package com.ibm.ws.webservices.wssecurity.handler;

import com.ibm.websphere.security.cred.WSCredential;
import com.ibm.ws.security.auth.SubjectHelper;
import com.ibm.ws.security.core.ContextManager;
import com.ibm.ws.security.core.ContextManagerFactory;
import com.ibm.ws.webservices.engine.Message;
import com.ibm.ws.webservices.engine.MessageContext;
import com.ibm.ws.webservices.engine.WebServicesFault;
import com.ibm.ws.webservices.wssecurity.config.WSSGeneratorConfig;
import com.ibm.ws.webservices.wssecurity.core.WSSGenerator;
import com.ibm.ws.webservices.wssecurity.core.WSSecurityPlatformContext;
import com.ibm.ws.webservices.wssecurity.core.WSSecurityPlatformContextFactory;
import com.ibm.ws.webservices.wssecurity.util.ConfigConstants;
import com.ibm.ws.webservices.wssecurity.util.DOMUtil;
import com.ibm.ws.webservices.wssecurity.util.WSSoapSecurityUtil;
import com.ibm.wsspi.webservices.rpc.handler.soap.SOAPMessageContext;
import com.ibm.wsspi.wssecurity.Constants;
import com.ibm.wsspi.wssecurity.SoapSecurityException;
import com.ibm.wsspi.wssecurity.auth.token.UsernameToken;
import com.ibm.xml.soapsec.util.Tr;
import com.ibm.xml.soapsec.util.TraceComponent;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.Map;
import javax.security.auth.Subject;
import javax.xml.namespace.QName;

/* loaded from: input_file:eclipse/plugins/com.ibm.websphere.v61_6.1.1/ws_runtime.jar:com/ibm/ws/webservices/wssecurity/handler/WSSecurityGeneratorBase.class */
public class WSSecurityGeneratorBase extends WSSGenerator {
    private static final TraceComponent tc;
    private static final String comp = "security.wssecurity";
    private static final String clsName;
    public static final String OPTION;
    public static final String TARGET_PORT;
    private static Map _globalObjectCache;
    static Class class$com$ibm$ws$webservices$wssecurity$handler$WSSecurityGeneratorBase;
    static Class class$com$ibm$ws$webservices$wssecurity$handler$GlobalSecurityHandler;
    private final WSSecurityPlatformContext _contextManager = WSSecurityPlatformContextFactory.getInstance();
    private final ThreadLocal _threadStore = new ThreadLocal();
    private boolean _initialized = false;

    public void init() throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "init()");
        }
        if (!this._initialized) {
            super.init(new HashMap());
            this._initialized = true;
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "init()");
        }
    }

    public void invoke(SOAPMessageContext sOAPMessageContext, WSSGeneratorConfig wSSGeneratorConfig) throws WebServicesFault {
        WebServicesFault makeUserFault;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, new StringBuffer().append("invoke(SOAPMessageContext mcontext[").append(sOAPMessageContext).append("],").append("WSSGeneratorConfig config[").append(wSSGeneratorConfig).append("])").toString());
        }
        MessageContext messageContext = (MessageContext) sOAPMessageContext;
        if (WSSoapSecurityUtil.getServiceHandler(messageContext) != null) {
            HashMap hashMap = new HashMap();
            hashMap.put(Constants.WSSECURITY_MESSAGE_CONTEXT, sOAPMessageContext);
            hashMap.put("com.ibm.wsspi.wssecurity.config.wssGenerator.configKey", wSSGeneratorConfig);
            try {
                super.invoke(null, null, hashMap);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, new StringBuffer().append("The message processed by ").append(this._contextManager.isServer() ? "server side" : "client side").append(" ").append(getClass().getName()).append(" : ").append(DOMUtil.toString(messageContext.getMessage().getSOAPPart())).toString());
                }
            } catch (SoapSecurityException e) {
                Tr.processException(e, new StringBuffer().append(clsName).append(".invoke").toString(), "111", this);
                Tr.error(tc, "security.wssecurity.WSSConsumer.s23", e);
                if (this._contextManager.isServer()) {
                    makeUserFault = e.getFaultCode() != null ? WebServicesFault.makeUserFault(e, e.getFaultCode()) : WebServicesFault.makeUserFault(e, new QName(com.ibm.ws.webservices.wssecurity.Constants.NS_SOAP, "Server.securityException"));
                    messageContext.setCurrentMessage(new Message(makeUserFault));
                } else {
                    makeUserFault = WebServicesFault.makeUserFault(e, new QName(com.ibm.ws.webservices.wssecurity.Constants.NS_SOAP, "Client.securityException"));
                }
                throw makeUserFault;
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "invoke(SOAPMessageContext mcontext,WSSGeneratorConfig config)");
        }
    }

    @Override // com.ibm.ws.webservices.wssecurity.core.WSSGenerator
    public void retrieveCachedInformation(SOAPMessageContext sOAPMessageContext) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "retrieveCachedInformation(SOAPMessageContext context)");
        }
        Object object = getObject((String) getMessageOption("com.ibm.ws.webservices.wssecurity.handler.GlobalSecurityHandler.targetEndpointAddress"));
        if (object == null || !(object instanceof UsernameToken)) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Retrieved username token not found.");
            }
            sOAPMessageContext.removeProperty(Constants.WSSECURITY_BASIC_AUTH_TOKEN);
        } else {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, new StringBuffer().append("Retrieved username token found [").append(object).append("].").toString());
            }
            sOAPMessageContext.setProperty(Constants.WSSECURITY_BASIC_AUTH_TOKEN, object);
        }
        String initialSenderId = getInitialSenderId();
        if (initialSenderId == null || initialSenderId.length() <= 0) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Retrieved identifier of initial sender not found.");
            }
            sOAPMessageContext.removeProperty(Constants.WSSECURITY_INITIAL_SENDER_ID);
        } else {
            UsernameToken usernameToken = new UsernameToken(null, initialSenderId, null);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, new StringBuffer().append("Retrieved identifier of initial sender found [").append(usernameToken).append("].").toString());
            }
            sOAPMessageContext.setProperty(Constants.WSSECURITY_INITIAL_SENDER_ID, usernameToken);
        }
        X509Certificate initialSenderCert = getInitialSenderCert();
        if (initialSenderCert != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, new StringBuffer().append("Retrieved cert of initial sender found [").append(initialSenderCert).append("].").toString());
            }
            sOAPMessageContext.setProperty(Constants.WSSECURITY_INITIAL_SENDER_CERT, initialSenderCert);
        } else {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Retrieved cert of initial sender not found.");
            }
            sOAPMessageContext.removeProperty(Constants.WSSECURITY_INITIAL_SENDER_CERT);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "retrieveCachedInformation(SOAPMessageContext context)");
        }
    }

    protected Object getObject(Object obj) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, new StringBuffer().append("getObject(Object key[").append(obj).append("])").toString());
        }
        Object obj2 = null;
        if (obj != null) {
            obj2 = getThreadStore().get(obj);
            if (obj2 == null) {
                synchronized (_globalObjectCache) {
                    obj2 = _globalObjectCache.get(obj);
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, new StringBuffer().append("getObject(Object key) ").append(obj2 == null ? "not found" : "found").toString());
        }
        return obj2;
    }

    protected void saveTempObject(String str, Object obj) {
        SOAPMessageContext sOAPMessageContext;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, new StringBuffer().append("saveTempObject(String key[").append(str).append("], ").append("Object value[XXXXXXXX])").toString());
        }
        if (!this._contextManager.isServer() && str != null && (sOAPMessageContext = (SOAPMessageContext) getMessageOption("A")) != null) {
            sOAPMessageContext.setProperty(str, obj);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, new StringBuffer().append("Data for ").append(str).append(" is saved to temporary store").toString());
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "saveTempObject(String key,Object value)");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void saveObject(String str, Object obj) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, new StringBuffer().append("saveObject(String key[").append(str).append("], ").append("Object value[XXXXXXXX])").toString());
        }
        synchronized (_globalObjectCache) {
            if (_globalObjectCache.get(str) == null) {
                _globalObjectCache.put(str, obj);
            }
        }
        getThreadStore().put(str, obj);
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, new StringBuffer().append("Data for ").append(str).append(" is saved to global store").toString());
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "saveObject(String key,Object value)");
        }
    }

    private Map getThreadStore() {
        Map map = (Map) this._threadStore.get();
        if (map == null) {
            map = new HashMap();
            this._threadStore.set(map);
        }
        return map;
    }

    private String getInitialSenderId() throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getInitialSenderId()");
        }
        String str = null;
        ContextManager contextManagerFactory = ContextManagerFactory.getInstance();
        if (contextManagerFactory == null) {
            Tr.error(tc, "security.wssecurity.ctxmgr.isnull");
            throw SoapSecurityException.format("security.wssecurity.ctxmgr.isnull");
        }
        Subject subject = (Subject) contextManagerFactory.get(Constants.WSSECURITY_INITIAL_SENDER_ID);
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Initial Sender is found.");
        }
        if (subject != null) {
            WSCredential wSCredentialFromSubject = SubjectHelper.getWSCredentialFromSubject(subject);
            if (wSCredentialFromSubject == null) {
                Tr.error(tc, "security.wssecurity.nocred.found");
                throw SoapSecurityException.format("security.wssecurity.nocred.found");
            }
            try {
                str = wSCredentialFromSubject.getSecurityName();
            } catch (Exception e) {
                Tr.error(tc, "security.wssecurity.noprincipal.found");
                throw SoapSecurityException.format("security.wssecurity.noprincipal.found");
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, new StringBuffer().append("getInitialSenderId() returns String[").append(str).append("]").toString());
        }
        return str;
    }

    private X509Certificate getInitialSenderCert() throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getInitialSenderCert()");
        }
        ContextManager contextManagerFactory = ContextManagerFactory.getInstance();
        if (contextManagerFactory == null) {
            Tr.error(tc, "security.wssecurity.ctxmgr.isnull");
            throw SoapSecurityException.format("security.wssecurity.ctxmgr.isnull");
        }
        X509Certificate x509Certificate = (X509Certificate) contextManagerFactory.get(Constants.WSSECURITY_INITIAL_SENDER_CERT);
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Initial Sender Cert", x509Certificate);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, new StringBuffer().append("getInitialSenderCert() returns X509Certificate[").append(x509Certificate).append("]").toString());
        }
        return x509Certificate;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        Class cls2;
        Class cls3;
        Class cls4;
        if (class$com$ibm$ws$webservices$wssecurity$handler$WSSecurityGeneratorBase == null) {
            cls = class$("com.ibm.ws.webservices.wssecurity.handler.WSSecurityGeneratorBase");
            class$com$ibm$ws$webservices$wssecurity$handler$WSSecurityGeneratorBase = cls;
        } else {
            cls = class$com$ibm$ws$webservices$wssecurity$handler$WSSecurityGeneratorBase;
        }
        tc = Tr.register(cls, ConfigConstants.TR_GROUP, ConfigConstants.TR_NLSPROPS);
        if (class$com$ibm$ws$webservices$wssecurity$handler$WSSecurityGeneratorBase == null) {
            cls2 = class$("com.ibm.ws.webservices.wssecurity.handler.WSSecurityGeneratorBase");
            class$com$ibm$ws$webservices$wssecurity$handler$WSSecurityGeneratorBase = cls2;
        } else {
            cls2 = class$com$ibm$ws$webservices$wssecurity$handler$WSSecurityGeneratorBase;
        }
        clsName = cls2.getName();
        StringBuffer stringBuffer = new StringBuffer();
        if (class$com$ibm$ws$webservices$wssecurity$handler$GlobalSecurityHandler == null) {
            cls3 = class$("com.ibm.ws.webservices.wssecurity.handler.GlobalSecurityHandler");
            class$com$ibm$ws$webservices$wssecurity$handler$GlobalSecurityHandler = cls3;
        } else {
            cls3 = class$com$ibm$ws$webservices$wssecurity$handler$GlobalSecurityHandler;
        }
        OPTION = stringBuffer.append(cls3.getName()).append(".configPath").toString();
        StringBuffer stringBuffer2 = new StringBuffer();
        if (class$com$ibm$ws$webservices$wssecurity$handler$GlobalSecurityHandler == null) {
            cls4 = class$("com.ibm.ws.webservices.wssecurity.handler.GlobalSecurityHandler");
            class$com$ibm$ws$webservices$wssecurity$handler$GlobalSecurityHandler = cls4;
        } else {
            cls4 = class$com$ibm$ws$webservices$wssecurity$handler$GlobalSecurityHandler;
        }
        TARGET_PORT = stringBuffer2.append(cls4.getName()).append(".targetPort").toString();
        _globalObjectCache = new HashMap();
    }
}
