package org.apache.chemistry.opencmis.client.bindings.spi;

import java.lang.reflect.InvocationTargetException;
import java.text.SimpleDateFormat;
import java.util.TimeZone;
import javax.security.auth.Subject;
import javax.xml.parsers.ParserConfigurationException;
import org.apache.chemistry.opencmis.commons.exceptions.CmisRuntimeException;
import org.apache.chemistry.opencmis.commons.impl.Base64;
import org.apache.chemistry.opencmis.commons.impl.ClassLoaderUtil;
import org.apache.chemistry.opencmis.commons.impl.XMLUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:org/apache/chemistry/opencmis/client/bindings/spi/LTPAWSSecurityAuthenticationProvider.class */
public class LTPAWSSecurityAuthenticationProvider extends StandardAuthenticationProvider {
    private static final long serialVersionUID = 1;
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) LTPAWSSecurityAuthenticationProvider.class);

    @Override // org.apache.chemistry.opencmis.client.bindings.spi.StandardAuthenticationProvider, org.apache.chemistry.opencmis.client.bindings.spi.AbstractAuthenticationProvider, org.apache.chemistry.opencmis.commons.spi.AuthenticationProvider
    public Element getSOAPHeaders(Object obj) {
        String securityToken = getSecurityToken();
        if (securityToken == null) {
            if (!LOG.isDebugEnabled()) {
                return null;
            }
            LOG.debug("securityToken is null");
            return null;
        }
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");
        simpleDateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));
        long currentTimeMillis = System.currentTimeMillis();
        long j = currentTimeMillis + 86400000;
        try {
            Document newDomDocument = XMLUtils.newDomDocument();
            Element createElementNS = newDomDocument.createElementNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security");
            Element createElementNS2 = newDomDocument.createElementNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "Timestamp");
            createElementNS.appendChild(createElementNS2);
            Element createElementNS3 = newDomDocument.createElementNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "Created");
            createElementNS3.appendChild(newDomDocument.createTextNode(simpleDateFormat.format(Long.valueOf(currentTimeMillis))));
            createElementNS2.appendChild(createElementNS3);
            Element createElementNS4 = newDomDocument.createElementNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "Expires");
            createElementNS4.appendChild(newDomDocument.createTextNode(simpleDateFormat.format(Long.valueOf(j))));
            createElementNS2.appendChild(createElementNS4);
            Element createElementNS5 = newDomDocument.createElementNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "BinarySecurityToken");
            createElementNS5.setAttribute("xmlns:wsu", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
            createElementNS5.setAttribute("xmlns:wsst", "http://www.ibm.com/websphere/appserver/tokentype");
            createElementNS5.setAttribute("wsu:Id", "ltpa_20");
            createElementNS5.setAttribute("ValueType", "wsst:LTPAv2");
            createElementNS5.appendChild(newDomDocument.createTextNode(securityToken));
            createElementNS.appendChild(createElementNS5);
            return createElementNS;
        } catch (ParserConfigurationException e) {
            throw new CmisRuntimeException("Could not build SOAP header: " + e.getMessage(), e);
        }
    }

    private String getSecurityToken() {
        try {
            Class<?> loadClass = ClassLoaderUtil.loadClass("com.ibm.websphere.security.auth.WSSubject");
            Class<?> loadClass2 = ClassLoaderUtil.loadClass("com.ibm.websphere.security.cred.WSCredential");
            Subject subject = (Subject) loadClass.getMethod("getRunAsSubject", new Class[0]).invoke(null, new Object[0]);
            if (subject == null) {
                return null;
            }
            Object next = subject.getPublicCredentials(loadClass2).iterator().next();
            if (((String) invokeSecurityCredentialMethod(loadClass2, next, "getSecurityName")).equalsIgnoreCase("UNAUTHENTICATED")) {
                if (!LOG.isDebugEnabled()) {
                    return null;
                }
                LOG.debug("User = UNAUTHENTICATED");
                return null;
            }
            byte[] bArr = (byte[]) invokeSecurityCredentialMethod(loadClass2, next, "getCredentialToken");
            if (bArr == null) {
                return null;
            }
            return Base64.encodeBytes(bArr);
        } catch (Exception e) {
            throw new CmisRuntimeException("Could not build SOAP header: " + e.getMessage(), e);
        }
    }

    private <T> T invokeSecurityCredentialMethod(Class<?> cls, Object obj, String str) throws NoSuchMethodException, IllegalAccessException, InvocationTargetException {
        return (T) cls.getMethod(str, new Class[0]).invoke(obj, new Object[0]);
    }

    @Override // org.apache.chemistry.opencmis.client.bindings.spi.StandardAuthenticationProvider
    protected boolean getSendBasicAuth() {
        return false;
    }

    @Override // org.apache.chemistry.opencmis.client.bindings.spi.StandardAuthenticationProvider
    protected boolean getSendUsernameToken() {
        return false;
    }
}
