package org.globus.wsrf.impl.security.util;

import java.io.IOException;
import java.io.ObjectOutputStream;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.Set;
import java.util.StringTokenizer;
import java.util.Vector;
import javax.security.auth.Subject;
import javax.xml.namespace.QName;
import javax.xml.rpc.Stub;
import javax.xml.rpc.handler.MessageContext;
import javax.xml.soap.SOAPHeaderElement;
import org.apache.axis.AxisFault;
import org.apache.axis.description.OperationDesc;
import org.apache.axis.handlers.soap.SOAPService;
import org.apache.axis.message.MessageElement;
import org.apache.axis.message.addressing.AddressingHeaders;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.xml.security.algorithms.MessageDigestAlgorithm;
import org.apache.xml.security.c14n.CanonicalizationException;
import org.apache.xml.security.c14n.Canonicalizer;
import org.apache.xml.security.c14n.InvalidCanonicalizerException;
import org.apache.xml.security.signature.XMLSignatureException;
import org.apache.xml.security.utils.Base64;
import org.globus.gsi.jaas.GlobusPrincipal;
import org.globus.util.I18n;
import org.globus.wsrf.NoResourceHomeException;
import org.globus.wsrf.ResourceContext;
import org.globus.wsrf.ResourceContextException;
import org.globus.wsrf.config.ConfigException;
import org.globus.wsrf.impl.security.authorization.Authorization;
import org.globus.wsrf.impl.security.authorization.HostAuthorization;
import org.globus.wsrf.impl.security.authorization.IdentityAuthorization;
import org.globus.wsrf.impl.security.authorization.NoAuthorization;
import org.globus.wsrf.impl.security.authorization.SelfAuthorization;
import org.globus.wsrf.impl.security.descriptor.ContainerSecurityConfig;
import org.globus.wsrf.impl.security.descriptor.SecurityConfig;
import org.globus.wsrf.impl.security.descriptor.ServiceSecurityConfig;
import org.globus.wsrf.security.Constants;
import org.globus.wsrf.security.SecurityException;
import org.globus.wsrf.utils.ContextUtils;
import org.globus.wsrf.utils.XmlUtils;
import org.ietf.jgss.GSSCredential;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/wsrf-core-4.0.4.jar:org/globus/wsrf/impl/security/util/AuthUtil.class
 */
/* loaded from: input_file:WEB-INF/lib/ghn-core-runtime-1.0.0.jar:org/globus/wsrf/impl/security/util/AuthUtil.class */
public class AuthUtil {
    private static Log logger;
    private static I18n i18n;
    public static final String EPR_DELIMITER = "?";
    static Class class$org$globus$wsrf$impl$security$util$AuthUtil;
    static Class class$org$ietf$jgss$GSSCredential;
    static Class class$org$globus$wsrf$impl$security$authorization$Authorization;
    static Class class$org$globus$wsrf$impl$security$authorization$NoAuthorization;
    static Class class$org$globus$wsrf$impl$security$authorization$SelfAuthorization;
    static Class class$org$globus$wsrf$impl$security$authorization$GridMapAuthorization;
    static Class class$org$globus$wsrf$impl$security$authorization$IdentityAuthorization;
    static Class class$org$globus$wsrf$impl$security$authorization$HostAuthorization;
    static Class class$org$globus$wsrf$impl$security$authorization$SAMLAuthorizationCallout;
    static Class class$org$globus$wsrf$impl$security$authorization$UsernameAuthorization;
    static Class class$org$globus$gsi$jaas$GlobusPrincipal;

    public static GSSCredential getCredential(MessageContext messageContext) throws SecurityException {
        Class cls;
        Object property = messageContext.getProperty("org.globus.gsi.credentials");
        if (property == null || (property instanceof GSSCredential)) {
            return (GSSCredential) property;
        }
        I18n i18n2 = i18n;
        Object[] objArr = new Object[2];
        objArr[0] = "org.globus.gsi.credentials";
        if (class$org$ietf$jgss$GSSCredential == null) {
            cls = class$("org.ietf.jgss.GSSCredential");
            class$org$ietf$jgss$GSSCredential = cls;
        } else {
            cls = class$org$ietf$jgss$GSSCredential;
        }
        objArr[1] = cls.getName();
        throw new SecurityException(i18n2.getMessage("invalidType", objArr));
    }

    public static Authorization getClientAuthorization(MessageContext messageContext) throws SecurityException {
        Class cls;
        Object property = messageContext.getProperty(Constants.AUTHORIZATION);
        if (property == null || (property instanceof Authorization)) {
            return (Authorization) property;
        }
        I18n i18n2 = i18n;
        Object[] objArr = new Object[2];
        objArr[0] = Constants.AUTHORIZATION;
        if (class$org$globus$wsrf$impl$security$authorization$Authorization == null) {
            cls = class$("org.globus.wsrf.impl.security.authorization.Authorization");
            class$org$globus$wsrf$impl$security$authorization$Authorization = cls;
        } else {
            cls = class$org$globus$wsrf$impl$security$authorization$Authorization;
        }
        objArr[1] = cls.getName();
        throw new SecurityException(i18n2.getMessage("invalidType", objArr));
    }

    public static Authorization getClientAuthorization(String str) {
        if (str == null) {
            return null;
        }
        return str.equals("none") ? NoAuthorization.getInstance() : str.equals(Authorization.AUTHZ_SELF) ? new SelfAuthorization() : str.equals("host") ? HostAuthorization.getInstance() : new IdentityAuthorization(str);
    }

    public static String getPDPName(String str) {
        Class cls;
        Class cls2;
        Class cls3;
        Class cls4;
        Class cls5;
        Class cls6;
        Class cls7;
        if (str == null) {
            return null;
        }
        if (str.equals("none")) {
            StringBuffer append = new StringBuffer().append("noneAuthz:");
            if (class$org$globus$wsrf$impl$security$authorization$NoAuthorization == null) {
                cls7 = class$("org.globus.wsrf.impl.security.authorization.NoAuthorization");
                class$org$globus$wsrf$impl$security$authorization$NoAuthorization = cls7;
            } else {
                cls7 = class$org$globus$wsrf$impl$security$authorization$NoAuthorization;
            }
            return append.append(cls7.getName()).toString();
        }
        if (str.equals(Authorization.AUTHZ_SELF)) {
            StringBuffer append2 = new StringBuffer().append("selfAuthz:");
            if (class$org$globus$wsrf$impl$security$authorization$SelfAuthorization == null) {
                cls6 = class$("org.globus.wsrf.impl.security.authorization.SelfAuthorization");
                class$org$globus$wsrf$impl$security$authorization$SelfAuthorization = cls6;
            } else {
                cls6 = class$org$globus$wsrf$impl$security$authorization$SelfAuthorization;
            }
            return append2.append(cls6.getName()).toString();
        }
        if (str.equals("gridmap")) {
            StringBuffer append3 = new StringBuffer().append("gridmapAuthz:");
            if (class$org$globus$wsrf$impl$security$authorization$GridMapAuthorization == null) {
                cls5 = class$("org.globus.wsrf.impl.security.authorization.GridMapAuthorization");
                class$org$globus$wsrf$impl$security$authorization$GridMapAuthorization = cls5;
            } else {
                cls5 = class$org$globus$wsrf$impl$security$authorization$GridMapAuthorization;
            }
            return append3.append(cls5.getName()).toString();
        }
        if (str.equals("identity")) {
            StringBuffer append4 = new StringBuffer().append("idenAuthz:");
            if (class$org$globus$wsrf$impl$security$authorization$IdentityAuthorization == null) {
                cls4 = class$("org.globus.wsrf.impl.security.authorization.IdentityAuthorization");
                class$org$globus$wsrf$impl$security$authorization$IdentityAuthorization = cls4;
            } else {
                cls4 = class$org$globus$wsrf$impl$security$authorization$IdentityAuthorization;
            }
            return append4.append(cls4.getName()).toString();
        }
        if (str.equals("host")) {
            StringBuffer append5 = new StringBuffer().append("hostAuthz:");
            if (class$org$globus$wsrf$impl$security$authorization$HostAuthorization == null) {
                cls3 = class$("org.globus.wsrf.impl.security.authorization.HostAuthorization");
                class$org$globus$wsrf$impl$security$authorization$HostAuthorization = cls3;
            } else {
                cls3 = class$org$globus$wsrf$impl$security$authorization$HostAuthorization;
            }
            return append5.append(cls3.getName()).toString();
        }
        if (str.equals(Authorization.AUTHZ_SAML)) {
            StringBuffer append6 = new StringBuffer().append("samlAuthz:");
            if (class$org$globus$wsrf$impl$security$authorization$SAMLAuthorizationCallout == null) {
                cls2 = class$("org.globus.wsrf.impl.security.authorization.SAMLAuthorizationCallout");
                class$org$globus$wsrf$impl$security$authorization$SAMLAuthorizationCallout = cls2;
            } else {
                cls2 = class$org$globus$wsrf$impl$security$authorization$SAMLAuthorizationCallout;
            }
            return append6.append(cls2.getName()).toString();
        }
        if (!str.equals(Authorization.AUTHZ_USERNAME)) {
            return str;
        }
        StringBuffer append7 = new StringBuffer().append("userNameAuthz:");
        if (class$org$globus$wsrf$impl$security$authorization$UsernameAuthorization == null) {
            cls = class$("org.globus.wsrf.impl.security.authorization.UsernameAuthorization");
            class$org$globus$wsrf$impl$security$authorization$UsernameAuthorization = cls;
        } else {
            cls = class$org$globus$wsrf$impl$security$authorization$UsernameAuthorization;
        }
        return append7.append(cls.getName()).toString();
    }

    public static String substitutePDPNames(String str) {
        if (str == null) {
            return null;
        }
        StringTokenizer stringTokenizer = new StringTokenizer(str);
        if (!stringTokenizer.hasMoreTokens()) {
            return null;
        }
        StringBuffer stringBuffer = new StringBuffer(getPDPName(stringTokenizer.nextToken()));
        while (stringTokenizer.hasMoreTokens()) {
            stringBuffer.append(" ").append(getPDPName(stringTokenizer.nextToken()));
        }
        return stringBuffer.toString();
    }

    public static String getIdentity(Subject subject) {
        Class cls;
        if (subject == null) {
            return null;
        }
        if (class$org$globus$gsi$jaas$GlobusPrincipal == null) {
            cls = class$("org.globus.gsi.jaas.GlobusPrincipal");
            class$org$globus$gsi$jaas$GlobusPrincipal = cls;
        } else {
            cls = class$org$globus$gsi$jaas$GlobusPrincipal;
        }
        Set principals = subject.getPrincipals(cls);
        if (principals == null || principals.isEmpty()) {
            return null;
        }
        return ((GlobusPrincipal) principals.iterator().next()).toString();
    }

    public static URL getEndpointAddressURL(MessageContext messageContext) throws MalformedURLException {
        return new URL(getEndpointAddress(messageContext));
    }

    public static String getEndpointAddress(MessageContext messageContext) {
        String str = (String) messageContext.getProperty("transport.url");
        if (str == null) {
            str = (String) messageContext.getProperty(Stub.ENDPOINT_ADDRESS_PROPERTY);
        }
        return str;
    }

    public static QName getOperationName(org.apache.axis.MessageContext messageContext) throws AxisFault, SecurityException {
        QName qName = messageContext.getCurrentMessage().getSOAPEnvelope().getFirstBody().getQName();
        logger.debug(new StringBuffer().append("Trying to find ").append(qName).toString());
        SOAPService service = messageContext.getService();
        if (service == null) {
            throw new AxisFault(org.apache.axis.Constants.QNAME_NO_SERVICE_FAULT_CODE, i18n.getMessage("noService", messageContext.getTargetService()), (String) null, (Element[]) null);
        }
        ArrayList operations = service.getServiceDescription().getOperations();
        for (int i = 0; i < operations.size(); i++) {
            OperationDesc operationDesc = (OperationDesc) operations.get(i);
            logger.debug(new StringBuffer().append("Operation in question ").append(operationDesc.getElementQName()).toString());
            if (operationDesc.getParamByQName(qName) != null) {
                return operationDesc.getElementQName();
            }
        }
        throw new SecurityException(i18n.getMessage("operationNameIndeterminate"));
    }

    public static String getSecurityDescFile(String str) throws SecurityException {
        org.apache.axis.MessageContext currentContext = org.apache.axis.MessageContext.getCurrentContext();
        if (currentContext != null) {
            return getSecurityDescFile(currentContext, str);
        }
        return null;
    }

    public static String getSecurityDescFile(org.apache.axis.MessageContext messageContext, String str) throws SecurityException {
        try {
            return (String) ContextUtils.getServiceProperty(messageContext, str, SecurityConfig.SECURITY_DESCRIPTOR);
        } catch (AxisFault e) {
            throw new SecurityException((Throwable) e);
        }
    }

    public static void initializeSecurityDesc(org.apache.axis.MessageContext messageContext, String str) throws SecurityException {
        try {
            ContainerSecurityConfig.getConfig();
            String securityDescFile = getSecurityDescFile(messageContext, str);
            logger.debug(new StringBuffer().append("Descriptor file for ").append(str).append(" is ").append(securityDescFile).toString());
            ServiceSecurityConfig.initialize(str, securityDescFile);
        } catch (ConfigException e) {
            throw new SecurityException(e);
        }
    }

    public static AddressingHeaders getAddressingHeaders(org.apache.axis.MessageContext messageContext) {
        return (AddressingHeaders) messageContext.getProperty(org.apache.axis.message.addressing.Constants.ENV_ADDRESSING_REQUEST_HEADERS);
    }

    public static String getEPRAsString(org.apache.axis.MessageContext messageContext) throws SecurityException {
        return getEPRAsString(getAddressingHeaders(messageContext), messageContext);
    }

    public static String getEPRAsString(AddressingHeaders addressingHeaders, org.apache.axis.MessageContext messageContext) throws SecurityException {
        if (addressingHeaders == null) {
            throw new IllegalArgumentException(i18n.getMessage("noAddHeader"));
        }
        String to = addressingHeaders.getTo().toString();
        return addressingHeaders.getReferenceProperties().size() == 0 ? to : getEPRAsString(to, messageContext);
    }

    public static String getEPRAsString(String str, org.apache.axis.MessageContext messageContext) throws SecurityException {
        try {
            return getEPRAsString(getResourceHeader(messageContext), str);
        } catch (NoResourceHomeException e) {
            if (logger.isDebugEnabled()) {
                logger.debug(new StringBuffer().append("Found no resource home for service ").append(str).toString(), e);
            }
            return str;
        } catch (ResourceContextException e2) {
            throw new SecurityException(i18n.getMessage("resourceHeaderError"), e2);
        }
    }

    public static String getEPRAsString(SOAPHeaderElement sOAPHeaderElement, String str) throws SecurityException {
        String resourceHeaderDigest = getResourceHeaderDigest(sOAPHeaderElement);
        if (resourceHeaderDigest != null) {
            str = new StringBuffer().append(str).append("?").append(URLEncoder.encode(resourceHeaderDigest)).toString();
        }
        logger.debug(new StringBuffer().append("EPR is : ").append(str).toString());
        return str;
    }

    public static String getResourceHeaderDigest(org.apache.axis.MessageContext messageContext) throws SecurityException {
        if (messageContext == null) {
            throw new IllegalArgumentException(i18n.getMessage("noContext"));
        }
        try {
            return getResourceHeaderDigest(getResourceHeader(messageContext));
        } catch (ResourceContextException e) {
            throw new SecurityException(i18n.getMessage("resourceHeaderError"), e);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    public static String getResourceHeaderDigest(SOAPHeaderElement sOAPHeaderElement) throws SecurityException {
        if (sOAPHeaderElement == 0) {
            return null;
        }
        try {
            Document newDocument = XmlUtils.newDocument();
            try {
                byte[] canonicalizeSubtree = Canonicalizer.getInstance("http://www.w3.org/2001/10/xml-exc-c14n#").canonicalizeSubtree((Element) newDocument.importNode(((MessageElement) sOAPHeaderElement).getAsDOM(), true));
                try {
                    MessageDigestAlgorithm messageDigestAlgorithm = MessageDigestAlgorithm.getInstance(newDocument, "http://www.w3.org/2000/09/xmldsig#sha1");
                    messageDigestAlgorithm.reset();
                    messageDigestAlgorithm.update(canonicalizeSubtree);
                    return Base64.encode(messageDigestAlgorithm.digest());
                } catch (XMLSignatureException e) {
                    throw new SecurityException(i18n.getMessage("mdaError"), e);
                }
            } catch (CanonicalizationException e2) {
                throw new SecurityException(i18n.getMessage("c14nError"), e2);
            } catch (InvalidCanonicalizerException e3) {
                throw new SecurityException(i18n.getMessage("c14nError"), e3);
            }
        } catch (Exception e4) {
            throw new SecurityException(i18n.getMessage("resHeaderElement"), e4);
        }
    }

    public static SOAPHeaderElement getResourceHeader(org.apache.axis.MessageContext messageContext) throws ResourceContextException {
        return ResourceContext.getResourceContext(messageContext).getResourceKeyHeader();
    }

    public static void writeSubject(Subject subject, ObjectOutputStream objectOutputStream) throws SecurityException {
        try {
            objectOutputStream.writeObject(subject);
            if (subject == null) {
                return;
            }
            Set<Object> publicCredentials = subject.getPublicCredentials();
            if (publicCredentials != null && !publicCredentials.isEmpty()) {
                objectOutputStream.writeObject(new Vector(publicCredentials));
            }
            Set<Object> privateCredentials = subject.getPrivateCredentials();
            if (privateCredentials != null && !privateCredentials.isEmpty()) {
                objectOutputStream.writeObject(new Vector(privateCredentials));
            }
        } catch (IOException e) {
            throw new SecurityException(e);
        }
    }

    public static Subject readSubject(FixedObjectInputStream fixedObjectInputStream) throws SecurityException, ClassNotFoundException {
        try {
            Subject subject = (Subject) fixedObjectInputStream.readObject();
            subject.getPublicCredentials().addAll((Vector) fixedObjectInputStream.readObject());
            subject.getPrivateCredentials().addAll((Vector) fixedObjectInputStream.readObject());
            return subject;
        } catch (IOException e) {
            throw new SecurityException(e);
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        Class cls2;
        if (class$org$globus$wsrf$impl$security$util$AuthUtil == null) {
            cls = class$("org.globus.wsrf.impl.security.util.AuthUtil");
            class$org$globus$wsrf$impl$security$util$AuthUtil = cls;
        } else {
            cls = class$org$globus$wsrf$impl$security$util$AuthUtil;
        }
        logger = LogFactory.getLog(cls.getName());
        if (class$org$globus$wsrf$impl$security$util$AuthUtil == null) {
            cls2 = class$("org.globus.wsrf.impl.security.util.AuthUtil");
            class$org$globus$wsrf$impl$security$util$AuthUtil = cls2;
        } else {
            cls2 = class$org$globus$wsrf$impl$security$util$AuthUtil;
        }
        i18n = I18n.getI18n("org.globus.wsrf.impl.security.error", cls2.getClassLoader());
    }
}
