package org.apache.rahas.impl;

import java.io.ByteArrayOutputStream;
import java.util.Date;
import javax.xml.stream.XMLStreamException;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.OMNode;
import org.apache.axiom.om.util.AXIOMUtil;
import org.apache.axiom.soap.SOAPEnvelope;
import org.apache.axis2.context.MessageContext;
import org.apache.rahas.RahasConstants;
import org.apache.rahas.RahasData;
import org.apache.rahas.Token;
import org.apache.rahas.TrustException;
import org.apache.rahas.TrustUtil;
import org.apache.ws.security.components.crypto.Crypto;
import org.apache.ws.security.components.crypto.CryptoFactory;
import org.apache.ws.security.util.XmlSchemaDateFormat;
import org.opensaml.saml2.core.Assertion;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.bootstrap.DOMImplementationRegistry;
import org.w3c.dom.ls.DOMImplementationLS;
import org.w3c.dom.ls.LSOutput;
import org.w3c.dom.ls.LSSerializer;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/org.apache.rampart.wso2-rampart-trust-1.6.1-wso2v36.jar:org/apache/rahas/impl/SAML2PassiveTokenIssuer.class
 */
/* loaded from: input_file:WEB-INF/lib/org.apache.rampart-rampart-trust-1.6.1-wso2v36.jar:org/apache/rahas/impl/SAML2PassiveTokenIssuer.class */
public class SAML2PassiveTokenIssuer extends SAML2TokenIssuer {
    private SAMLTokenIssuerConfig config = null;
    private RahasData data = null;

    public void setConfig(SAMLTokenIssuerConfig sAMLTokenIssuerConfig) {
        this.config = sAMLTokenIssuerConfig;
    }

    public OMElement issuePassiveRSTR(RahasData rahasData) throws TrustException {
        OMElement createRequestSecurityTokenResponseElement;
        MessageContext inMessageContext = rahasData.getInMessageContext();
        this.data = rahasData;
        SOAPEnvelope createSOAPEnvelope = TrustUtil.createSOAPEnvelope(inMessageContext.getEnvelope().getNamespace().getNamespaceURI());
        Crypto cryptoFactory = this.config.cryptoElement != null ? CryptoFactory.getInstance(TrustUtil.toProperties(this.config.cryptoElement), inMessageContext.getAxisService().getClassLoader()) : (this.config.cryptoPropertiesElement == null || this.config.cryptoPropertiesElement.getFirstElement() == null) ? CryptoFactory.getInstance(this.config.cryptoPropertiesFile, inMessageContext.getAxisService().getClassLoader()) : CryptoFactory.getInstance(TrustUtil.toProperties(this.config.cryptoPropertiesElement.getFirstElement()), inMessageContext.getAxisService().getClassLoader());
        Date date = new Date();
        Date date2 = new Date();
        date2.setTime(date.getTime() + this.config.ttl);
        Document ownerDocument = ((Element) createSOAPEnvelope).getOwnerDocument();
        int keysize = rahasData.getKeysize();
        int i = keysize == -1 ? this.config.keySize : keysize;
        Assertion createBearerAssersion = createBearerAssersion(this.config, ownerDocument, cryptoFactory, rahasData);
        OMElement oMElement = null;
        int version = rahasData.getVersion();
        if (1 == version) {
            createRequestSecurityTokenResponseElement = TrustUtil.createRequestSecurityTokenResponseElement(version, createSOAPEnvelope.getBody());
        } else {
            oMElement = TrustUtil.createRequestSecurityTokenResponseCollectionElement(version, createSOAPEnvelope.getBody());
            createRequestSecurityTokenResponseElement = TrustUtil.createRequestSecurityTokenResponseElement(version, oMElement);
        }
        TrustUtil.createTokenTypeElement(version, createRequestSecurityTokenResponseElement).setText(RahasConstants.TOK_TYPE_SAML_20);
        if (this.config.addRequestedAttachedRef) {
            TrustUtil.createRequestedAttachedRef(version, createRequestSecurityTokenResponseElement, "#" + createBearerAssersion.getID(), RahasConstants.TOK_TYPE_SAML_20);
        }
        if (this.config.addRequestedUnattachedRef) {
            TrustUtil.createRequestedUnattachedRef(version, createRequestSecurityTokenResponseElement, createBearerAssersion.getID(), RahasConstants.TOK_TYPE_SAML_20);
        }
        if (rahasData.getAppliesToAddress() != null) {
            TrustUtil.createAppliesToElement(createRequestSecurityTokenResponseElement, rahasData.getAppliesToAddress(), rahasData.getAddressingNs());
        }
        XmlSchemaDateFormat xmlSchemaDateFormat = new XmlSchemaDateFormat();
        TrustUtil.createLifetimeElement(version, createRequestSecurityTokenResponseElement, xmlSchemaDateFormat.format(date), xmlSchemaDateFormat.format(date2));
        OMElement createRequestedSecurityTokenElement = TrustUtil.createRequestedSecurityTokenElement(version, createRequestSecurityTokenResponseElement);
        Element dom = createBearerAssersion.getDOM();
        Element dom2 = createBearerAssersion.getDOM();
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            DOMImplementationLS dOMImplementationLS = (DOMImplementationLS) DOMImplementationRegistry.newInstance().getDOMImplementation("LS");
            LSSerializer createLSSerializer = dOMImplementationLS.createLSSerializer();
            LSOutput createLSOutput = dOMImplementationLS.createLSOutput();
            createLSOutput.setByteStream(byteArrayOutputStream);
            createLSSerializer.write(dom2, createLSOutput);
            try {
                OMElement stringToOM = AXIOMUtil.stringToOM(byteArrayOutputStream.toString());
                createRequestedSecurityTokenElement.addChild((OMNode) ((Element) createRequestSecurityTokenResponseElement).getOwnerDocument().importNode(dom, true));
                Token token = new Token(createBearerAssersion.getID(), stringToOM, date, date2);
                token.setSecret(rahasData.getEphmeralKey());
                if (!this.config.isTokenStoreDisabled()) {
                    token.setPersistenceEnabled(true);
                    TrustUtil.getTokenStore(inMessageContext).add(token);
                }
                return oMElement != null ? oMElement : createRequestSecurityTokenResponseElement;
            } catch (XMLStreamException e) {
                throw new TrustException("errorCreatingSAMLToken", new String[]{createBearerAssersion.getID()}, e);
            }
        } catch (ClassCastException e2) {
            throw new TrustException("errorCreatingSAMLToken", new String[]{createBearerAssersion.getID()}, e2);
        } catch (ClassNotFoundException e3) {
            throw new TrustException("errorCreatingSAMLToken", new String[]{createBearerAssersion.getID()}, e3);
        } catch (IllegalAccessException e4) {
            throw new TrustException("errorCreatingSAMLToken", new String[]{createBearerAssersion.getID()}, e4);
        } catch (InstantiationException e5) {
            throw new TrustException("errorCreatingSAMLToken", new String[]{createBearerAssersion.getID()}, e5);
        }
    }

    public void setAudienceRestrictionCondition(String str) throws TrustException {
        this.audienceRestriction = str;
    }
}
