package org.apache.rahas.impl;

import java.util.Date;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.soap.SOAPEnvelope;
import org.apache.axis2.description.Parameter;
import org.apache.rahas.RahasConstants;
import org.apache.rahas.RahasData;
import org.apache.rahas.Token;
import org.apache.rahas.TokenIssuer;
import org.apache.rahas.TrustException;
import org.apache.rahas.TrustUtil;
import org.apache.ws.security.conversation.ConversationConstants;
import org.apache.ws.security.conversation.ConversationException;
import org.apache.ws.security.message.token.SecurityContextToken;
import org.apache.ws.security.util.XmlSchemaDateFormat;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:WEB-INF/lib/rampart-trust-1.3.jar:org/apache/rahas/impl/SCTIssuer.class */
public class SCTIssuer implements TokenIssuer {
    public static final String COMPUTED_KEY = "ComputedKey";
    private String configFile;
    private OMElement configElement;
    private String configParamName;

    @Override // org.apache.rahas.TokenIssuer
    public SOAPEnvelope issue(RahasData rahasData) throws TrustException {
        SCTIssuerConfig sCTIssuerConfig = null;
        if (this.configElement != null) {
            sCTIssuerConfig = SCTIssuerConfig.load(this.configElement.getFirstChildWithName(SCTIssuerConfig.SCT_ISSUER_CONFIG));
        }
        if (sCTIssuerConfig == null && this.configFile != null) {
            sCTIssuerConfig = SCTIssuerConfig.load(this.configFile);
        }
        if (sCTIssuerConfig == null && this.configParamName != null) {
            Parameter parameter = rahasData.getInMessageContext().getParameter(this.configParamName);
            if (parameter == null || parameter.getParameterElement() == null) {
                throw new TrustException("expectedParameterMissing", new String[]{this.configParamName});
            }
            sCTIssuerConfig = SCTIssuerConfig.load(parameter.getParameterElement().getFirstChildWithName(SCTIssuerConfig.SCT_ISSUER_CONFIG));
        }
        if (sCTIssuerConfig == null) {
            throw new TrustException("missingConfiguration", new String[]{SCTIssuerConfig.SCT_ISSUER_CONFIG.getLocalPart()});
        }
        return createEnvelope(rahasData, sCTIssuerConfig);
    }

    private SOAPEnvelope createEnvelope(RahasData rahasData, SCTIssuerConfig sCTIssuerConfig) throws TrustException {
        try {
            SOAPEnvelope createSOAPEnvelope = TrustUtil.createSOAPEnvelope(rahasData.getSoapNs());
            int version = rahasData.getVersion();
            Document ownerDocument = ((Element) createSOAPEnvelope).getOwnerDocument();
            SecurityContextToken securityContextToken = new SecurityContextToken(getWSCVersion(rahasData.getTokenType()), ownerDocument);
            OMElement createRequestSecurityTokenResponseElement = TrustUtil.createRequestSecurityTokenResponseElement(version, createSOAPEnvelope.getBody());
            TrustUtil.createRequestedSecurityTokenElement(version, createRequestSecurityTokenResponseElement).addChild((OMElement) securityContextToken.getElement());
            String tokenType = rahasData.getTokenType();
            OMElement oMElement = null;
            OMElement oMElement2 = null;
            if (sCTIssuerConfig.addRequestedAttachedRef) {
                oMElement = TrustUtil.createRequestedAttachedRef(version, createRequestSecurityTokenResponseElement, new StringBuffer().append("#").append(securityContextToken.getID()).toString(), tokenType);
            }
            if (sCTIssuerConfig.addRequestedUnattachedRef) {
                oMElement2 = TrustUtil.createRequestedUnattachedRef(version, createRequestSecurityTokenResponseElement, securityContextToken.getIdentifier(), tokenType);
            }
            Date date = new Date();
            Date date2 = new Date();
            date2.setTime(date.getTime() + sCTIssuerConfig.ttl);
            XmlSchemaDateFormat xmlSchemaDateFormat = new XmlSchemaDateFormat();
            TrustUtil.createLifetimeElement(version, createRequestSecurityTokenResponseElement, xmlSchemaDateFormat.format(date), xmlSchemaDateFormat.format(date2));
            Token token = new Token(securityContextToken.getIdentifier(), (OMElement) securityContextToken.getElement(), date, date2);
            if (sCTIssuerConfig.addRequestedAttachedRef) {
                token.setAttachedReference(oMElement.getFirstElement());
            }
            if (sCTIssuerConfig.addRequestedUnattachedRef) {
                token.setUnattachedReference(oMElement2.getFirstElement());
            }
            token.setSecret(TokenIssuerUtil.getSharedSecret(rahasData, sCTIssuerConfig.keyComputation, sCTIssuerConfig.keySize));
            TokenIssuerUtil.handleRequestedProofToken(rahasData, version, sCTIssuerConfig, createRequestSecurityTokenResponseElement, token, ownerDocument);
            token.setState(1);
            TrustUtil.getTokenStore(rahasData.getInMessageContext()).add(token);
            return createSOAPEnvelope;
        } catch (ConversationException e) {
            throw new TrustException(e.getMessage(), e);
        }
    }

    @Override // org.apache.rahas.TokenIssuer
    public String getResponseAction(RahasData rahasData) throws TrustException {
        return TrustUtil.getActionValue(rahasData.getVersion(), RahasConstants.RSTR_ACTION_SCT);
    }

    @Override // org.apache.rahas.TokenIssuer
    public void setConfigurationFile(String str) {
        this.configFile = str;
    }

    @Override // org.apache.rahas.TokenIssuer
    public void setConfigurationElement(OMElement oMElement) {
        this.configElement = oMElement;
    }

    @Override // org.apache.rahas.TokenIssuer
    public void setConfigurationParamName(String str) {
        this.configParamName = str;
    }

    private int getWSCVersion(String str) throws ConversationException {
        if (str == null) {
            return 1;
        }
        if (str.startsWith(ConversationConstants.WSC_NS_05_02)) {
            return ConversationConstants.getWSTVersion(ConversationConstants.WSC_NS_05_02);
        }
        if (str.startsWith(ConversationConstants.WSC_NS_05_12)) {
            return ConversationConstants.getWSTVersion(ConversationConstants.WSC_NS_05_12);
        }
        throw new ConversationException("unsupportedSecConvVersion");
    }
}
