM_CREATING_RSTR(), (Throwable) e);
                throw new WSSecureConversationException(LogStringsMessages.WSSC_0020_PROBLEM_CREATING_RSTR(), e);
            }
        } else {
            try {
                createRSTRForRenew = this.wsscEleFac.createRSTRForRenew(uri2, uri, createRequestedSecurityToken, createRequestedAttachedReference, null, requestedProofToken, entropy, createLifetime);
            } catch (WSTrustException e2) {
                log.log(Level.SEVERE, LogStringsMessages.WSSC_0020_PROBLEM_CREATING_RSTR(), (Throwable) e2);
                throw new WSSecureConversationException(LogStringsMessages.WSSC_0020_PROBLEM_CREATING_RSTR(), e2);
            }
        }
        if (log.isLoggable(Level.FINE)) {
            log.log(Level.FINE, LogStringsMessages.WSSC_0014_RSTR_RESPONSE(WSTrustUtil.elemToString(createRSTRForRenew, this.wsTrustVer)));
        }
        populateRenewedITC(sessionManager.getSession(createSecurityContextToken.getIdentifier().toString()), bArr, createSecurityContextToken, securityContext, createSecurityTokenReferenceForRenew);
        sessionManager.addSecurityContext(createSecurityContextToken.getIdentifier().toString(), securityContext);
        return createRSTRForRenew;
    }

    public BaseSTSResponse cancel(BaseSTSRequest baseSTSRequest, IssuedTokenContext issuedTokenContext) throws WSSecureConversationException {
        BaseSTSResponse createRSTRForCancel;
        String str = null;
        Reference reference = ((RequestSecurityToken) baseSTSRequest).getCancelTarget().getSecurityTokenReference().getReference();
        if (reference.getType().equals("Reference")) {
            str = ((DirectReference) reference).getURIAttr().toString();
        }
        IssuedTokenContext securityContext = ((SessionManager) issuedTokenContext.getOtherProperties().get(SessionConfig.SESSION_MANAGER)).getSecurityContext(str, true);
        if (securityContext == null || securityContext.getSecurityContextTokenInfo() == null) {
            log.log(Level.SEVERE, LogStringsMessages.WSSC_0015_UNKNOWN_CONTEXT(str));
            throw new WSSecureConversationException(LogStringsMessages.WSSC_0015_UNKNOWN_CONTEXT(str));
        }
        if (this.wsscVer.getNamespaceURI().equals(WSSCVersion.WSSC_13.getNamespaceURI())) {
            RequestSecurityTokenResponse createRSTRForCancel2 = this.wsscEleFac.createRSTRForCancel();
            ArrayList arrayList = new ArrayList();
            arrayList.add(createRSTRForCancel2);
            try {
                createRSTRForCancel = ((WSSCElementFactory13) this.wsscEleFac).createRSTRCollectionForIssue(arrayList);
            } catch (WSTrustException e) {
                throw new WSSecureConversationException(e);
            }
        } else {
            createRSTRForCancel = this.wsscEleFac.createRSTRForCancel();
        }
        if (log.isLoggable(Level.FINE)) {
            log.log(Level.FINE, LogStringsMessages.WSSC_0014_RSTR_RESPONSE(WSTrustUtil.elemToString(createRSTRForCancel, this.wsTrustVer)));
        }
        return createRSTRForCancel;
    }

    public RequestSecurityTokenResponse validate(RequestSecurityToken requestSecurityToken, IssuedTokenContext issuedTokenContext) throws WSSecureConversationException {
        return null;
    }

    public void handleUnsolicited(RequestSecurityTokenResponse requestSecurityTokenResponse, IssuedTokenContext issuedTokenContext) throws WSSecureConversationException {
        Token token = requestSecurityTokenResponse.getRequestedSecurityToken().getToken();
        RequestedProofToken requestedProofToken = requestSecurityTokenResponse.getRequestedProofToken();
        String proofTokenType = requestedProofToken.getProofTokenType();
        if (proofTokenType.equals("BinarySecret")) {
            BinarySecret binarySecret = requestedProofToken.getBinarySecret();
            if (binarySecret.getType().equals(this.wsTrustVer.getSymmetricKeyTypeURI())) {
                issuedTokenContext.setProofKey(binarySecret.getRawValue());
            }
        } else if (proofTokenType.equals("EncryptedKey")) {
        }
        issuedTokenContext.setSecurityToken(token);
        long currentTimeMillis = System.currentTimeMillis();
        Date date = new Date(currentTimeMillis);
        Date date2 = new Date(currentTimeMillis + getSCTokenTimeout());
        issuedTokenContext.setCreationTime(date);
        issuedTokenContext.setExpirationTime(date2);
        if (log.isLoggable(Level.FINER)) {
            log.log(Level.FINER, LogStringsMessages.WSSC_1003_SETTING_TIMES(date.toString(), date2.toString()));
        }
    }

    private SecurityTokenReference createSecurityTokenReference(String str, boolean z) {
        return this.wsscEleFac.createSecurityTokenReference(this.wsscEleFac.createDirectReference(this.wsscVer.getSCTTokenTypeURI(), z ? str : "#" + str));
    }

    private SecurityTokenReference createSecurityTokenReferenceForRenew(String str, boolean z, String str2) {
        return this.wsscEleFac.createSecurityTokenReference(this.wsscEleFac.createDirectReference(this.wsscVer.getSCTTokenTypeURI(), z ? str : "#" + str));
    }

    private Lifetime createLifetime() {
        Lifetime createLifetime;
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        int i = gregorianCalendar.get(15);
        if (gregorianCalendar.getTimeZone().inDaylightTime(gregorianCalendar.getTime())) {
            i += gregorianCalendar.getTimeZone().getDSTSavings();
        }
        synchronized (calendarFormatter) {
            calendarFormatter.setTimeZone(gregorianCalendar.getTimeZone());
            this.currentTime = gregorianCalendar.getTimeInMillis() - i;
            gregorianCalendar.setTimeInMillis(this.currentTime);
            AttributedDateTime attributedDateTime = new AttributedDateTime();
            attributedDateTime.setValue(calendarFormatter.format(gregorianCalendar.getTime()));
            AttributedDateTime attributedDateTime2 = new AttributedDateTime();
            gregorianCalendar.setTimeInMillis(this.currentTime + getSCTokenTimeout());
            attributedDateTime2.setValue(calendarFormatter.format(gregorianCalendar.getTime()));
            createLifetime = this.wsscEleFac.createLifetime(attributedDateTime, attributedDateTime2);
        }
        return createLifetime;
    }

    private SecurityPolicyVersion getSPVersion(PolicyAssertion policyAssertion) {
        String namespaceURI = policyAssertion.getName().getNamespaceURI();
        SecurityPolicyVersion securityPolicyVersion = SecurityPolicyVersion.SECURITYPOLICY200507;
        if (SecurityPolicyVersion.SECURITYPOLICY12NS.namespaceUri.equals(namespaceURI)) {
            securityPolicyVersion = SecurityPolicyVersion.SECURITYPOLICY12NS;
        }
        return securityPolicyVersion;
    }

    public void setWSSCServerConfig(Iterator it) {
        if (it != null) {
            while (it.hasNext()) {
                PolicyAssertion policyAssertion = (PolicyAssertion) it.next();
                if (SC_CONFIGURATION.equals(policyAssertion.getName().getLocalPart())) {
                    Iterator<PolicyAssertion> nestedAssertionsIterator = policyAssertion.getNestedAssertionsIterator();
                    while (true) {
                        if (nestedAssertionsIterator.hasNext()) {
                            if ("LifeTime".equals(nestedAssertionsIterator.next().getName().getLocalPart())) {
                                setSCTokenTimeout(Integer.parseInt(r0.getValue()));
                                break;
                            }
                        }
                    }
                }
            }
        }
    }

    private void setSCTokenTimeout(long j) {
        this.TIMEOUT = j;
    }

    private long getSCTokenTimeout() {
        return this.TIMEOUT;
    }

    private void updateSubject(IssuedTokenContext issuedTokenContext) throws WSSecureConversationException {
        Subject requestorSubject = issuedTokenContext.getRequestorSubject();
        if (requestorSubject != null) {
            try {
                Set<Object> publicCredentials = requestorSubject.getPublicCredentials();
                XMLStreamReader xMLStreamReader = null;
                Element element = null;
                for (Object obj : publicCredentials) {
                    if (obj instanceof XMLStreamReader) {
                        xMLStreamReader = (XMLStreamReader) obj;
                        element = SAMLUtil.createSAMLAssertion(xMLStreamReader);
                    }
                }
                if (xMLStreamReader != null && element != null) {
                    publicCredentials.remove(xMLStreamReader);
                    publicCredentials.add(element);
                }
            } catch (XMLStreamException e) {
                throw new WSSecureConversationException(e.getMessage(), e);
            } catch (XWSSecurityException e2) {
                throw new WSSecureConversationException(e2.getMessage(), e2);
            }
        }
    }
}
