package org.apache.ws.security.processor;

import java.io.IOException;
import java.security.cert.X509Certificate;
import java.util.Set;
import java.util.Vector;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSDocInfo;
import org.apache.ws.security.WSPasswordCallback;
import org.apache.ws.security.WSSConfig;
import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.WSUsernameTokenPrincipal;
import org.apache.ws.security.components.crypto.Crypto;
import org.apache.ws.security.message.token.UsernameToken;
import org.w3c.dom.Element;

/* loaded from: input_file:lib/wss4j-1.5.4.jar:org/apache/ws/security/processor/UsernameTokenProcessor.class */
public class UsernameTokenProcessor implements Processor {
    private static Log log;
    private String utId;
    private UsernameToken ut;
    private boolean handleCustomPasswordTypes;
    static Class class$org$apache$ws$security$processor$UsernameTokenProcessor;

    @Override // org.apache.ws.security.processor.Processor
    public void handleToken(Element element, Crypto crypto, Crypto crypto2, CallbackHandler callbackHandler, WSDocInfo wSDocInfo, Vector vector, WSSConfig wSSConfig) throws WSSecurityException {
        if (log.isDebugEnabled()) {
            log.debug("Found UsernameToken list element");
        }
        this.handleCustomPasswordTypes = wSSConfig.getHandleCustomPasswordTypes();
        vector.add(0, new WSSecurityEngineResult(1, handleUsernameToken(element, callbackHandler), (X509Certificate) null, (Set) null, (byte[]) null));
        this.utId = element.getAttributeNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "Id");
    }

    public WSUsernameTokenPrincipal handleUsernameToken(Element element, CallbackHandler callbackHandler) throws WSSecurityException {
        this.ut = new UsernameToken(element);
        String name = this.ut.getName();
        String password = this.ut.getPassword();
        String nonce = this.ut.getNonce();
        String created = this.ut.getCreated();
        String passwordType = this.ut.getPasswordType();
        if (log.isDebugEnabled()) {
            log.debug(new StringBuffer().append("UsernameToken user ").append(name).toString());
            log.debug(new StringBuffer().append("UsernameToken password ").append(password).toString());
        }
        Callback[] callbackArr = new Callback[1];
        if (this.ut.isHashed()) {
            if (callbackHandler == null) {
                throw new WSSecurityException(0, "noCallback");
            }
            WSPasswordCallback wSPasswordCallback = new WSPasswordCallback(name, 2);
            callbackArr[0] = wSPasswordCallback;
            try {
                callbackHandler.handle(callbackArr);
                String password2 = wSPasswordCallback.getPassword();
                if (log.isDebugEnabled()) {
                    log.debug(new StringBuffer().append("UsernameToken callback password ").append(password2).toString());
                }
                if (password2 == null) {
                    throw new WSSecurityException(0, "noPassword", new Object[]{name});
                }
                if (!UsernameToken.doPasswordDigest(nonce, created, password2).equals(password)) {
                    throw new WSSecurityException(5);
                }
                this.ut.setRawPassword(password2);
            } catch (IOException e) {
                if (log.isDebugEnabled()) {
                    log.debug(e);
                }
                throw new WSSecurityException(5);
            } catch (UnsupportedCallbackException e2) {
                if (log.isDebugEnabled()) {
                    log.debug(e2);
                }
                throw new WSSecurityException(5);
            }
        } else {
            if (callbackHandler == null) {
                throw new WSSecurityException(0, "noCallback");
            }
            if (!WSConstants.PASSWORD_TEXT.equals(passwordType) && !this.handleCustomPasswordTypes) {
                if (log.isDebugEnabled()) {
                    log.debug("Authentication failed as handleCustomUsernameTokenTypes is false");
                }
                throw new WSSecurityException(5);
            }
            callbackArr[0] = new WSPasswordCallback(name, password, passwordType, 5);
            try {
                callbackHandler.handle(callbackArr);
                this.ut.setRawPassword(password);
            } catch (IOException e3) {
                if (log.isDebugEnabled()) {
                    log.debug(e3);
                }
                throw new WSSecurityException(5);
            } catch (UnsupportedCallbackException e4) {
                if (log.isDebugEnabled()) {
                    log.debug(e4);
                }
                throw new WSSecurityException(5);
            }
        }
        WSUsernameTokenPrincipal wSUsernameTokenPrincipal = new WSUsernameTokenPrincipal(name, this.ut.isHashed());
        wSUsernameTokenPrincipal.setNonce(nonce);
        wSUsernameTokenPrincipal.setPassword(password);
        wSUsernameTokenPrincipal.setCreatedTime(created);
        wSUsernameTokenPrincipal.setPasswordType(passwordType);
        return wSUsernameTokenPrincipal;
    }

    @Override // org.apache.ws.security.processor.Processor
    public String getId() {
        return this.utId;
    }

    public UsernameToken getUt() {
        return this.ut;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$apache$ws$security$processor$UsernameTokenProcessor == null) {
            cls = class$("org.apache.ws.security.processor.UsernameTokenProcessor");
            class$org$apache$ws$security$processor$UsernameTokenProcessor = cls;
        } else {
            cls = class$org$apache$ws$security$processor$UsernameTokenProcessor;
        }
        log = LogFactory.getLog(cls.getName());
    }
}
