package com.sun.xml.wss.provider.wsit;

import com.sun.xml.ws.api.WSBinding;
import com.sun.xml.ws.api.model.wsdl.WSDLBoundOperation;
import com.sun.xml.ws.api.model.wsdl.WSDLPort;
import com.sun.xml.ws.api.pipe.ClientPipeAssemblerContext;
import com.sun.xml.ws.api.pipe.Codec;
import com.sun.xml.ws.api.pipe.Codecs;
import com.sun.xml.ws.api.pipe.Pipe;
import com.sun.xml.ws.api.pipe.Tube;
import com.sun.xml.ws.api.pipe.helper.PipeAdapter;
import com.sun.xml.ws.api.server.Container;
import com.sun.xml.ws.assembler.ClientPipelineHook;
import com.sun.xml.ws.assembler.ClientTubelineAssemblyContext;
import com.sun.xml.ws.assembler.ServerPipelineHook;
import com.sun.xml.ws.assembler.ServerTubelineAssemblyContext;
import com.sun.xml.ws.assembler.TubeFactory;
import com.sun.xml.ws.assembler.TubelineAssemblyContextUpdater;
import com.sun.xml.ws.encoding.LazyStreamCodec;
import com.sun.xml.ws.policy.Policy;
import com.sun.xml.ws.policy.PolicyException;
import com.sun.xml.ws.policy.PolicyMap;
import com.sun.xml.ws.policy.PolicyMapKey;
import com.sun.xml.ws.security.policy.SecurityPolicyVersion;
import com.sun.xml.ws.security.secconv.SecureConversationInitiator;
import com.sun.xml.ws.util.ServiceConfigurationError;
import com.sun.xml.ws.util.ServiceFinder;
import com.sun.xml.wss.impl.XWSSecurityRuntimeException;
import com.sun.xml.wss.impl.misc.SecurityUtil;
import com.sun.xml.wss.jaxws.impl.SecurityClientTube;
import com.sun.xml.wss.jaxws.impl.SecurityServerTube;
import com.sun.xml.xwss.XWSSClientTube;
import com.sun.xml.xwss.XWSSServerTube;
import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationTargetException;
import java.net.URL;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.security.auth.message.config.AuthConfigFactory;
import javax.xml.ws.WebServiceException;

/* loaded from: input_file:META-INF/lib/webservices-osgi-2.0-b24.jar:com/sun/xml/wss/provider/wsit/SecurityTubeFactory.class */
public final class SecurityTubeFactory implements TubeFactory, TubelineAssemblyContextUpdater {
    private static final String SERVLET_CONTEXT_CLASSNAME = "javax.servlet.ServletContext";
    private static final String ENDPOINT = "ENDPOINT";
    private static final String NEXT_PIPE = "NEXT_PIPE";
    private static final String POLICY = "POLICY";
    private static final String SEI_MODEL = "SEI_MODEL";
    private static final String WSDL_MODEL = "WSDL_MODEL";
    private static final String GF_SERVER_SEC_PIPE = "com.sun.enterprise.webservice.CommonServerSecurityPipe";

    @Override // com.sun.xml.ws.assembler.TubelineAssemblyContextUpdater
    public void prepareContext(ClientTubelineAssemblyContext clientTubelineAssemblyContext) throws WebServiceException {
        if (isSecurityEnabled(clientTubelineAssemblyContext.getPolicyMap(), clientTubelineAssemblyContext.getWsdlPort())) {
            clientTubelineAssemblyContext.setCodec(createSecurityCodec(clientTubelineAssemblyContext.getBinding()));
        }
    }

    @Override // com.sun.xml.ws.assembler.TubelineAssemblyContextUpdater
    public void prepareContext(ServerTubelineAssemblyContext serverTubelineAssemblyContext) throws WebServiceException {
        if (isSecurityEnabled(serverTubelineAssemblyContext.getPolicyMap(), serverTubelineAssemblyContext.getWsdlPort())) {
            serverTubelineAssemblyContext.setCodec(createSecurityCodec(serverTubelineAssemblyContext.getEndpoint().getBinding()));
        }
    }

    @Override // com.sun.xml.ws.assembler.TubeFactory
    public Tube createTube(ServerTubelineAssemblyContext serverTubelineAssemblyContext) throws WebServiceException {
        ServerPipelineHook serverPipelineHook;
        ServerPipelineHook[] serverTubeLineHooks = getServerTubeLineHooks();
        if (serverTubeLineHooks == null || serverTubeLineHooks.length <= 0 || !(serverTubeLineHooks[0] instanceof ServerPipeCreator)) {
            serverPipelineHook = (ServerPipelineHook) serverTubelineAssemblyContext.getEndpoint().getContainer().getSPI(ServerPipelineHook.class);
        } else {
            serverPipelineHook = serverTubeLineHooks[0];
            initializeJMAC();
        }
        if (serverPipelineHook != null) {
            Tube tubelineHead = serverTubelineAssemblyContext.getTubelineHead();
            Tube createSecurityTube = serverPipelineHook.createSecurityTube(serverTubelineAssemblyContext);
            if (tubelineHead == createSecurityTube) {
                createSecurityTube = PipeAdapter.adapt(serverPipelineHook.createSecurityPipe(serverTubelineAssemblyContext.getPolicyMap(), serverTubelineAssemblyContext.getSEIModel(), serverTubelineAssemblyContext.getWsdlPort(), serverTubelineAssemblyContext.getEndpoint(), serverTubelineAssemblyContext.getAdaptedTubelineHead()));
            }
            return createSecurityTube;
        }
        if (!isSecurityEnabled(serverTubelineAssemblyContext.getPolicyMap(), serverTubelineAssemblyContext.getWsdlPort())) {
            try {
                if (!serverTubelineAssemblyContext.isPolicyAvailable() && isSecurityConfigPresent(serverTubelineAssemblyContext)) {
                    return initializeXWSSServerTube(serverTubelineAssemblyContext);
                }
            } catch (NoClassDefFoundError e) {
            }
            return serverTubelineAssemblyContext.getTubelineHead();
        }
        if (serverTubeLineHooks != null && serverTubeLineHooks.length == 0) {
            return createSecurityTube(serverTubelineAssemblyContext);
        }
        if (serverTubeLineHooks == null || serverTubeLineHooks.length <= 0) {
            return new SecurityServerTube(serverTubelineAssemblyContext, serverTubelineAssemblyContext.getTubelineHead());
        }
        ServerPipelineHook serverPipelineHook2 = serverTubeLineHooks[0];
        Tube tubelineHead2 = serverTubelineAssemblyContext.getTubelineHead();
        Tube createSecurityTube2 = serverPipelineHook2.createSecurityTube(serverTubelineAssemblyContext);
        if (tubelineHead2 == createSecurityTube2) {
            createSecurityTube2 = PipeAdapter.adapt(serverPipelineHook2.createSecurityPipe(serverTubelineAssemblyContext.getPolicyMap(), serverTubelineAssemblyContext.getSEIModel(), serverTubelineAssemblyContext.getWsdlPort(), serverTubelineAssemblyContext.getEndpoint(), serverTubelineAssemblyContext.getAdaptedTubelineHead()));
        }
        return createSecurityTube2;
    }

    @Override // com.sun.xml.ws.assembler.TubeFactory
    public Tube createTube(ClientTubelineAssemblyContext clientTubelineAssemblyContext) throws WebServiceException {
        ClientPipelineHook clientPipelineHook = null;
        ClientPipelineHook[] clientTublineHooks = getClientTublineHooks(clientTubelineAssemblyContext);
        if (clientTublineHooks != null && clientTublineHooks.length > 0) {
            int length = clientTublineHooks.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                ClientPipelineHook clientPipelineHook2 = clientTublineHooks[i];
                if (clientPipelineHook2 instanceof ClientPipeCreator) {
                    clientPipelineHook = clientPipelineHook2;
                    initializeJMAC();
                    break;
                }
                i++;
            }
        }
        if (clientPipelineHook == null) {
            clientPipelineHook = (ClientPipelineHook) clientTubelineAssemblyContext.getContainer().getSPI(ClientPipelineHook.class);
        }
        if (clientPipelineHook == null) {
            if (!isSecurityEnabled(clientTubelineAssemblyContext.getPolicyMap(), clientTubelineAssemblyContext.getWsdlPort())) {
                return (clientTubelineAssemblyContext.isPolicyAvailable() || !isSecurityConfigPresent(clientTubelineAssemblyContext)) ? clientTubelineAssemblyContext.getTubelineHead() : initializeXWSSClientTube(clientTubelineAssemblyContext);
            }
            SecurityClientTube securityClientTube = new SecurityClientTube(clientTubelineAssemblyContext, clientTubelineAssemblyContext.getTubelineHead());
            clientTubelineAssemblyContext.setScInitiator(securityClientTube);
            return securityClientTube;
        }
        Tube tubelineHead = clientTubelineAssemblyContext.getTubelineHead();
        Tube createSecurityTube = clientPipelineHook.createSecurityTube(clientTubelineAssemblyContext);
        if (tubelineHead == createSecurityTube) {
            Pipe createSecurityPipe = clientPipelineHook.createSecurityPipe(clientTubelineAssemblyContext.getPolicyMap(), new ClientPipeAssemblerContext(clientTubelineAssemblyContext.getAddress(), clientTubelineAssemblyContext.getWsdlPort(), clientTubelineAssemblyContext.getService(), clientTubelineAssemblyContext.getBinding(), clientTubelineAssemblyContext.getContainer()), clientTubelineAssemblyContext.getAdaptedTubelineHead());
            if (isSecurityEnabled(clientTubelineAssemblyContext.getPolicyMap(), clientTubelineAssemblyContext.getWsdlPort())) {
                clientTubelineAssemblyContext.setScInitiator((SecureConversationInitiator) createSecurityPipe);
            }
            createSecurityTube = PipeAdapter.adapt(createSecurityPipe);
        }
        return createSecurityTube;
    }

    private ClientPipelineHook[] getClientTublineHooks(ClientTubelineAssemblyContext clientTubelineAssemblyContext) {
        try {
            ClientPipelineHook[] clientPipelineHookArr = (ClientPipelineHook[]) loadSPs(ClientPipelineHook.class);
            if (clientPipelineHookArr == null) {
                return null;
            }
            if (clientPipelineHookArr.length > 0) {
                return clientPipelineHookArr;
            }
            return null;
        } catch (ServiceConfigurationError e) {
            if (e.getCause() instanceof InstantiationException) {
                return new ClientPipelineHook[0];
            }
            return null;
        }
    }

    private boolean isSecurityEnabled(PolicyMap policyMap, WSDLPort wSDLPort) {
        if (policyMap == null || wSDLPort == null) {
            return false;
        }
        try {
            Policy endpointEffectivePolicy = policyMap.getEndpointEffectivePolicy(PolicyMap.createWsdlEndpointScopeKey(wSDLPort.getOwner().getName(), wSDLPort.getName()));
            if (endpointEffectivePolicy != null && (endpointEffectivePolicy.contains(SecurityPolicyVersion.SECURITYPOLICY200507.namespaceUri) || endpointEffectivePolicy.contains(SecurityPolicyVersion.SECURITYPOLICY12NS.namespaceUri) || endpointEffectivePolicy.contains(SecurityPolicyVersion.SECURITYPOLICY200512.namespaceUri))) {
                return true;
            }
            Iterator<? extends WSDLBoundOperation> it = wSDLPort.getBinding().getBindingOperations().iterator();
            while (it.hasNext()) {
                PolicyMapKey createWsdlOperationScopeKey = PolicyMap.createWsdlOperationScopeKey(wSDLPort.getOwner().getName(), wSDLPort.getName(), it.next().getName());
                Policy operationEffectivePolicy = policyMap.getOperationEffectivePolicy(createWsdlOperationScopeKey);
                if (operationEffectivePolicy != null && (operationEffectivePolicy.contains(SecurityPolicyVersion.SECURITYPOLICY200507.namespaceUri) || operationEffectivePolicy.contains(SecurityPolicyVersion.SECURITYPOLICY12NS.namespaceUri))) {
                    return true;
                }
                Policy inputMessageEffectivePolicy = policyMap.getInputMessageEffectivePolicy(createWsdlOperationScopeKey);
                if (inputMessageEffectivePolicy != null && (inputMessageEffectivePolicy.contains(SecurityPolicyVersion.SECURITYPOLICY200507.namespaceUri) || inputMessageEffectivePolicy.contains(SecurityPolicyVersion.SECURITYPOLICY12NS.namespaceUri))) {
                    return true;
                }
                Policy outputMessageEffectivePolicy = policyMap.getOutputMessageEffectivePolicy(createWsdlOperationScopeKey);
                if (outputMessageEffectivePolicy != null && (outputMessageEffectivePolicy.contains(SecurityPolicyVersion.SECURITYPOLICY200507.namespaceUri) || outputMessageEffectivePolicy.contains(SecurityPolicyVersion.SECURITYPOLICY12NS.namespaceUri))) {
                    return true;
                }
                Policy faultMessageEffectivePolicy = policyMap.getFaultMessageEffectivePolicy(createWsdlOperationScopeKey);
                if (faultMessageEffectivePolicy != null && (faultMessageEffectivePolicy.contains(SecurityPolicyVersion.SECURITYPOLICY200507.namespaceUri) || faultMessageEffectivePolicy.contains(SecurityPolicyVersion.SECURITYPOLICY12NS.namespaceUri))) {
                    return true;
                }
            }
            return false;
        } catch (PolicyException e) {
            throw new WebServiceException(e);
        }
    }

    private Codec createSecurityCodec(WSBinding wSBinding) {
        return Codecs.createSOAPBindingCodec(wSBinding, new LazyStreamCodec(Codecs.createSOAPEnvelopeXmlCodec(wSBinding.getSOAPVersion())));
    }

    private static <P> P[] loadSPs(Class<P> cls) {
        return (P[]) ServiceFinder.find(cls).toArray();
    }

    private ServerPipelineHook[] getServerTubeLineHooks() {
        try {
            ServerPipelineHook[] serverPipelineHookArr = (ServerPipelineHook[]) loadSPs(ServerPipelineHook.class);
            if (serverPipelineHookArr == null) {
                return null;
            }
            if (serverPipelineHookArr.length > 0) {
                return serverPipelineHookArr;
            }
            return null;
        } catch (ServiceConfigurationError e) {
            if (e.getCause() instanceof InstantiationException) {
                return new ServerPipelineHook[0];
            }
            return null;
        }
    }

    private boolean isSecurityConfigPresent(ClientTubelineAssemblyContext clientTubelineAssemblyContext) {
        try {
            if (SecurityUtil.loadFromClasspath("META-INF/client_security_config.xml") != null) {
                return true;
            }
            return Boolean.getBoolean("USE_XWSS_SECURITY");
        } catch (Exception e) {
            return Boolean.getBoolean("USE_XWSS_SECURITY");
        }
    }

    private boolean isSecurityConfigPresent(ServerTubelineAssemblyContext serverTubelineAssemblyContext) {
        String localPart = serverTubelineAssemblyContext.getEndpoint().getServiceName().getLocalPart();
        Container container = serverTubelineAssemblyContext.getEndpoint().getContainer();
        Object obj = null;
        if (container != null) {
            try {
                obj = container.getSPI(Class.forName(SERVLET_CONTEXT_CLASSNAME));
            } catch (ClassNotFoundException e) {
            }
        }
        if (obj == null) {
            URL loadFromClasspath = SecurityUtil.loadFromClasspath("META-INF/server_security_config.xml");
            if (loadFromClasspath == null) {
                loadFromClasspath = SecurityUtil.loadFromClasspath("META-INF/" + localPart + "_security_config.xml");
            }
            return loadFromClasspath != null;
        }
        try {
            URL loadFromContext = SecurityUtil.loadFromContext("/WEB-INF/server_security_config.xml", obj);
            if (loadFromContext == null) {
                loadFromContext = SecurityUtil.loadFromContext("/WEB-INF/" + localPart + "_security_config.xml", obj);
            }
            return loadFromContext != null;
        } catch (XWSSecurityRuntimeException e2) {
            return false;
        }
    }

    private Tube initializeXWSSClientTube(ClientTubelineAssemblyContext clientTubelineAssemblyContext) {
        return new XWSSClientTube(clientTubelineAssemblyContext.getWsdlPort(), clientTubelineAssemblyContext.getService(), clientTubelineAssemblyContext.getBinding(), clientTubelineAssemblyContext.getTubelineHead());
    }

    private Tube initializeXWSSServerTube(ServerTubelineAssemblyContext serverTubelineAssemblyContext) {
        return new XWSSServerTube(serverTubelineAssemblyContext.getEndpoint(), serverTubelineAssemblyContext.getWsdlPort(), serverTubelineAssemblyContext.getTubelineHead());
    }

    private Tube createSecurityTube(ServerTubelineAssemblyContext serverTubelineAssemblyContext) {
        HashMap hashMap = new HashMap();
        hashMap.put("POLICY", serverTubelineAssemblyContext.getPolicyMap());
        hashMap.put("SEI_MODEL", serverTubelineAssemblyContext.getSEIModel());
        hashMap.put("WSDL_MODEL", serverTubelineAssemblyContext.getWsdlPort());
        hashMap.put("ENDPOINT", serverTubelineAssemblyContext.getEndpoint());
        hashMap.put("NEXT_PIPE", serverTubelineAssemblyContext.getAdaptedTubelineHead());
        try {
            ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
            Class<?> loadClass = contextClassLoader != null ? contextClassLoader.loadClass(GF_SERVER_SEC_PIPE) : Class.forName(GF_SERVER_SEC_PIPE);
            if (loadClass != null) {
                Constructor<?>[] declaredConstructors = loadClass.getDeclaredConstructors();
                Constructor<?> constructor = null;
                for (int i = 0; i < declaredConstructors.length; i++) {
                    constructor = declaredConstructors[i];
                    if (constructor.getParameterTypes()[0].equals(Map.class)) {
                        break;
                    }
                }
                if (constructor != null) {
                    return PipeAdapter.adapt((Pipe) constructor.newInstance(hashMap, serverTubelineAssemblyContext.getAdaptedTubelineHead(), false));
                }
            }
            return serverTubelineAssemblyContext.getTubelineHead();
        } catch (ClassNotFoundException e) {
            throw new WebServiceException(e);
        } catch (IllegalAccessException e2) {
            throw new WebServiceException(e2);
        } catch (IllegalArgumentException e3) {
            throw new WebServiceException(e3);
        } catch (InstantiationException e4) {
            throw new WebServiceException(e4);
        } catch (SecurityException e5) {
            throw new WebServiceException(e5);
        } catch (InvocationTargetException e6) {
            throw new WebServiceException(e6);
        }
    }

    private void initializeJMAC() {
        final ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
        AccessController.doPrivileged(new PrivilegedAction() { // from class: com.sun.xml.wss.provider.wsit.SecurityTubeFactory.1
            @Override // java.security.PrivilegedAction
            public Object run() {
                AuthConfigFactory factory = AuthConfigFactory.getFactory();
                if (factory != null && (factory instanceof JMACAuthConfigFactory)) {
                    return null;
                }
                AuthConfigFactory.setFactory(new JMACAuthConfigFactory(contextClassLoader));
                return null;
            }
        });
    }
}
