package org.wso2.carbon.identity.sts.passive;

import javax.xml.namespace.QName;
import org.apache.axiom.om.OMAbstractFactory;
import org.apache.axiom.soap.SOAPEnvelope;
import org.apache.axiom.soap.SOAPFactory;
import org.apache.axiom.soap.SOAPFault;
import org.apache.axiom.soap.SOAPFaultCode;
import org.apache.axiom.soap.SOAPFaultDetail;
import org.apache.axiom.soap.SOAPFaultReason;
import org.apache.axiom.soap.SOAPFaultSubCode;
import org.apache.axiom.soap.SOAPFaultText;
import org.apache.axiom.soap.SOAPFaultValue;
import org.apache.axis2.context.MessageContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.rahas.TrustException;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException;
import org.wso2.carbon.identity.application.common.model.InboundAuthenticationRequestConfig;
import org.wso2.carbon.identity.application.common.model.Property;
import org.wso2.carbon.identity.application.common.model.ServiceProvider;
import org.wso2.carbon.identity.application.mgt.ApplicationManagementService;
import org.wso2.carbon.identity.sts.passive.internal.RegistryBasedTrustedServiceStore;
import org.wso2.carbon.identity.sts.passive.processors.RequestProcessor;

/* loaded from: input_file:org/wso2/carbon/identity/sts/passive/PassiveSTSService.class */
public class PassiveSTSService {
    private static final Log log = LogFactory.getLog(PassiveSTSService.class);

    public ResponseToken getResponse(RequestToken requestToken) throws Exception {
        if (requestToken == null || requestToken.getUserName() == null) {
            throw new Exception("Invalid request token. User credentials not provided");
        }
        ResponseToken responseToken = null;
        String str = null;
        setReplyToURL(requestToken);
        RequestProcessor requestProcessor = RequestProcessorFactory.getInstance().getRequestProcessor(requestToken.getAction());
        if (requestProcessor != null) {
            try {
                responseToken = requestProcessor.process(requestToken);
            } catch (TrustException e) {
                str = genFaultResponse(MessageContext.getCurrentMessageContext(), "Sender", "InvalidRequest", e.getMessage(), "none").toStringWithConsume();
            }
        } else {
            str = genFaultResponse(MessageContext.getCurrentMessageContext(), "Sender", "InvalidRequest", "Invalid Request", "none").toStringWithConsume();
        }
        if (responseToken == null) {
            responseToken = new ResponseToken();
        }
        if (str != null) {
            responseToken.setResults(str);
        }
        responseToken.setAuthenticated(true);
        if (requestToken.getReplyTo() != null) {
            responseToken.setReplyTo(requestToken.getReplyTo());
        } else {
            responseToken.setReplyTo(requestToken.getRealm());
        }
        if (responseToken.getReplyTo() == null) {
            throw new Exception("ReplyTo address not found");
        }
        responseToken.setContext(requestToken.getContext());
        return responseToken;
    }

    private SOAPFault genFaultResponse(MessageContext messageContext, String str, String str2, String str3, String str4) {
        if (messageContext.isSOAP11()) {
            SOAPFactory sOAP11Factory = OMAbstractFactory.getSOAP11Factory();
            SOAPEnvelope defaultFaultEnvelope = sOAP11Factory.getDefaultFaultEnvelope();
            SOAPFaultReason createSOAPFaultReason = sOAP11Factory.createSOAPFaultReason();
            createSOAPFaultReason.setText(str3);
            defaultFaultEnvelope.getBody().getFault().setReason(createSOAPFaultReason);
            SOAPFaultCode createSOAPFaultCode = sOAP11Factory.createSOAPFaultCode();
            createSOAPFaultCode.setText(new QName("http://wso2.org/passivests", str2, "sts"));
            defaultFaultEnvelope.getBody().getFault().setCode(createSOAPFaultCode);
            return defaultFaultEnvelope.getBody().getFault();
        }
        SOAPFactory sOAP12Factory = OMAbstractFactory.getSOAP12Factory();
        SOAPEnvelope defaultFaultEnvelope2 = sOAP12Factory.getDefaultFaultEnvelope();
        SOAPFaultDetail createSOAPFaultDetail = sOAP12Factory.createSOAPFaultDetail();
        createSOAPFaultDetail.setText(str4);
        defaultFaultEnvelope2.getBody().getFault().setDetail(createSOAPFaultDetail);
        SOAPFaultReason createSOAPFaultReason2 = sOAP12Factory.createSOAPFaultReason();
        SOAPFaultText createSOAPFaultText = sOAP12Factory.createSOAPFaultText();
        createSOAPFaultText.setText(str3);
        createSOAPFaultReason2.addSOAPText(createSOAPFaultText);
        defaultFaultEnvelope2.getBody().getFault().setReason(createSOAPFaultReason2);
        SOAPFaultCode createSOAPFaultCode2 = sOAP12Factory.createSOAPFaultCode();
        SOAPFaultValue createSOAPFaultValue = sOAP12Factory.createSOAPFaultValue(createSOAPFaultCode2);
        createSOAPFaultValue.setText(str);
        createSOAPFaultCode2.setValue(createSOAPFaultValue);
        SOAPFaultSubCode createSOAPFaultSubCode = sOAP12Factory.createSOAPFaultSubCode(createSOAPFaultCode2);
        SOAPFaultValue createSOAPFaultValue2 = sOAP12Factory.createSOAPFaultValue(createSOAPFaultSubCode);
        createSOAPFaultValue2.setText(new QName("http://wso2.org/passivests", str2, "sts"));
        createSOAPFaultSubCode.setValue(createSOAPFaultValue2);
        createSOAPFaultCode2.setSubCode(createSOAPFaultSubCode);
        defaultFaultEnvelope2.getBody().getFault().setCode(createSOAPFaultCode2);
        return defaultFaultEnvelope2.getBody().getFault();
    }

    public void addTrustedService(String str, String str2, String str3) throws Exception {
        new RegistryBasedTrustedServiceStore().addTrustedService(str, str2, str3);
    }

    public void removeTrustedService(String str) throws Exception {
        new RegistryBasedTrustedServiceStore().removeTrustedService(str);
    }

    public ClaimDTO[] getAllTrustedServices() throws Exception {
        return new RegistryBasedTrustedServiceStore().getAllTrustedServices();
    }

    public ClaimDTO getTrustedServiceClaims(String str) throws Exception {
        return new RegistryBasedTrustedServiceStore().getTrustedServiceClaims(str);
    }

    private void setReplyToURL(RequestToken requestToken) {
        requestToken.getReplyTo();
        String realm = requestToken.getRealm();
        if (realm == null) {
            log.debug("Request does not contains Realm. Skip setting ReplyTo URL from Realm (Service Provider config)");
            return;
        }
        try {
            String tenantDomain = requestToken.getTenantDomain();
            if (tenantDomain == null || tenantDomain.trim().length() == 0) {
                tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
                requestToken.setTenantDomain(tenantDomain);
            }
            if (log.isDebugEnabled()) {
                log.debug("Retrieving wreply url for : " + realm + " in tenant : " + tenantDomain);
            }
            ServiceProvider serviceProviderByClientId = ApplicationManagementService.getInstance().getServiceProviderByClientId(realm, "passivests", tenantDomain);
            if (serviceProviderByClientId == null) {
                log.error("Cannot find Service Provider corresponding to Realm : " + realm + ". Skip setting ReplyTo URL from Realm (Service Provider config)");
            }
            InboundAuthenticationRequestConfig[] inboundAuthenticationRequestConfigs = serviceProviderByClientId.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs();
            if (inboundAuthenticationRequestConfigs != null) {
                for (int i = 0; i < inboundAuthenticationRequestConfigs.length; i++) {
                    if ("passivests".equalsIgnoreCase(inboundAuthenticationRequestConfigs[i].getInboundAuthType())) {
                        Property[] properties = inboundAuthenticationRequestConfigs[i].getProperties();
                        if (properties != null) {
                            for (int i2 = 0; i2 < properties.length; i2++) {
                                if ("passiveSTSWReply".equalsIgnoreCase(properties[i2].getName())) {
                                    String value = properties[i2].getValue();
                                    if (value == null || value.isEmpty()) {
                                        return;
                                    }
                                    if (log.isDebugEnabled()) {
                                        log.debug("Setting ReplyTo URL : " + value + " for Realm : " + realm);
                                    }
                                    requestToken.setReplyTo(value);
                                    return;
                                }
                            }
                        }
                        if (log.isDebugEnabled()) {
                            log.debug("WReply URL does not specified for Realm : " + realm + " in Service Provider configs");
                            return;
                        }
                        return;
                    }
                }
            }
        } catch (IdentityApplicationManagementException e) {
            log.error("Error while retrieving Service Provider corresponding to Realm : " + realm + ". Skip setting ReplyTo URL from Realm (Service Provider config)", e);
        }
    }
}
