package com.ibm.ws.wssecurity.handler;

import com.ibm.ws.wssecurity.common.Constants0;
import com.ibm.ws.wssecurity.platform.auth.SecureConversationCacheHelper;
import com.ibm.ws.wssecurity.util.Axis2Util;
import com.ibm.ws.wssecurity.util.CommonLogUtils;
import com.ibm.ws.wssecurity.util.KRB5TokenCacheUtil;
import com.ibm.ws.wssecurity.util.Tr;
import com.ibm.ws.wssecurity.util.TraceComponent;
import com.ibm.ws.wssecurity.util.UNTokenCacheUtil;
import com.ibm.ws.wssecurity.xml.xss4j.domutil.DOMUtil;
import java.security.AccessController;
import java.security.PrivilegedAction;
import org.apache.axiom.om.OMDocument;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.soap.SOAPEnvelope;
import org.apache.axiom.soap.SOAPFault;
import org.apache.axiom.soap.SOAPFaultCode;
import org.apache.axiom.soap.SOAPFaultDetail;
import org.apache.axiom.soap.SOAPFaultSubCode;
import org.apache.axis2.AxisFault;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.engine.Handler;
import org.apache.axis2.handlers.AbstractHandler;

/* loaded from: input_file:com/ibm/ws/wssecurity/handler/WSSecurityInFaultHandler.class */
public class WSSecurityInFaultHandler extends AbstractHandler {
    private static final String comp = "security.wssecurity";
    private static final TraceComponent tc = Tr.register(WSSecurityInFaultHandler.class, "Web Services Security", "com.ibm.ws.wssecurity.resources.wssmessages");
    private static final String clsName = WSSecurityInFaultHandler.class.getName();

    @Override // org.apache.axis2.engine.Handler
    public Handler.InvocationResponse invoke(final MessageContext messageContext) throws AxisFault {
        final String faultLocalName;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "invoke(MessageContext msgContext)" + messageContext);
        }
        try {
            if (!Axis2Util.isServiceProvider(messageContext) && (faultLocalName = getFaultLocalName(messageContext)) != null) {
                AccessController.doPrivileged(new PrivilegedAction() { // from class: com.ibm.ws.wssecurity.handler.WSSecurityInFaultHandler.1
                    @Override // java.security.PrivilegedAction
                    public Object run() {
                        if (faultLocalName.equals(com.ibm.ws.wssecurity.common.Constants.SC_FAULT_BAD_CONTEXT_TOKEN_TXT)) {
                            if (WSSecurityInFaultHandler.tc.isDebugEnabled()) {
                                Tr.debug(WSSecurityInFaultHandler.tc, "Invalidating SCT entry in the client cache.");
                            }
                            SecureConversationCacheHelper.invalidateCache(messageContext);
                            return null;
                        }
                        if (Constants0.INVALID_SECURITY_TOKEN_QNAME.equals(faultLocalName) || Constants0.SECURITY_TOKEN_UNAVAILABLE_QNAME.equals(faultLocalName)) {
                            KRB5TokenCacheUtil.invalidatetKRB5TokenFromCache(messageContext);
                            return null;
                        }
                        if (!Constants0.FAILED_AUTHENTICATION_QNAME.equals(faultLocalName)) {
                            return null;
                        }
                        if (WSSecurityInFaultHandler.tc.isDebugEnabled()) {
                            Tr.debug(WSSecurityInFaultHandler.tc, "Invalidating UNToken entry in the client cache.");
                        }
                        UNTokenCacheUtil.invalidatetUNTokenFromCache(messageContext);
                        return null;
                    }
                });
            }
        } catch (Exception e) {
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "invoke(MessageContext msgContext)" + messageContext);
        }
        return Handler.InvocationResponse.CONTINUE;
    }

    private String getFaultLocalName(MessageContext messageContext) {
        OMElement firstElement;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getFaultLocalName(MessageContext msgContext)");
        }
        String str = null;
        try {
            SOAPEnvelope envelope = messageContext.getEnvelope();
            SOAPFault fault = envelope.getBody().getFault();
            OMDocument ownerDocument = DOMUtil.getOwnerDocument(envelope);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "The fault message to be processed :");
                CommonLogUtils.logDebug(ownerDocument.getOMDocumentElement(), tc);
            }
            SOAPFaultDetail detail = fault.getDetail();
            String str2 = null;
            if (detail != null && (firstElement = detail.getFirstElement()) != null) {
                str2 = firstElement.getText();
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Fault Detail = " + str2);
            }
            SOAPFaultCode code = fault.getCode();
            SOAPFaultSubCode subCode = code.getSubCode();
            if (subCode == null) {
                str = code.getTextAsQName().getLocalPart();
            } else {
                while (subCode.getSubCode() != null) {
                    subCode = subCode.getSubCode();
                }
                str = subCode.getValue().getTextAsQName().getLocalPart();
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "SOAP Fault = " + code.getText());
                Tr.debug(tc, "Fault local name = " + str);
                Tr.debug(tc, "Fault name space = " + code.getTextAsQName().getNamespaceURI());
            }
            String text = fault.getReason().getText();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Fault reason = " + text);
            }
        } catch (Exception e) {
            if (tc.isDebugEnabled()) {
                e.printStackTrace();
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getFaultLocalName(MessageContext msgContext) returns result = " + str);
        }
        return str;
    }
}
