package org.wso2.carbon.identity.samples.sts;

import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.util.Properties;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamException;
import org.apache.axiom.om.OMAbstractFactory;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.OMFactory;
import org.apache.axiom.om.OMNamespace;
import org.apache.axiom.om.impl.builder.StAXOMBuilder;
import org.apache.axis2.addressing.EndpointReference;
import org.apache.axis2.client.ServiceClient;
import org.apache.axis2.context.ConfigurationContext;
import org.apache.axis2.context.ConfigurationContextFactory;
import org.apache.axis2.description.AxisService;
import org.apache.neethi.Policy;
import org.apache.neethi.PolicyEngine;
import org.apache.rahas.Token;
import org.apache.rahas.TokenStorage;
import org.apache.rahas.TrustException;
import org.apache.rahas.TrustUtil;
import org.apache.rahas.client.STSClient;
import org.apache.rampart.policy.model.CryptoConfig;
import org.apache.rampart.policy.model.RampartConfig;
import org.apache.ws.secpolicy.SP11Constants;

/* loaded from: input_file:org/wso2/carbon/identity/samples/sts/Client.class */
public class Client {
    private boolean enableRelyingParty;
    private static boolean enableValidateBinding;
    private static boolean enableRenewing;
    private static boolean isSetRenewing;
    private static boolean isSetValidate;
    private static String tokenType;
    private String subjectConfirmationMethod;
    private String keystorePath;
    private String repoPath;
    private String stsEPR;
    private String relyingPartyEPR;
    private String stsPolicyPath;
    private String relyingPartyPolicyPath;
    private String echoRequestMsg;
    private String username;
    private String claimDialect;
    private String[] claimUris;
    private String encryptionUser;
    private String userCertAlias;
    private String pwdCallbackClass;
    private String keystorePwd;

    public static void main(String[] strArr) {
        if (strArr.length != 0) {
            if (strArr[0].equals("samlVersion")) {
                tokenType = strArr[1];
            }
            if (strArr[2].equals("renew")) {
                enableRenewing = Boolean.parseBoolean(strArr[3]);
                isSetRenewing = true;
            }
            if (strArr[4].equals("validate")) {
                enableValidateBinding = Boolean.parseBoolean(strArr[5]);
                isSetValidate = true;
            }
        }
        new Client().run();
    }

    /* JADX WARN: Finally extract failed */
    private void run() {
        try {
            try {
                loadConfigurations();
                System.setProperty("javax.net.ssl.trustStore", this.keystorePath);
                System.setProperty("javax.net.ssl.trustStorePassword", this.keystorePwd);
                ConfigurationContext createConfigurationContextFromFileSystem = ConfigurationContextFactory.createConfigurationContextFromFileSystem(this.repoPath);
                STSClient sTSClient = new STSClient(createConfigurationContextFromFileSystem);
                sTSClient.setRstTemplate(getRSTTemplate());
                sTSClient.setAction(TrustUtil.getActionValue(1, "/RST/Issue"));
                Policy loadPolicy = loadPolicy(this.stsPolicyPath);
                RampartConfig buildRampartConfig = buildRampartConfig();
                loadPolicy.addAssertion(buildRampartConfig);
                Token requestSecurityToken = sTSClient.requestSecurityToken((Policy) null, this.stsEPR, loadPolicy, this.relyingPartyEPR);
                TokenStorage tokenStore = TrustUtil.getTokenStore(createConfigurationContextFromFileSystem);
                String id = requestSecurityToken.getId();
                tokenStore.add(requestSecurityToken);
                System.out.println(requestSecurityToken.getToken().toString());
                String str = null;
                if (enableRenewing) {
                    System.out.println("Renewing " + tokenType);
                    String str2 = null;
                    if (tokenType.equals(ClientConstants.SAML_TOKEN_TYPE_11)) {
                        str2 = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1";
                    } else if (tokenType.equals(ClientConstants.SAML_TOKEN_TYPE_20)) {
                        str2 = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0";
                    }
                    sTSClient.setRstTemplate(getRSTTemplate());
                    System.out.println("tokenRenewed : " + sTSClient.renewToken(id, str2, this.stsEPR, loadPolicy, tokenStore));
                    Token token = tokenStore.getRenewedTokens()[0];
                    str = token.getId();
                    System.out.println("Renewed Token : \n" + token.getToken().toString());
                }
                if (enableValidateBinding) {
                    STSClient sTSClient2 = new STSClient(createConfigurationContextFromFileSystem);
                    sTSClient2.setAction(TrustUtil.getActionValue(1, "/RST/Validate"));
                    if (sTSClient2.validateToken(str != null ? str : id, this.stsEPR, loadPolicy)) {
                        if (enableRenewing) {
                            System.out.println("Renewed SAML " + tokenType + " Token is valid");
                        } else {
                            System.out.println("Response SAML " + tokenType + " Token is valid");
                        }
                    } else if (enableRenewing) {
                        System.out.println("Renewed SAML " + tokenType + " Token is invalid");
                    } else {
                        System.out.println("Response SAML " + tokenType + " Token is invalid");
                    }
                }
                if (this.enableRelyingParty) {
                    ServiceClient serviceClient = new ServiceClient(createConfigurationContextFromFileSystem, (AxisService) null);
                    serviceClient.engageModule("addressing");
                    serviceClient.engageModule("rampart");
                    Policy loadPolicy2 = loadPolicy(this.relyingPartyPolicyPath);
                    loadPolicy2.addAssertion(buildRampartConfig);
                    serviceClient.getOptions().setProperty("rampartPolicy", loadPolicy2);
                    serviceClient.getOptions().setProperty("customIssuedToken", str);
                    serviceClient.getOptions().setAction("urn:echoString");
                    serviceClient.getOptions().setTo(new EndpointReference(this.relyingPartyEPR));
                    OMElement sendReceive = serviceClient.sendReceive(getPayload(this.echoRequestMsg));
                    serviceClient.getOptions().setCallTransportCleanup(true);
                    System.out.println(sendReceive.toString());
                    System.exit(0);
                }
                System.exit(0);
            } catch (Exception e) {
                e.printStackTrace();
                System.exit(0);
            }
        } catch (Throwable th) {
            System.exit(0);
            throw th;
        }
    }

    private void loadConfigurations() throws IOException {
        Properties properties = new Properties();
        properties.load(new FileInputStream(ClientConstants.PROPERTIES_FILE_PATH));
        this.enableRelyingParty = Boolean.parseBoolean(properties.getProperty(ClientConstants.ENABLE_RELYING_PARTY));
        if (!isSetValidate) {
            enableValidateBinding = Boolean.parseBoolean(properties.getProperty(ClientConstants.ENABLE_VALIDATE_BINDING));
        }
        if (!isSetRenewing) {
            enableRenewing = Boolean.parseBoolean(properties.getProperty(ClientConstants.ENABLE_RENEW));
        }
        if (tokenType == null) {
            tokenType = properties.getProperty(ClientConstants.SAML_TOKEN_TYPE);
        }
        this.subjectConfirmationMethod = properties.getProperty(ClientConstants.SUBJECT_CONFIRMATION_METHOD);
        this.keystorePath = ClientConstants.RESOURCE_PATH + properties.getProperty(ClientConstants.KEYSTORE_PATH);
        this.repoPath = ClientConstants.RESOURCE_PATH + properties.getProperty(ClientConstants.REPO_PATH);
        this.stsEPR = properties.getProperty(ClientConstants.STS_ADDRESS);
        this.relyingPartyEPR = properties.getProperty(ClientConstants.RELYING_PARTY_ADDRESS);
        this.stsPolicyPath = ClientConstants.RESOURCE_PATH + properties.getProperty(ClientConstants.STS_POLICY_PATH);
        this.relyingPartyPolicyPath = ClientConstants.RESOURCE_PATH + properties.getProperty(ClientConstants.RELYING_PARTY_POLICY_PATH);
        this.echoRequestMsg = properties.getProperty(ClientConstants.RELYING_PARTY_MESSAGE);
        this.username = properties.getProperty(ClientConstants.UT_USERNAME);
        this.claimDialect = properties.getProperty(ClientConstants.CLAIM_DIALECT);
        this.claimUris = properties.getProperty(ClientConstants.CLAIM_URIS).split(",");
        this.encryptionUser = properties.getProperty(ClientConstants.ENCRYPTION_USER);
        this.userCertAlias = properties.getProperty(ClientConstants.USER_CERTIFICATE_ALIAS);
        this.pwdCallbackClass = properties.getProperty(ClientConstants.PASSWORD_CALLBACK_CLASS);
        this.keystorePwd = properties.getProperty(ClientConstants.KEYSTORE_PASSWORD);
    }

    private OMElement getRSTTemplate() throws TrustException {
        OMElement createOMElement = OMAbstractFactory.getOMFactory().createOMElement(SP11Constants.REQUEST_SECURITY_TOKEN_TEMPLATE);
        if (ClientConstants.SAML_TOKEN_TYPE_20.equals(tokenType)) {
            TrustUtil.createTokenTypeElement(1, createOMElement).setText("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0");
        } else if (ClientConstants.SAML_TOKEN_TYPE_11.equals(tokenType)) {
            TrustUtil.createTokenTypeElement(1, createOMElement).setText("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1");
        }
        if (ClientConstants.SUBJECT_CONFIRMATION_BEARER.equals(this.subjectConfirmationMethod)) {
            TrustUtil.createKeyTypeElement(1, createOMElement, "/Bearer");
        } else if (ClientConstants.SUBJECT_CONFIRMATION_HOLDER_OF_KEY.equals(this.subjectConfirmationMethod)) {
            TrustUtil.createKeyTypeElement(1, createOMElement, "/SymmetricKey");
        }
        addClaimType(TrustUtil.createClaims(1, createOMElement, this.claimDialect), this.claimUris);
        return createOMElement;
    }

    private void addClaimType(OMElement oMElement, String[] strArr) {
        for (String str : strArr) {
            oMElement.getOMFactory().createOMElement(new QName("http://schemas.xmlsoap.org/ws/2005/05/identity", "ClaimType", "wsid"), oMElement).addAttribute(oMElement.getOMFactory().createOMAttribute("Uri", (OMNamespace) null, str));
        }
    }

    private Policy loadPolicy(String str) throws XMLStreamException, FileNotFoundException {
        return PolicyEngine.getPolicy(new StAXOMBuilder(str).getDocumentElement());
    }

    private RampartConfig buildRampartConfig() {
        RampartConfig rampartConfig = new RampartConfig();
        rampartConfig.setUser(this.username);
        rampartConfig.setEncryptionUser(this.encryptionUser);
        rampartConfig.setUserCertAlias(this.userCertAlias);
        rampartConfig.setPwCbClass(this.pwdCallbackClass);
        Properties properties = new Properties();
        properties.put("org.apache.ws.security.crypto.merlin.keystore.type", "JKS");
        properties.put("org.apache.ws.security.crypto.merlin.file", this.keystorePath);
        properties.put("org.apache.ws.security.crypto.merlin.keystore.password", this.keystorePwd);
        CryptoConfig cryptoConfig = new CryptoConfig();
        cryptoConfig.setProvider("org.apache.ws.security.components.crypto.Merlin");
        cryptoConfig.setProp(properties);
        rampartConfig.setEncrCryptoConfig(cryptoConfig);
        rampartConfig.setSigCryptoConfig(cryptoConfig);
        return rampartConfig;
    }

    private OMElement getPayload(String str) {
        OMFactory oMFactory = OMAbstractFactory.getOMFactory();
        OMElement createOMElement = oMFactory.createOMElement("echoString", oMFactory.createOMNamespace("http://echo.services.core.carbon.wso2.org", "ns"));
        OMElement createOMElement2 = oMFactory.createOMElement("in", (OMNamespace) null);
        createOMElement2.setText(str);
        createOMElement.addChild(createOMElement2);
        return createOMElement;
    }
}
