package com.ibm.ws.wssecurity.wssapi.token.impl;

import com.ibm.websphere.management.application.AppConstants;
import com.ibm.websphere.wssecurity.wssapi.WSSException;
import com.ibm.websphere.wssecurity.wssapi.token.BinarySecurityToken;
import com.ibm.websphere.wssecurity.wssapi.token.GenericSecurityToken;
import com.ibm.websphere.wssecurity.wssapi.token.GenericSecurityTokenFactory;
import com.ibm.websphere.wssecurity.wssapi.token.SecurityToken;
import com.ibm.websphere.wssecurity.wssapi.token.UsernameToken;
import com.ibm.websphere.wssecurity.wssapi.token.X509Token;
import com.ibm.ws.wssecurity.token.UTC;
import com.ibm.ws.wssecurity.util.ConfigUtil;
import com.ibm.ws.wssecurity.util.DOMUtils;
import com.ibm.ws.wssecurity.util.IdUtils;
import com.ibm.ws.wssecurity.util.NonceUtil;
import com.ibm.ws.wssecurity.util.TokenUtils;
import com.ibm.ws.wssecurity.util.Tr;
import com.ibm.ws.wssecurity.util.TraceComponent;
import com.ibm.ws.wssecurity.util.WSSecurityFactoryBuilder;
import com.ibm.ws.wssecurity.wssapi.WSSUtil;
import com.ibm.ws.wssecurity.xml.xss4j.dsig.util.Base64;
import com.ibm.wsspi.wssecurity.wssapi.OMStructure;
import com.ibm.wsspi.wssecurity.wssapi.OMStructureFactory;
import java.io.InputStream;
import java.security.AccessController;
import java.security.Key;
import java.security.PrivilegedAction;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Map;
import javax.security.auth.login.LoginException;
import javax.xml.namespace.QName;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.impl.dom.factory.OMDOMFactory;
import org.w3c.dom.Element;

/* loaded from: input_file:com/ibm/ws/wssecurity/wssapi/token/impl/GenericSecurityTokenFactoryImpl.class */
public class GenericSecurityTokenFactoryImpl extends GenericSecurityTokenFactory {
    private static final String comp = "security.wssecurity";
    private static OMStructureFactory omsFactory;
    private static final TraceComponent tc = Tr.register(GenericIssuedTokenGenerateLoginModule.class, "Web Services Security", "com.ibm.ws.wssecurity.resources.wssmessages");
    private static final String clsName = GenericSecurityTokenFactoryImpl.class.getName();

    @Override // com.ibm.websphere.wssecurity.wssapi.token.GenericSecurityTokenFactory
    public GenericSecurityToken getToken() {
        return new GenericSecurityTokenImpl();
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.GenericSecurityTokenFactory
    public GenericSecurityToken getToken(OMStructure oMStructure, QName qName) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getToken OMStructure[" + ConfigUtil.getObjType(oMStructure) + "]");
        }
        GenericSecurityTokenImpl genericSecurityTokenImpl = new GenericSecurityTokenImpl();
        if (oMStructure != null) {
            genericSecurityTokenImpl.setXML(oMStructure);
        }
        if (qName != null) {
            genericSecurityTokenImpl.setValueType(qName);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getToken OMStructure");
        }
        return genericSecurityTokenImpl;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.GenericSecurityTokenFactory
    public GenericSecurityToken getToken(OMElement oMElement, QName qName) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getToken OMElement[" + ConfigUtil.getObjType(oMElement) + "]");
        }
        GenericSecurityToken genericSecurityToken = null;
        if (oMElement != null) {
            genericSecurityToken = getToken(omsFactory.getOMStructure(oMElement), qName);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getToken OMElement");
        }
        return genericSecurityToken;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.GenericSecurityTokenFactory
    public GenericSecurityToken getToken(Element element, QName qName) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getToken Element[" + ConfigUtil.getObjType(element) + "]");
        }
        GenericSecurityToken genericSecurityToken = null;
        if (element != null) {
            genericSecurityToken = getToken(omsFactory.getOMStructure(element), qName);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getToken Element");
        }
        return genericSecurityToken;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.GenericSecurityTokenFactory
    public GenericSecurityToken getToken(String str, QName qName) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getToken String[" + ConfigUtil.getObjType(str) + "]");
        }
        GenericSecurityToken genericSecurityToken = null;
        if (str != null) {
            genericSecurityToken = getToken(omsFactory.getOMStructure(str), qName);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getToken String");
        }
        return genericSecurityToken;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.GenericSecurityTokenFactory
    public GenericSecurityToken getToken(InputStream inputStream, QName qName) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getToken InputStream[" + ConfigUtil.getObjType(inputStream) + "]");
        }
        GenericSecurityToken genericSecurityToken = null;
        if (inputStream != null) {
            genericSecurityToken = getToken(omsFactory.getOMStructure(inputStream), qName);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getToken InputStream");
        }
        return genericSecurityToken;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.GenericSecurityTokenFactory
    public UsernameToken getSimpleUsernameToken(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSimpleUsernameToken username[" + str + "]");
        }
        return getSimpleUsernameToken(str, null);
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.GenericSecurityTokenFactory
    public UsernameToken getSimpleUsernameToken(String str, char[] cArr) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSimpleUsernameToken username[" + str + "], password[" + ConfigUtil.getObjState(cArr) + "]");
        }
        UsernameTokenImpl usernameTokenImpl = new UsernameTokenImpl();
        if (ConfigUtil.hasValue(str)) {
            usernameTokenImpl.setUsername(str);
        }
        if (cArr != null && cArr.length != 0) {
            usernameTokenImpl.setPassword(cArr);
        }
        return usernameTokenImpl;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.GenericSecurityTokenFactory
    public UsernameToken getFullUsernameToken(String str) throws LoginException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getFullUsernameToken username[" + str + "]");
        }
        return getFullUsernameToken(str, null, false, false, false);
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.GenericSecurityTokenFactory
    public UsernameToken getFullUsernameToken(String str, char[] cArr) throws LoginException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getFullUsernameToken username[" + str + "], password[" + ConfigUtil.getObjState(cArr) + "]");
        }
        return getFullUsernameToken(str, cArr, false, false, false);
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.GenericSecurityTokenFactory
    public UsernameToken getFullUsernameToken(String str, char[] cArr, boolean z) throws LoginException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getFullUsernameToken username[" + str + "], password[" + ConfigUtil.getObjState(cArr) + "], useTimestamp[" + z + "])");
        }
        return getFullUsernameToken(str, cArr, z, false, false);
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.GenericSecurityTokenFactory
    public UsernameToken getFullUsernameToken(final String str, final char[] cArr, boolean z, boolean z2, boolean z3) throws LoginException {
        String text;
        String text2;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getFullUsernameToken username[" + str + "], password[" + ConfigUtil.getObjState(cArr) + "], useTimestamp[" + z + "], addNonce[" + z2 + "], passwordDigest[" + z3 + "])");
        }
        final UsernameTokenImpl usernameTokenImpl = (UsernameTokenImpl) TokenFactoryFactory.getTokenFactory((String) WSSecurityFactoryBuilder.getImplClassName("com.ibm.ws.wssecurity.platform.UsernameToken")).getToken(true);
        AccessController.doPrivileged(new PrivilegedAction() { // from class: com.ibm.ws.wssecurity.wssapi.token.impl.GenericSecurityTokenFactoryImpl.1
            @Override // java.security.PrivilegedAction
            public Object run() {
                if (str != null) {
                    usernameTokenImpl.setUsername(str);
                }
                if (cArr == null) {
                    return null;
                }
                usernameTokenImpl.setPassword(cArr);
                return null;
            }
        });
        OMElement createOMTokenElement = UNTGenerateLoginModule.createOMTokenElement(new OMDOMFactory(), null, str, cArr, createUniqueId(), z2, z, 0, null, z3);
        OMStructure oMStructure = omsFactory.getOMStructure(createOMTokenElement);
        byte[] bArr = new byte[0];
        Date date = null;
        if (z2) {
            try {
                OMElement nonce = NonceUtil.getNonce(createOMTokenElement, ConfigUtil.getWsseNamespace());
                if (nonce != null && (text = nonce.getText()) != null) {
                    bArr = Base64.decode(text);
                }
            } catch (Exception e) {
            }
        }
        if (z) {
            try {
                OMElement lastElement = DOMUtils.getLastElement(createOMTokenElement, "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "Created");
                if (lastElement != null && (text2 = lastElement.getText()) != null) {
                    date = UTC.parse(text2);
                }
            } catch (Exception e2) {
            }
        }
        if (date != null || bArr.length != 0) {
            try {
                final byte[] bArr2 = bArr;
                final Date date2 = date;
                AccessController.doPrivileged(new PrivilegedAction() { // from class: com.ibm.ws.wssecurity.wssapi.token.impl.GenericSecurityTokenFactoryImpl.2
                    @Override // java.security.PrivilegedAction
                    public Object run() {
                        if (date2 != null) {
                            usernameTokenImpl.setCreatedTime(date2);
                        }
                        if (bArr2.length == 0) {
                            return null;
                        }
                        usernameTokenImpl.setNonce(bArr2);
                        return null;
                    }
                });
            } catch (Exception e3) {
            }
        }
        usernameTokenImpl.setXML(oMStructure);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getFullUsernameToken returns[" + ConfigUtil.getObjType(usernameTokenImpl) + "]");
        }
        return usernameTokenImpl;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.GenericSecurityTokenFactory
    public X509Token getSimpleX509PublicToken(X509Certificate x509Certificate) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSimpleX509PublicToken certificate[" + ConfigUtil.getObjType(x509Certificate) + "]");
        }
        return getSimpleX509Token(x509Certificate, null);
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.GenericSecurityTokenFactory
    public X509Token getSimpleX509PrivateToken(X509Certificate x509Certificate, Key key) throws WSSException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSimpleX509PrivateToken certificate[" + ConfigUtil.getObjType(x509Certificate) + "], privateKey[" + ConfigUtil.getObjType(key) + "]");
        }
        if (key == null) {
            throw new WSSException("privateKey cannot be null");
        }
        return getSimpleX509Token(x509Certificate, key);
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.GenericSecurityTokenFactory
    public X509Token getSimpleX509Token(X509Certificate x509Certificate, Key key) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSimpleX509Token certificate[" + ConfigUtil.getObjType(x509Certificate) + "], privateKey[" + ConfigUtil.getObjType(key) + "]");
        }
        X509TokenImpl x509TokenImpl = new X509TokenImpl();
        if (x509Certificate != null) {
            x509TokenImpl.setCertificate(x509Certificate);
            x509TokenImpl.setIssuerName(x509Certificate.getIssuerDN().getName());
            x509TokenImpl.setIssuerSerial(x509Certificate.getSerialNumber().toString());
            x509TokenImpl.setKey(62, x509Certificate.getPublicKey());
            x509TokenImpl.setKey(63, x509Certificate.getPublicKey());
            x509TokenImpl.setId(x509TokenImpl.getIssuerName() + ":" + x509TokenImpl.getIssuerSerial());
        }
        if (key != null) {
            x509TokenImpl.setKey(64, key);
            x509TokenImpl.setKey(61, key);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSimpleX509Token returns[" + ConfigUtil.getObjType(x509TokenImpl) + "]");
        }
        return x509TokenImpl;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.GenericSecurityTokenFactory
    public BinarySecurityToken getSimpleBinarySecurityToken(Class cls, byte[] bArr) throws WSSException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSimpleBinarySecurityToken tokenClass[" + ConfigUtil.getObjType(cls) + "], binary[" + ConfigUtil.getObjState(bArr) + "]");
        }
        SecurityToken newSecurityToken = WSSUtil.newSecurityToken(cls);
        if (newSecurityToken == null || !(newSecurityToken instanceof BinarySecurityTokenImpl)) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "token is [" + (newSecurityToken == null ? AppConstants.NULL_STRING : newSecurityToken.getClass().getName()) + "]");
            }
            if (newSecurityToken == null) {
                throw new WSSException("Token received is null");
            }
            throw new WSSException("Token received is not an instance of a BinarySecurityTokenImpl");
        }
        BinarySecurityTokenImpl binarySecurityTokenImpl = (BinarySecurityTokenImpl) newSecurityToken;
        binarySecurityTokenImpl.setBinary(bArr);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSimpleBinarySecurityToken returns[" + ConfigUtil.getObjType(binarySecurityTokenImpl) + "]");
        }
        return binarySecurityTokenImpl;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.GenericSecurityTokenFactory
    public String createUniqueId() {
        return IdUtils.getInstance().makeUniqueId("cust_");
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.GenericSecurityTokenFactory
    public SecurityToken getGeneratorTokenFromSharedState(Map map, QName qName) {
        return TokenUtils.getOneTokenFromSharedState(map, qName, true);
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.GenericSecurityTokenFactory
    public SecurityToken getConsumerTokenFromSharedState(Map map, QName qName) {
        return TokenUtils.getOneTokenFromSharedState(map, qName, false);
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.GenericSecurityTokenFactory
    public void putGeneratorTokenToSharedState(Map map, SecurityToken securityToken) {
        putTokenToSharedState(map, securityToken, true);
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.GenericSecurityTokenFactory
    public void putConsumerTokenToSharedState(Map map, SecurityToken securityToken) {
        putTokenToSharedState(map, securityToken, false);
    }

    public void putTokenToSharedState(Map map, SecurityToken securityToken, boolean z) {
        TokenUtils.putTokenToSharedState(map, securityToken, z);
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.GenericSecurityTokenFactory
    public void putAuthenticatedTokenToSharedState(Map map, SecurityToken securityToken) {
        TokenUtils.putAuthenticatedTokenToSharedState(map, securityToken);
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.GenericSecurityTokenFactory
    public void putBehalfOfTokenToSharedState(Map map, SecurityToken securityToken) {
        TokenUtils.putBehalfOfTokenToSharedState(map, securityToken);
    }

    static {
        omsFactory = null;
        try {
            omsFactory = OMStructureFactory.getInstance();
        } catch (Exception e) {
        }
    }
}
