package org.globus.wsrf.impl.security.authentication.wssec;

import javax.crypto.SecretKey;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.security.auth.callback.CallbackHandler;
import org.apache.axis.MessageContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.ws.security.WSSConfig;
import org.apache.ws.security.conversation.message.token.SecurityContextToken;
import org.apache.ws.security.message.token.Reference;
import org.apache.ws.security.message.token.SecurityTokenReference;
import org.apache.ws.security.util.WSSecurityUtil;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.keys.KeyInfo;
import org.globus.wsrf.ResourceException;
import org.globus.wsrf.ResourceHome;
import org.globus.wsrf.config.ContainerConfig;
import org.globus.wsrf.impl.SimpleResourceKey;
import org.globus.wsrf.impl.security.authentication.Constants;
import org.globus.wsrf.impl.security.authentication.secureconv.service.AuthenticationServiceConstants;
import org.globus.wsrf.impl.security.authentication.secureconv.service.SecurityContext;
import org.globus.wsrf.providers.GSSPrivateKey;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;

/* loaded from: input_file:WEB-INF/lib/ghn-core-runtime-1.0.0.jar:org/globus/wsrf/impl/security/authentication/wssec/GSSSecurityEngine.class */
public class GSSSecurityEngine extends org.apache.ws.security.WSSecurityEngine {
    private static GSSSecurityEngine engine = new GSSSecurityEngine();
    private static Log log;
    static Class class$org$globus$wsrf$impl$security$authentication$wssec$GSSSecurityEngine;

    public static org.apache.ws.security.WSSecurityEngine getInstance() {
        return engine;
    }

    @Override // org.apache.ws.security.WSSecurityEngine
    protected SecretKey getSharedKey(Element element, String str, CallbackHandler callbackHandler) throws org.apache.ws.security.WSSecurityException {
        try {
            try {
                SecurityContext context = getContext(((WSSecurityCallbackHandler) callbackHandler).getContext(), new KeyInfo(element, "http://www.w3.org/2000/09/xmldsig#"));
                return new GSSPrivateKey((String) context.getID(), context.getContext());
            } catch (WSSecurityException e) {
                throw new org.apache.ws.security.WSSecurityException(3, "unsupportedKeyInfo", null, e);
            }
        } catch (XMLSecurityException e2) {
            throw new org.apache.ws.security.WSSecurityException(3, "unsupportedKeyInfo", null, e2);
        }
    }

    public static SecurityContext getContext(MessageContext messageContext, KeyInfo keyInfo) throws WSSecurityException {
        SecurityContext securityContext = (SecurityContext) messageContext.getProperty(Constants.CONTEXT);
        if (securityContext == null) {
            if (keyInfo == null) {
                throw new WSSecurityException(4, "nullKeyInfo");
            }
            WSSConfig defaultWSConfig = WSSConfig.getDefaultWSConfig();
            Node directChild = WSSecurityUtil.getDirectChild(keyInfo.getElement(), "SecurityTokenReference", defaultWSConfig.getWsseNS());
            if (directChild == null) {
                throw new WSSecurityException(4, "unsupportedKeyInfo");
            }
            try {
                SecurityTokenReference securityTokenReference = new SecurityTokenReference(defaultWSConfig, (Element) directChild);
                if (!securityTokenReference.containsReference()) {
                    throw new WSSecurityException(4, "secTokenReferenceErr");
                }
                Document document = keyInfo.getDocument();
                try {
                    Reference reference = securityTokenReference.getReference();
                    if (reference == null) {
                        throw new WSSecurityException(4, "noReference");
                    }
                    Element elementByWsuId = WSSecurityUtil.getElementByWsuId(defaultWSConfig, document, reference.getURI());
                    if (elementByWsuId == null) {
                        throw new WSSecurityException(4, "noContextToken");
                    }
                    try {
                        String identifier = new SecurityContextToken(elementByWsuId).getIdentifier();
                        if (identifier == null) {
                            throw new WSSecurityException(4, "invalidContextToken");
                        }
                        securityContext = getContext(messageContext, identifier);
                    } catch (org.apache.ws.security.WSSecurityException e) {
                        throw new WSSecurityException(4, "invalidContextToken", null, e);
                    }
                } catch (org.apache.ws.security.WSSecurityException e2) {
                    throw new WSSecurityException(4, "noReference", null, e2);
                }
            } catch (org.apache.ws.security.WSSecurityException e3) {
                throw new WSSecurityException(4, "secTokenReferenceErr", null, e3);
            }
        }
        return securityContext;
    }

    private static SecurityContext getContext(MessageContext messageContext, String str) throws WSSecurityException {
        String option = ContainerConfig.getConfig(messageContext.getAxisEngine()).getOption(AuthenticationServiceConstants.AUTH_SERVICE);
        log.debug(new StringBuffer().append("Authentication service path is ").append(option).toString());
        try {
            ResourceHome resourceHome = (ResourceHome) new InitialContext().lookup(new StringBuffer().append("java:comp/env//services/").append(option).append(org.globus.wsrf.Constants.HOME_NAME).toString());
            log.debug(new StringBuffer().append("Context id is ").append(str).toString());
            SecurityContext securityContext = (SecurityContext) resourceHome.find(new SimpleResourceKey(resourceHome.getKeyTypeName(), str));
            messageContext.setProperty(Constants.CONTEXT, securityContext);
            return securityContext;
        } catch (ResourceException e) {
            throw new WSSecurityException(3, "contextErr", null, e);
        } catch (NamingException e2) {
            throw new WSSecurityException(3, "contextErr", null, e2);
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$globus$wsrf$impl$security$authentication$wssec$GSSSecurityEngine == null) {
            cls = class$("org.globus.wsrf.impl.security.authentication.wssec.GSSSecurityEngine");
            class$org$globus$wsrf$impl$security$authentication$wssec$GSSSecurityEngine = cls;
        } else {
            cls = class$org$globus$wsrf$impl$security$authentication$wssec$GSSSecurityEngine;
        }
        log = LogFactory.getLog(cls.getName());
    }
}
