package com.sun.xml.ws.security.impl.policyconv;

import com.sun.xml.ws.security.policy.MessageLayout;
import com.sun.xml.wss.impl.MessageConstants;
import com.sun.xml.wss.impl.PolicyTypeUtil;
import com.sun.xml.wss.impl.policy.MLSPolicy;
import com.sun.xml.wss.impl.policy.PolicyGenerationException;
import com.sun.xml.wss.impl.policy.SecurityPolicy;
import com.sun.xml.wss.impl.policy.mls.AuthenticationTokenPolicy;
import com.sun.xml.wss.impl.policy.mls.EncryptionPolicy;
import com.sun.xml.wss.impl.policy.mls.MessagePolicy;
import com.sun.xml.wss.impl.policy.mls.SignaturePolicy;
import com.sun.xml.wss.impl.policy.mls.Target;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.xml.namespace.QName;

/* loaded from: input_file:com/sun/xml/ws/security/impl/policyconv/XWSSPolicyContainer.class */
public class XWSSPolicyContainer {
    private boolean isServer;
    private boolean isIncoming;
    private Section section;
    private List<SecurityPolicy> policyList;
    private List<SecurityPolicy> effectivePolicyList;
    private MessageLayout mode;
    private int foundTimestamp = -1;
    private boolean modified = false;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/sun/xml/ws/security/impl/policyconv/XWSSPolicyContainer$Section.class */
    public enum Section {
        ClientIncomingPolicy,
        ClientOutgoingPolicy,
        ServerIncomingPolicy,
        ServerOutgoingPolicy
    }

    private boolean encPoliciesContain(QName qName, List<SecurityPolicy> list) {
        if (qName.equals(Target.BODY_QNAME)) {
            return false;
        }
        for (SecurityPolicy securityPolicy : list) {
            if (PolicyTypeUtil.encryptionPolicy(securityPolicy)) {
                ArrayList targetBindings = ((EncryptionPolicy.FeatureBinding) ((EncryptionPolicy) securityPolicy).getFeatureBinding()).getTargetBindings();
                for (int i = 0; i < targetBindings.size(); i++) {
                    Target target = (Target) targetBindings.get(i);
                    if (target.getType() == "qname" && qName.equals(target.getQName())) {
                        return true;
                    }
                }
            }
        }
        return false;
    }

    private void fixEncryptedTargetsInSignature(MessagePolicy messagePolicy, boolean z) {
        boolean z2 = false;
        boolean z3 = false;
        boolean z4 = false;
        ArrayList arrayList = new ArrayList();
        Iterator it = messagePolicy.getPrimaryPolicies().iterator();
        while (it.hasNext()) {
            Object next = it.next();
            if (next instanceof SecurityPolicy) {
                SecurityPolicy securityPolicy = (SecurityPolicy) next;
                if (PolicyTypeUtil.signaturePolicy(securityPolicy)) {
                    z4 = true;
                    if (!z3 && this.isIncoming) {
                        z2 = true;
                    }
                } else if (PolicyTypeUtil.encryptionPolicy(securityPolicy)) {
                    z3 = true;
                    if (!z4 && !this.isIncoming) {
                        z2 = true;
                    }
                    arrayList.add(securityPolicy);
                }
            }
        }
        if (z2) {
            Iterator it2 = messagePolicy.getPrimaryPolicies().iterator();
            while (it2.hasNext()) {
                Object next2 = it2.next();
                boolean z5 = false;
                if (next2 instanceof SecurityPolicy) {
                    SecurityPolicy securityPolicy2 = (SecurityPolicy) next2;
                    if (PolicyTypeUtil.signaturePolicy(securityPolicy2)) {
                        ArrayList targetBindings = ((SignaturePolicy.FeatureBinding) ((SignaturePolicy) securityPolicy2).getFeatureBinding()).getTargetBindings();
                        for (int i = 0; i < targetBindings.size(); i++) {
                            Target target = (Target) targetBindings.get(i);
                            if (target.getType() == "qname" && encPoliciesContain(target.getQName(), arrayList)) {
                                if (z) {
                                    if (z5) {
                                        targetBindings.remove(i);
                                    } else {
                                        target.setQName(new QName(MessageConstants.WSSE11_NS, MessageConstants.ENCRYPTED_HEADER_LNAME));
                                        z5 = true;
                                    }
                                } else if (z5) {
                                    targetBindings.remove(i);
                                } else {
                                    target.setQName(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "EncryptedData"));
                                    z5 = true;
                                }
                            }
                        }
                    }
                }
            }
        }
    }

    public XWSSPolicyContainer(MessageLayout messageLayout, boolean z, boolean z2) {
        this.mode = messageLayout;
        this.isServer = z;
        this.isIncoming = z2;
        setMessageMode(z, z2);
        this.effectivePolicyList = new ArrayList();
    }

    public XWSSPolicyContainer(boolean z, boolean z2) {
        setMessageMode(z, z2);
        this.isServer = z;
        this.isIncoming = z2;
        this.effectivePolicyList = new ArrayList();
    }

    public void setMessageMode(boolean z, boolean z2) {
        if (z && z2) {
            this.section = Section.ServerIncomingPolicy;
            return;
        }
        if (z && !z2) {
            this.section = Section.ServerOutgoingPolicy;
            return;
        }
        if (!z && z2) {
            this.section = Section.ClientIncomingPolicy;
        } else {
            if (z || z2) {
                return;
            }
            this.section = Section.ClientOutgoingPolicy;
        }
    }

    public void setPolicyContainerMode(MessageLayout messageLayout) {
        this.mode = messageLayout;
    }

    public void insert(SecurityPolicy securityPolicy) {
        if (securityPolicy == null) {
            return;
        }
        if (this.policyList == null) {
            this.policyList = new ArrayList();
        }
        if (isSupportingToken(securityPolicy)) {
            switch (this.section) {
                case ServerOutgoingPolicy:
                case ClientIncomingPolicy:
                    return;
            }
        }
        this.modified = true;
        this.policyList.add(securityPolicy);
    }

    public MessagePolicy getMessagePolicy(boolean z) throws PolicyGenerationException {
        if (this.modified) {
            convert();
            this.modified = false;
        }
        MessagePolicy messagePolicy = new MessagePolicy();
        messagePolicy.appendAll(this.effectivePolicyList);
        removeEmptyPrimaryPolicies(messagePolicy);
        fixEncryptedTargetsInSignature(messagePolicy, z);
        return messagePolicy;
    }

    private void removeEmptyPrimaryPolicies(MessagePolicy messagePolicy) {
        Iterator it = messagePolicy.getPrimaryPolicies().iterator();
        while (it.hasNext()) {
            Object next = it.next();
            if (next instanceof SecurityPolicy) {
                SecurityPolicy securityPolicy = (SecurityPolicy) next;
                if (PolicyTypeUtil.signaturePolicy(securityPolicy)) {
                    if (((SignaturePolicy.FeatureBinding) ((SignaturePolicy) securityPolicy).getFeatureBinding()).getTargetBindings().size() == 0) {
                        messagePolicy.remove(securityPolicy);
                    }
                } else if (PolicyTypeUtil.encryptionPolicy(securityPolicy) && ((EncryptionPolicy.FeatureBinding) ((EncryptionPolicy) securityPolicy).getFeatureBinding()).getTargetBindings().size() == 0) {
                    messagePolicy.remove(securityPolicy);
                }
            }
        }
    }

    private void appendAfterToken(SecurityPolicy securityPolicy) {
        int i = -1;
        Iterator<SecurityPolicy> it = this.effectivePolicyList.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            SecurityPolicy next = it.next();
            if (!isSupportingToken(next) && !isTimestamp(next)) {
                i = this.effectivePolicyList.indexOf(next);
                break;
            }
        }
        if (i != -1) {
            this.effectivePolicyList.add(i, securityPolicy);
        } else {
            this.effectivePolicyList.add(securityPolicy);
        }
    }

    private void prependBeforeToken(SecurityPolicy securityPolicy) {
        int i = -1;
        for (SecurityPolicy securityPolicy2 : this.effectivePolicyList) {
            if (isSupportingToken(securityPolicy2)) {
                i = this.effectivePolicyList.indexOf(securityPolicy2);
            }
        }
        if (i != -1) {
            this.effectivePolicyList.add(i, securityPolicy);
        } else {
            this.effectivePolicyList.add(securityPolicy);
        }
    }

    private void append(SecurityPolicy securityPolicy) {
        this.effectivePolicyList.add(securityPolicy);
    }

    private void prepend(SecurityPolicy securityPolicy) {
        this.effectivePolicyList.add(0, securityPolicy);
    }

    private boolean isSupportingToken(SecurityPolicy securityPolicy) {
        if (securityPolicy == null || !PolicyTypeUtil.authenticationTokenPolicy(securityPolicy)) {
            return false;
        }
        MLSPolicy featureBinding = ((AuthenticationTokenPolicy) securityPolicy).getFeatureBinding();
        return PolicyTypeUtil.usernameTokenPolicy(featureBinding) || PolicyTypeUtil.samlTokenPolicy(featureBinding) || PolicyTypeUtil.x509CertificateBinding(featureBinding) || PolicyTypeUtil.issuedTokenKeyBinding(featureBinding);
    }

    private boolean isTimestamp(SecurityPolicy securityPolicy) {
        return securityPolicy != null && PolicyTypeUtil.timestampPolicy(securityPolicy);
    }

    private void convertLax() {
        for (SecurityPolicy securityPolicy : this.policyList) {
            if (isTimestamp(securityPolicy)) {
                this.foundTimestamp = this.policyList.indexOf(securityPolicy);
                prepend(securityPolicy);
            } else if (!isSupportingToken(securityPolicy)) {
                switch (this.section) {
                    case ServerOutgoingPolicy:
                        append(securityPolicy);
                        break;
                    case ClientIncomingPolicy:
                        prepend(securityPolicy);
                        break;
                    case ClientOutgoingPolicy:
                        append(securityPolicy);
                        break;
                    case ServerIncomingPolicy:
                        appendAfterToken(securityPolicy);
                        break;
                }
            } else if (isSupportingToken(securityPolicy) || isTimestamp(securityPolicy)) {
                prepend(securityPolicy);
            }
        }
    }

    private void convertStrict() {
        for (SecurityPolicy securityPolicy : this.policyList) {
            if (isSupportingToken(securityPolicy)) {
                prepend(securityPolicy);
            } else if (!isTimestamp(securityPolicy)) {
                switch (this.section) {
                    case ServerOutgoingPolicy:
                        append(securityPolicy);
                        break;
                    case ClientIncomingPolicy:
                        appendAfterToken(securityPolicy);
                        break;
                    case ClientOutgoingPolicy:
                        append(securityPolicy);
                        break;
                    case ServerIncomingPolicy:
                        appendAfterToken(securityPolicy);
                        break;
                }
            } else {
                prepend(securityPolicy);
            }
        }
    }

    private void convertLaxTsFirst() {
        convertLax();
        if (this.foundTimestamp != -1) {
            switch (this.section) {
                case ServerOutgoingPolicy:
                    this.effectivePolicyList.add(0, this.effectivePolicyList.remove(this.foundTimestamp));
                    return;
                case ClientOutgoingPolicy:
                    this.effectivePolicyList.add(0, this.effectivePolicyList.remove(this.foundTimestamp));
                    return;
                default:
                    return;
            }
        }
    }

    private void convertLaxTsLast() {
        convertLax();
        if (this.foundTimestamp != -1) {
            switch (this.section) {
                case ServerOutgoingPolicy:
                    this.effectivePolicyList.add(this.effectivePolicyList.size() - 1, this.effectivePolicyList.remove(this.foundTimestamp));
                    return;
                case ClientOutgoingPolicy:
                    this.effectivePolicyList.add(this.effectivePolicyList.size() - 1, this.effectivePolicyList.remove(this.foundTimestamp));
                    return;
                default:
                    return;
            }
        }
    }

    public void convert() {
        if (MessageLayout.Lax == this.mode) {
            convertLax();
            return;
        }
        if (MessageLayout.Strict == this.mode) {
            convertStrict();
        } else if (MessageLayout.LaxTsFirst == this.mode) {
            convertLaxTsFirst();
        } else if (MessageLayout.LaxTsLast == this.mode) {
            convertLaxTsLast();
        }
    }
}
