package org.apache.cxf.systest.ws.security;

import java.io.IOException;
import java.math.BigInteger;
import javax.jws.WebService;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.xml.ws.BindingProvider;
import javax.xml.ws.Endpoint;
import org.apache.cxf.interceptor.LoggingOutInterceptor;
import org.apache.cxf.policytest.doubleit.DoubleItPortType;
import org.apache.cxf.policytest.doubleit.DoubleItService;
import org.apache.cxf.service.model.EndpointInfo;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
import org.apache.cxf.ws.policy.PolicyEngine;
import org.apache.ws.security.WSPasswordCallback;
import org.junit.BeforeClass;
import org.junit.Test;

/* loaded from: input_file:org/apache/cxf/systest/ws/security/SecurityPolicyTest.class */
public class SecurityPolicyTest extends AbstractBusClientServerTestBase {
    public static final String POLICY_ADDRESS = "http://localhost:9010/SecPolTest";
    public static final String POLICY_HTTPS_ADDRESS = "https://localhost:9009/SecPolTest";
    public static final String POLICY_ENCSIGN_ADDRESS = "http://localhost:9010/SecPolTestEncryptThenSign";
    public static final String POLICY_SIGNENC_ADDRESS = "http://localhost:9010/SecPolTestSignThenEncrypt";
    public static final String POLICY_SIGN_ADDRESS = "http://localhost:9010/SecPolTestSign";

    @WebService(targetNamespace = "http://cxf.apache.org/policytest/DoubleIt", portName = "DoubleItPortHttp", serviceName = "DoubleItService", endpointInterface = "org.apache.cxf.policytest.doubleit.DoubleItPortType", wsdlLocation = "classpath:/wsdl_systest/DoubleIt.wsdl")
    /* loaded from: input_file:org/apache/cxf/systest/ws/security/SecurityPolicyTest$DoubleItImpl.class */
    public static class DoubleItImpl implements DoubleItPortType {
        @Override // org.apache.cxf.policytest.doubleit.DoubleItPortType
        public BigInteger doubleIt(BigInteger bigInteger) {
            return bigInteger.multiply(new BigInteger("2"));
        }
    }

    @WebService(targetNamespace = "http://cxf.apache.org/policytest/DoubleIt", portName = "DoubleItPortEncryptThenSign", serviceName = "DoubleItService", endpointInterface = "org.apache.cxf.policytest.doubleit.DoubleItPortType", wsdlLocation = "classpath:/wsdl_systest/DoubleIt.wsdl")
    /* loaded from: input_file:org/apache/cxf/systest/ws/security/SecurityPolicyTest$DoubleItImplEncryptThenSign.class */
    public static class DoubleItImplEncryptThenSign implements DoubleItPortType {
        @Override // org.apache.cxf.policytest.doubleit.DoubleItPortType
        public BigInteger doubleIt(BigInteger bigInteger) {
            return bigInteger.multiply(new BigInteger("2"));
        }
    }

    @WebService(targetNamespace = "http://cxf.apache.org/policytest/DoubleIt", portName = "DoubleItPortHttps", serviceName = "DoubleItService", endpointInterface = "org.apache.cxf.policytest.doubleit.DoubleItPortType", wsdlLocation = "classpath:/wsdl_systest/DoubleIt.wsdl")
    /* loaded from: input_file:org/apache/cxf/systest/ws/security/SecurityPolicyTest$DoubleItImplHttps.class */
    public static class DoubleItImplHttps implements DoubleItPortType {
        @Override // org.apache.cxf.policytest.doubleit.DoubleItPortType
        public BigInteger doubleIt(BigInteger bigInteger) {
            return bigInteger.multiply(new BigInteger("2"));
        }
    }

    @WebService(targetNamespace = "http://cxf.apache.org/policytest/DoubleIt", portName = "DoubleItPortSign", serviceName = "DoubleItService", endpointInterface = "org.apache.cxf.policytest.doubleit.DoubleItPortType", wsdlLocation = "classpath:/wsdl_systest/DoubleIt.wsdl")
    /* loaded from: input_file:org/apache/cxf/systest/ws/security/SecurityPolicyTest$DoubleItImplSign.class */
    public static class DoubleItImplSign implements DoubleItPortType {
        @Override // org.apache.cxf.policytest.doubleit.DoubleItPortType
        public BigInteger doubleIt(BigInteger bigInteger) {
            return bigInteger.multiply(new BigInteger("2"));
        }
    }

    @WebService(targetNamespace = "http://cxf.apache.org/policytest/DoubleIt", portName = "DoubleItPortSignThenEncrypt", serviceName = "DoubleItService", endpointInterface = "org.apache.cxf.policytest.doubleit.DoubleItPortType", wsdlLocation = "classpath:/wsdl_systest/DoubleIt.wsdl")
    /* loaded from: input_file:org/apache/cxf/systest/ws/security/SecurityPolicyTest$DoubleItImplSignThenEncrypt.class */
    public static class DoubleItImplSignThenEncrypt implements DoubleItPortType {
        @Override // org.apache.cxf.policytest.doubleit.DoubleItPortType
        public BigInteger doubleIt(BigInteger bigInteger) {
            return bigInteger.multiply(new BigInteger("2"));
        }
    }

    /* loaded from: input_file:org/apache/cxf/systest/ws/security/SecurityPolicyTest$ServerPasswordCallback.class */
    public static class ServerPasswordCallback implements CallbackHandler {
        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
            WSPasswordCallback wSPasswordCallback = (WSPasswordCallback) callbackArr[0];
            if (wSPasswordCallback.getIdentifier().equals("bob")) {
                wSPasswordCallback.setPassword("pwd");
            }
        }
    }

    @BeforeClass
    public static void init() throws Exception {
        ((PolicyEngine) createStaticBus(SecurityPolicyTest.class.getResource("https_config.xml").toString()).getExtension(PolicyEngine.class)).setEnabled(true);
        getStaticBus().getOutInterceptors().add(new LoggingOutInterceptor());
        Endpoint.publish(POLICY_HTTPS_ADDRESS, new DoubleItImplHttps()).getServer().getEndpoint().getEndpointInfo().setProperty("ws-security.callback-handler", new ServerPasswordCallback());
        Endpoint.publish(POLICY_ADDRESS, new DoubleItImpl());
        EndpointInfo endpointInfo = Endpoint.publish(POLICY_ENCSIGN_ADDRESS, new DoubleItImplEncryptThenSign()).getServer().getEndpoint().getEndpointInfo();
        endpointInfo.setProperty("ws-security.callback-handler", new KeystorePasswordCallback());
        endpointInfo.setProperty("ws-security.signature.properties", SecurityPolicyTest.class.getResource("bob.properties").toString());
        endpointInfo.setProperty("ws-security.encryption.properties", SecurityPolicyTest.class.getResource("alice.properties").toString());
        EndpointInfo endpointInfo2 = Endpoint.publish(POLICY_SIGNENC_ADDRESS, new DoubleItImplSignThenEncrypt()).getServer().getEndpoint().getEndpointInfo();
        endpointInfo2.setProperty("ws-security.callback-handler", new KeystorePasswordCallback());
        endpointInfo2.setProperty("ws-security.signature.properties", SecurityPolicyTest.class.getResource("bob.properties").toString());
        endpointInfo2.setProperty("ws-security.encryption.properties", SecurityPolicyTest.class.getResource("alice.properties").toString());
        EndpointInfo endpointInfo3 = Endpoint.publish(POLICY_SIGN_ADDRESS, new DoubleItImplSign()).getServer().getEndpoint().getEndpointInfo();
        endpointInfo3.setProperty("ws-security.callback-handler", new KeystorePasswordCallback());
        endpointInfo3.setProperty("ws-security.signature.properties", SecurityPolicyTest.class.getResource("bob.properties").toString());
        endpointInfo3.setProperty("ws-security.encryption.properties", SecurityPolicyTest.class.getResource("alice.properties").toString());
    }

    @Test
    public void testPolicy() throws Exception {
        DoubleItService doubleItService = new DoubleItService();
        BindingProvider doubleItPortEncryptThenSign = doubleItService.getDoubleItPortEncryptThenSign();
        doubleItPortEncryptThenSign.getRequestContext().put("ws-security.callback-handler", new KeystorePasswordCallback());
        doubleItPortEncryptThenSign.getRequestContext().put("ws-security.signature.properties", getClass().getResource("alice.properties"));
        doubleItPortEncryptThenSign.getRequestContext().put("ws-security.encryption.properties", getClass().getResource("bob.properties"));
        doubleItPortEncryptThenSign.doubleIt(BigInteger.valueOf(5L));
        BindingProvider doubleItPortSign = doubleItService.getDoubleItPortSign();
        doubleItPortSign.getRequestContext().put("ws-security.callback-handler", new KeystorePasswordCallback());
        doubleItPortSign.getRequestContext().put("ws-security.signature.properties", getClass().getResource("alice.properties"));
        doubleItPortSign.getRequestContext().put("ws-security.encryption.properties", getClass().getResource("bob.properties"));
        doubleItPortSign.doubleIt(BigInteger.valueOf(5L));
        BindingProvider doubleItPortSignThenEncrypt = doubleItService.getDoubleItPortSignThenEncrypt();
        doubleItPortSignThenEncrypt.getRequestContext().put("ws-security.callback-handler", new KeystorePasswordCallback());
        doubleItPortSignThenEncrypt.getRequestContext().put("ws-security.signature.properties", getClass().getResource("alice.properties"));
        doubleItPortSignThenEncrypt.getRequestContext().put("ws-security.encryption.properties", getClass().getResource("bob.properties"));
        doubleItPortSignThenEncrypt.doubleIt(BigInteger.valueOf(5L));
        BindingProvider doubleItPortHttps = doubleItService.getDoubleItPortHttps();
        try {
            doubleItPortHttps.doubleIt(BigInteger.valueOf(25L));
        } catch (Exception e) {
            if (!e.getMessage().contains("sername")) {
                throw e;
            }
        }
        doubleItPortHttps.getRequestContext().put("ws-security.username", "bob");
        doubleItPortHttps.getRequestContext().put("ws-security.signature.username", "bob");
        doubleItPortHttps.getRequestContext().put("ws-security.password", "pwd");
        doubleItPortHttps.doubleIt(BigInteger.valueOf(25L));
        try {
            doubleItService.getDoubleItPortHttp().doubleIt(BigInteger.valueOf(25L));
            fail("https policy should have triggered");
        } catch (Exception e2) {
            if (!e2.getMessage().contains("HttpsToken")) {
                throw e2;
            }
        }
    }
}
