package weblogic.xml.security.specs;

import java.io.IOException;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import weblogic.xml.process.FunctionRef;
import weblogic.xml.security.SecurityConfigurationException;
import weblogic.xml.security.SecurityProcessingException;
import weblogic.xml.security.utils.ElementFactory;
import weblogic.xml.security.utils.NSOutputStream;
import weblogic.xml.security.utils.NamespaceAwareXOS;
import weblogic.xml.security.utils.StreamUtils;
import weblogic.xml.security.wsse.Security;
import weblogic.xml.security.wsse.SecurityElementFactory;
import weblogic.xml.security.wsse.Token;
import weblogic.xml.security.wsse.v200207.WSSEConstants;
import weblogic.xml.stream.Attribute;
import weblogic.xml.stream.StartElement;
import weblogic.xml.stream.XMLEvent;
import weblogic.xml.stream.XMLInputOutputStream;
import weblogic.xml.stream.XMLInputStream;
import weblogic.xml.stream.XMLOutputStream;
import weblogic.xml.stream.XMLOutputStreamFactory;
import weblogic.xml.stream.XMLStreamException;
import weblogic.xml.xmlnode.XMLNode;

/* loaded from: input_file:weblogic/xml/security/specs/SecuritySpec.class */
public class SecuritySpec implements SpecConstants {
    private String role;
    private String id;
    private String namespace;
    public static final String DEFAULT_SPEC_ID = "default-spec";
    private BinarySecurityTokenSpec binarySecurityTokenSpec;
    private UsernameTokenSpec usernameTokenSpec;
    private SignatureSpec signatureSpec;
    private EncryptionSpec encryptionSpec;
    private static final String DEFAULT_NAMESPACE = WSSEConstants.WSSE_URI;
    private static final boolean DEBUG = Security.WSSE_VERBOSE;
    private static final SecurityElementFactory factory = SecurityElementFactory.getDefaultFactory();

    public SecuritySpec() {
        this(null, DEFAULT_NAMESPACE, null);
    }

    public void setRole(String str) {
        this.role = str;
    }

    public void setId(String str) {
        this.id = str;
    }

    public void setNamespace(String str) {
        this.namespace = str;
    }

    public SecuritySpec(String str, String str2) {
        this(str, str2, null);
    }

    public SecuritySpec(String str, String str2, String str3) {
        this.id = DEFAULT_SPEC_ID;
        this.binarySecurityTokenSpec = null;
        this.usernameTokenSpec = null;
        this.signatureSpec = null;
        this.encryptionSpec = null;
        this.id = str;
        this.namespace = str2;
        this.role = str3;
    }

    public SecuritySpec(XMLInputStream xMLInputStream, String str) throws XMLStreamException {
        this.id = DEFAULT_SPEC_ID;
        this.binarySecurityTokenSpec = null;
        this.usernameTokenSpec = null;
        this.signatureSpec = null;
        this.encryptionSpec = null;
        fromXMLInternal(xMLInputStream, str);
    }

    public SecuritySpec(XMLInputStream xMLInputStream) throws XMLStreamException {
        this.id = DEFAULT_SPEC_ID;
        this.binarySecurityTokenSpec = null;
        this.usernameTokenSpec = null;
        this.signatureSpec = null;
        this.encryptionSpec = null;
        fromXMLInternal(xMLInputStream, SpecConstants.SPEC_URI);
    }

    public SignatureSpec setSignatureSpec(String str, String str2) {
        return setSignatureSpec(str, str2, false);
    }

    public SignatureSpec setSignatureSpec(String str, String str2, boolean z) {
        return setSignatureSpec(new SignatureSpec(str, str2, z));
    }

    public SignatureSpec setSignatureSpec(SignatureSpec signatureSpec) {
        this.signatureSpec = signatureSpec;
        return signatureSpec;
    }

    public UsernameTokenSpec setUsernameTokenSpec(String str) {
        return setUsernameTokenSpec(str, null);
    }

    public UsernameTokenSpec setUsernameTokenSpec(String str, String str2) {
        return setUsernameTokenSpec(new UsernameTokenSpec(str, str2));
    }

    public UsernameTokenSpec setUsernameTokenSpec(UsernameTokenSpec usernameTokenSpec) {
        this.usernameTokenSpec = usernameTokenSpec;
        return usernameTokenSpec;
    }

    public BinarySecurityTokenSpec setBinarySecurityTokenSpec(String str) {
        return setBinarySecurityTokenSpec(new BinarySecurityTokenSpec(str, WSSEConstants.ENCODING_BASE64));
    }

    public BinarySecurityTokenSpec setBinarySecurityTokenSpec(BinarySecurityTokenSpec binarySecurityTokenSpec) {
        this.binarySecurityTokenSpec = binarySecurityTokenSpec;
        return binarySecurityTokenSpec;
    }

    public EncryptionSpec setEncryptionSpec(String str, X509Certificate x509Certificate) {
        return setEncryptionSpec(str, x509Certificate, false);
    }

    public EncryptionSpec setEncryptionSpec(String str, X509Certificate x509Certificate, boolean z) {
        return setEncryptionSpec(new EncryptionSpec(str, x509Certificate, z));
    }

    public EncryptionSpec setEncryptionSpec(EncryptionSpec encryptionSpec) {
        this.encryptionSpec = encryptionSpec;
        return encryptionSpec;
    }

    public String toString() {
        return "weblogic.xml.security.specs.SecuritySpec{role='" + this.role + "', id='" + this.id + "', namespace='" + this.namespace + "', binarySecurityTokenSpec=" + this.binarySecurityTokenSpec + ", usernameTokenSpec=" + this.usernameTokenSpec + ", signatureSpec=" + this.signatureSpec + ", encryptionSpec=" + this.encryptionSpec + FunctionRef.FUNCTION_CLOSE_BRACE;
    }

    public String getRole() {
        return this.role;
    }

    public String getId() {
        return this.id;
    }

    public String getNamespace() {
        return this.namespace;
    }

    public BinarySecurityTokenSpec getBinarySecurityTokenSpec() {
        return this.binarySecurityTokenSpec;
    }

    public UsernameTokenSpec getUsernameTokenSpec() {
        return this.usernameTokenSpec;
    }

    public void setEnablePasswordAuth(boolean z) {
        if (z) {
            setUsernameTokenSpec(UsernameTokenSpec.getDefaultSpec());
        } else {
            setUsernameTokenSpec((UsernameTokenSpec) null);
        }
    }

    public boolean getEnablePasswordAuth() {
        return getUsernameTokenSpec() != null;
    }

    public SignatureSpec getSignatureSpec() {
        return this.signatureSpec;
    }

    public EncryptionSpec getEncryptionSpec() {
        return this.encryptionSpec;
    }

    public void toXML(XMLOutputStream xMLOutputStream) throws XMLStreamException {
        toXML(xMLOutputStream, SpecConstants.SPEC_URI, 0);
    }

    public void toXML(XMLOutputStream xMLOutputStream, String str, int i) throws XMLStreamException {
        if (!(xMLOutputStream instanceof NSOutputStream)) {
            NamespaceAwareXOS namespaceAwareXOS = new NamespaceAwareXOS(xMLOutputStream);
            xMLOutputStream = namespaceAwareXOS;
            namespaceAwareXOS.addPrefix(SpecConstants.SPEC_URI, SpecConstants.DEFAULT_PREFIX);
        }
        ArrayList arrayList = new ArrayList(3);
        if (this.role != null) {
            arrayList.add(ElementFactory.createAttribute(ElementFactory.createXMLName(null, SpecConstants.SOAP_ATTR_ROLE, getSoapEnvPrefix()), this.role));
        }
        if (this.namespace != null) {
            arrayList.add(ElementFactory.createAttribute(SpecConstants.SPEC_URI, SpecConstants.ATTR_NAMESPACE, this.namespace));
        }
        if (this.id != null) {
            arrayList.add(ElementFactory.createAttribute(SpecConstants.SPEC_URI, "Id", this.id));
        }
        Attribute[] attributeArr = new Attribute[arrayList.size()];
        arrayList.toArray(attributeArr);
        int i2 = i + 2;
        StreamUtils.addStart(xMLOutputStream, SpecConstants.SPEC_URI, SpecConstants.TAG_SECURITY_SPEC, attributeArr, i);
        if (this.usernameTokenSpec != null) {
            this.usernameTokenSpec.toXML(xMLOutputStream, str, i2);
        }
        if (this.binarySecurityTokenSpec != null) {
            this.binarySecurityTokenSpec.toXML(xMLOutputStream, str, i2);
        }
        if (this.signatureSpec != null) {
            this.signatureSpec.toXML(xMLOutputStream, str, i2);
        }
        if (this.encryptionSpec != null) {
            this.encryptionSpec.toXML(xMLOutputStream, str, i2);
        }
        StreamUtils.addEnd(xMLOutputStream, str, SpecConstants.TAG_SECURITY_SPEC);
    }

    public XMLNode getXMLNode() throws IOException {
        XMLInputOutputStream newInputOutputStream = XMLOutputStreamFactory.newInstance().newInputOutputStream();
        toXML(newInputOutputStream);
        XMLNode xMLNode = new XMLNode();
        xMLNode.read(newInputOutputStream);
        xMLNode.addNamespace(SpecConstants.DEFAULT_PREFIX, SpecConstants.SPEC_URI);
        xMLNode.setName(SpecConstants.TAG_SECURITY_SPEC, SpecConstants.DEFAULT_PREFIX, SpecConstants.SPEC_URI);
        return xMLNode;
    }

    private void fromXMLInternal(XMLInputStream xMLInputStream, String str) throws XMLStreamException {
        StartElement startElement = (StartElement) StreamUtils.getElement(xMLInputStream, str, SpecConstants.TAG_SECURITY_SPEC);
        if (startElement == null) {
            throw new XMLStreamException("Did not receive expected SecuritySpec");
        }
        this.id = StreamUtils.getAttribute(startElement, "Id");
        this.namespace = StreamUtils.getAttribute(startElement, SpecConstants.ATTR_NAMESPACE);
        if (this.namespace == null) {
            this.namespace = DEFAULT_NAMESPACE;
        }
        this.role = StreamUtils.getAttribute(startElement, SpecConstants.SOAP_ATTR_ROLE);
        XMLEvent peekElement = StreamUtils.peekElement(xMLInputStream);
        if (peekElement.isStartElement() && StreamUtils.matches(peekElement, SpecConstants.TAG_USERNAME_TOKEN_SPEC, SpecConstants.SPEC_URI)) {
            this.usernameTokenSpec = new UsernameTokenSpec(xMLInputStream, str);
            peekElement = StreamUtils.peekElement(xMLInputStream);
        }
        if (peekElement.isStartElement() && StreamUtils.matches(peekElement, SpecConstants.TAG_BINARY_SECURITY_TOKEN_SPEC, SpecConstants.SPEC_URI)) {
            this.binarySecurityTokenSpec = new BinarySecurityTokenSpec(xMLInputStream, str);
            peekElement = StreamUtils.peekElement(xMLInputStream);
        }
        if (peekElement.isStartElement() && StreamUtils.matches(peekElement, SpecConstants.TAG_SIGNATURE_SPEC, SpecConstants.SPEC_URI)) {
            this.signatureSpec = new SignatureSpec(xMLInputStream, str);
            peekElement = StreamUtils.peekElement(xMLInputStream);
        }
        if (peekElement.isStartElement() && StreamUtils.matches(peekElement, SpecConstants.TAG_ENCRYPTION_SPEC, SpecConstants.SPEC_URI)) {
            this.encryptionSpec = new EncryptionSpec(xMLInputStream, str);
            StreamUtils.peekElement(xMLInputStream);
        }
        StreamUtils.closeScope(xMLInputStream, str, SpecConstants.TAG_SECURITY_SPEC);
    }

    private String getSoapEnvPrefix() {
        return "env";
    }

    public final Security createSecurity(String str, TimestampConfig timestampConfig, String str2, String str3, X509Certificate x509Certificate, PrivateKey privateKey, X509Certificate x509Certificate2, SecurityElementFactory securityElementFactory) {
        Security createSecurity = securityElementFactory.createSecurity(str);
        if (timestampConfig.generateTimestamp() && this.signatureSpec != null) {
            if (timestampConfig.includeExpiry()) {
                createSecurity.addTimestamp(timestampConfig.getValidityPeriod());
            } else {
                createSecurity.addTimestamp();
            }
        }
        if (this.usernameTokenSpec != null) {
            if (str2 == null) {
                throw new SecurityConfigurationException("UsernameToken not provided, but required by service");
            }
            createSecurity.addToken(securityElementFactory.createToken(str2, str3, this.usernameTokenSpec.getPasswordType()));
        }
        Token createToken = (privateKey == null || x509Certificate2 == null) ? null : securityElementFactory.createToken(x509Certificate2, privateKey);
        if (this.signatureSpec != null) {
            if (createToken == null) {
                throw new SecurityConfigurationException("Service requires signed requests, but no Token was provided");
            }
            try {
                createSecurity.addSignature(createToken, this.signatureSpec);
            } catch (SecurityProcessingException e) {
                if (DEBUG) {
                    e.printStackTrace();
                }
                throw new SecurityConfigurationException("Unable to add signature to request", e);
            }
        }
        if (this.binarySecurityTokenSpec != null) {
            if (createToken == null) {
                throw new SecurityConfigurationException("Token not provided, but required by service");
            }
            createSecurity.addToken(createToken);
        }
        if (this.encryptionSpec != null) {
            if (x509Certificate == null) {
                throw new SecurityConfigurationException("Service requires encryption but no encryption key was was available for recipient");
            }
            try {
                createSecurity.addEncryption(securityElementFactory.createToken(x509Certificate, (PrivateKey) null), this.encryptionSpec);
            } catch (SecurityProcessingException e2) {
                if (DEBUG) {
                    e2.printStackTrace();
                }
                throw new SecurityConfigurationException("Failed adding encryption to request", e2);
            }
        }
        return createSecurity;
    }
}
