package org.apache.cxf.ws.security.wss4j;

import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import javax.xml.namespace.QName;
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.endpoint.Endpoint;
import org.apache.cxf.message.MessageUtils;
import org.apache.cxf.service.model.EndpointInfo;
import org.apache.cxf.ws.security.cache.ReplayCacheFactory;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.cache.ReplayCache;

/* loaded from: input_file:WEB-INF/lib/cxf-bundle-2.7.13.jar:org/apache/cxf/ws/security/wss4j/WSS4JUtils.class */
public final class WSS4JUtils {
    public static final String UNSUPPORTED_TOKEN_ERR = "An unsupported token was provided";
    public static final String UNSUPPORTED_ALGORITHM_ERR = "An unsupported signature or encryption algorithm was used";
    public static final String INVALID_SECURITY_ERR = "An error was discovered processing the <wsse:Security> header.";
    public static final String INVALID_SECURITY_TOKEN_ERR = "An invalid security token was provided";
    public static final String FAILED_AUTHENTICATION_ERR = "The security token could not be authenticated or authorized";
    public static final String FAILED_CHECK_ERR = "The signature or decryption was invalid";
    public static final String SECURITY_TOKEN_UNAVAILABLE_ERR = "Referenced security token could not be retrieved";
    public static final String MESSAGE_EXPIRED_ERR = "The message has expired";

    private WSS4JUtils() {
    }

    public static ReplayCache getReplayCache(SoapMessage soapMessage, String str, String str2) {
        Endpoint endpoint;
        ReplayCache replayCache;
        boolean z = false;
        Object contextualProperty = soapMessage.getContextualProperty(str);
        if (contextualProperty != null) {
            if (!MessageUtils.isTrue(contextualProperty)) {
                return null;
            }
            z = true;
        }
        if ((!z && MessageUtils.isRequestor(soapMessage)) || (endpoint = (Endpoint) soapMessage.getExchange().get(Endpoint.class)) == null || endpoint.getEndpointInfo() == null) {
            return null;
        }
        EndpointInfo endpointInfo = endpoint.getEndpointInfo();
        synchronized (endpointInfo) {
            ReplayCache replayCache2 = (ReplayCache) soapMessage.getContextualProperty(str2);
            if (replayCache2 == null) {
                replayCache2 = (ReplayCache) endpointInfo.getProperty(str2);
            }
            if (replayCache2 == null) {
                ReplayCacheFactory newInstance = ReplayCacheFactory.newInstance();
                String str3 = str2;
                if (endpointInfo.getName() != null) {
                    int hashCode = endpointInfo.getName().toString().hashCode();
                    str3 = hashCode < 0 ? str3 + hashCode : str3 + "-" + hashCode;
                }
                replayCache2 = newInstance.newReplayCache(str3, soapMessage);
                endpointInfo.setProperty(str2, replayCache2);
            }
            replayCache = replayCache2;
        }
        return replayCache;
    }

    public static List<WSSecurityEngineResult> fetchAllActionResults(List<WSSecurityEngineResult> list, int i) {
        return fetchAllActionResults(list, (List<Integer>) Collections.singletonList(Integer.valueOf(i)));
    }

    public static List<WSSecurityEngineResult> fetchAllActionResults(List<WSSecurityEngineResult> list, List<Integer> list2) {
        List<WSSecurityEngineResult> emptyList = Collections.emptyList();
        if (list2 == null || list2.isEmpty()) {
            return emptyList;
        }
        for (WSSecurityEngineResult wSSecurityEngineResult : list) {
            if (list2.contains(Integer.valueOf(((Integer) wSSecurityEngineResult.get("action")).intValue()))) {
                if (emptyList.isEmpty()) {
                    emptyList = new ArrayList();
                }
                emptyList.add(wSSecurityEngineResult);
            }
        }
        return emptyList;
    }

    public static String getSafeExceptionMessage(WSSecurityException wSSecurityException) {
        if (wSSecurityException.getMessage() != null && wSSecurityException.getMessage().contains("replay attack")) {
            return wSSecurityException.getMessage();
        }
        QName faultCode = wSSecurityException.getFaultCode();
        return WSConstants.UNSUPPORTED_SECURITY_TOKEN.equals(faultCode) ? UNSUPPORTED_TOKEN_ERR : WSConstants.UNSUPPORTED_ALGORITHM.equals(faultCode) ? UNSUPPORTED_ALGORITHM_ERR : WSConstants.INVALID_SECURITY.equals(faultCode) ? INVALID_SECURITY_ERR : WSConstants.INVALID_SECURITY_TOKEN.equals(faultCode) ? INVALID_SECURITY_TOKEN_ERR : WSConstants.FAILED_AUTHENTICATION.equals(faultCode) ? FAILED_AUTHENTICATION_ERR : WSConstants.FAILED_CHECK.equals(faultCode) ? FAILED_CHECK_ERR : WSConstants.SECURITY_TOKEN_UNAVAILABLE.equals(faultCode) ? SECURITY_TOKEN_UNAVAILABLE_ERR : WSConstants.MESSAGE_EXPIRED.equals(faultCode) ? MESSAGE_EXPIRED_ERR : INVALID_SECURITY_ERR;
    }
}
