package com.ibm.ws.wssecurity.trust.ext.client.util;

import com.ibm.websphere.wssecurity.wssapi.token.SecurityToken;
import com.ibm.websphere.wssecurity.wssapi.trust.WSSTrustClientValidateResult;
import com.ibm.ws.policyset.runtime.PolicySetConfiguration;
import com.ibm.ws.policyset.runtime.TrustClientPolicySetAttachments;
import com.ibm.ws.wssecurity.saml.saml11.assertion.utils.SAMLTokenBuilder;
import com.ibm.ws.wssecurity.trust.ext.client.ITrustProviderConfig;
import com.ibm.ws.wssecurity.trust.ext.client.ITrustRequestSecurityTokenResponse;
import com.ibm.ws.wssecurity.trust.ext.client.ITrustRequestSecurityTokenResponseCollection;
import com.ibm.ws.wssecurity.trust.ext.client.ITrustRequesterConfig;
import com.ibm.ws.wssecurity.trust.ext.client.base.TrustDispatchResponse;
import com.ibm.ws.wssecurity.util.Tr;
import com.ibm.ws.wssecurity.util.TraceComponent;
import com.ibm.ws.wssecurity.wssapi.OMStructure;
import com.ibm.ws.wssecurity.wssapi.token.impl.GenericSecurityTokenImpl;
import com.ibm.ws.wssecurity.wssapi.trust.client.impl.WSSTrustClientValidateResultImpl;
import com.ibm.wsspi.wssecurity.core.SoapSecurityException;
import com.ibm.wsspi.wssecurity.core.token.config.WSSConstants;
import com.ibm.wsspi.wssecurity.trust.config.ConsumerConfig;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.xml.namespace.QName;
import org.apache.axiom.om.OMElement;

/* loaded from: input_file:lib/com.ibm.wsfp.main.jar:com/ibm/ws/wssecurity/trust/ext/client/util/TrustClientHelperUtils.class */
public class TrustClientHelperUtils implements WSSConstants {
    private static final TraceComponent tc = Tr.register(TrustClientHelperUtils.class, "Web Services Security", "com.ibm.ws.wssecurity.resources.wssmessages");

    public static Map<String, Object> makePublic(Map<String, Object> map) {
        HashMap hashMap = null;
        if (map != null) {
            hashMap = new HashMap();
            for (Map.Entry<String, Object> entry : map.entrySet()) {
                String key = entry.getKey();
                if (!key.equals("RequestedSecurityToken")) {
                    Object value = entry.getValue();
                    hashMap.put(key, (value == null || !(value instanceof OMElement)) ? value : new OMStructure((OMElement) value));
                }
            }
        }
        return hashMap;
    }

    public static SecurityToken createSecurityToken(Map<String, Object> map, boolean z) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "createSecurityToken");
        }
        GenericSecurityTokenImpl genericSecurityTokenImpl = null;
        String str = (String) map.get("TokenType");
        OMElement oMElement = (OMElement) map.get("RequestedSecurityToken");
        if (oMElement != null) {
            OMElement firstElement = oMElement.getFirstElement();
            Map<String, Object> map2 = null;
            if (z) {
                map2 = makePublic(map);
            }
            if (WSSConstants.SAML.SAML11_VALUE_TYPE.equals(str) && str != null) {
                genericSecurityTokenImpl = SAMLTokenBuilder.createSAMLToken(map, map2, firstElement);
            } else if (!WSSConstants.SAML.SAML20_VALUE_TYPE.equals(str) || str == null) {
                QName qName = null;
                if (str != null) {
                    qName = new QName("", str);
                }
                genericSecurityTokenImpl = new GenericSecurityTokenImpl(map2, firstElement, qName);
            } else {
                genericSecurityTokenImpl = com.ibm.ws.wssecurity.saml.saml20.assertion.utils.SAMLTokenBuilder.createSAMLToken(map, map2, firstElement);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "createSecurityToken");
        }
        return genericSecurityTokenImpl;
    }

    public static PolicySetConfiguration getPSC(ITrustProviderConfig iTrustProviderConfig, TrustClientPolicySetAttachments trustClientPolicySetAttachments) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getPSC");
        }
        PolicySetConfiguration policySetConfiguration = (PolicySetConfiguration) iTrustProviderConfig.getPolicySetConfiguration();
        if (policySetConfiguration == null) {
            policySetConfiguration = TrustClientPSUtils.getPolicySetConfiguration(trustClientPolicySetAttachments, iTrustProviderConfig.getPolicySetName(), iTrustProviderConfig.getBindingName(), iTrustProviderConfig.getApplicationClassLoader(), iTrustProviderConfig.getSystemClassLoader(), iTrustProviderConfig.getBindingScope());
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getPSC");
        }
        return policySetConfiguration;
    }

    public static Map<String, Object> parseRSTR(ITrustRequestSecurityTokenResponse iTrustRequestSecurityTokenResponse) {
        OMElement rst;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "parseRSTR");
        }
        HashMap hashMap = new HashMap();
        if (iTrustRequestSecurityTokenResponse.getEntropyBinarySecret() != null) {
            hashMap.put(ConsumerConfig.RSTR.ENTROPY_BINARYSECRET, iTrustRequestSecurityTokenResponse.getEntropyBinarySecret());
        }
        if (iTrustRequestSecurityTokenResponse.getCreatedDate() != null) {
            hashMap.put(ConsumerConfig.RSTR.LIFETIME_CREATED, iTrustRequestSecurityTokenResponse.getCreatedDate());
        }
        if (iTrustRequestSecurityTokenResponse.getExpiresDate() != null) {
            hashMap.put(ConsumerConfig.RSTR.LIFETIME_EXPIRES, iTrustRequestSecurityTokenResponse.getExpiresDate());
        }
        if (iTrustRequestSecurityTokenResponse.getKeySize() != null) {
            hashMap.put("KeySize", iTrustRequestSecurityTokenResponse.getKeySize());
        }
        if (iTrustRequestSecurityTokenResponse.getRenewingAllow() != null) {
            hashMap.put(ConsumerConfig.RSTR.RENEWING_ALLOW, iTrustRequestSecurityTokenResponse.getRenewingAllow());
        }
        if (iTrustRequestSecurityTokenResponse.getRenewingOK() != null) {
            hashMap.put(ConsumerConfig.RSTR.RENEWING_OK, iTrustRequestSecurityTokenResponse.getRenewingOK());
        }
        if (iTrustRequestSecurityTokenResponse.getAppliesToAddress() != null) {
            hashMap.put(ConsumerConfig.RSTR.APPLIESTO_ADDRESS, iTrustRequestSecurityTokenResponse.getAppliesToAddress());
        }
        if (iTrustRequestSecurityTokenResponse.getAppliesToPortType() != null) {
            hashMap.put(ConsumerConfig.RSTR.APPLIESTO_PORTTYPE, iTrustRequestSecurityTokenResponse.getAppliesToPortType());
        }
        if (iTrustRequestSecurityTokenResponse.getAppliesToAddress() != null) {
            hashMap.put(ConsumerConfig.RSTR.APPLIESTO_SERVICENAME, iTrustRequestSecurityTokenResponse.getAppliesToServiceName());
        }
        if (iTrustRequestSecurityTokenResponse.getAppliesToAddress() != null) {
            hashMap.put(ConsumerConfig.RSTR.ISSUER_ADDRESS, iTrustRequestSecurityTokenResponse.getIssuerAddress());
        }
        if (iTrustRequestSecurityTokenResponse.getAppliesToPortType() != null) {
            hashMap.put(ConsumerConfig.RSTR.ISSUER_PORTTYPE, iTrustRequestSecurityTokenResponse.getIssuerPortType());
        }
        if (iTrustRequestSecurityTokenResponse.getAppliesToAddress() != null) {
            hashMap.put(ConsumerConfig.RSTR.ISSUER_SERVICENAME, iTrustRequestSecurityTokenResponse.getIssuerServiceName());
        }
        if (iTrustRequestSecurityTokenResponse.getStatusCode() != null) {
            hashMap.put("StatusCode", iTrustRequestSecurityTokenResponse.getStatusCode());
        }
        if (iTrustRequestSecurityTokenResponse.getTokenType() != null) {
            hashMap.put("TokenType", iTrustRequestSecurityTokenResponse.getTokenType());
        }
        if (iTrustRequestSecurityTokenResponse.getRequestType() != null) {
            hashMap.put("RequestType", iTrustRequestSecurityTokenResponse.getRequestType());
        }
        if (iTrustRequestSecurityTokenResponse.getAllowPostdating().booleanValue()) {
            hashMap.put("AllowPostdating", iTrustRequestSecurityTokenResponse.getAllowPostdating());
        }
        if (iTrustRequestSecurityTokenResponse.getAuthenticationType() != null) {
            hashMap.put("AuthenticationType", iTrustRequestSecurityTokenResponse.getAuthenticationType());
        }
        if (iTrustRequestSecurityTokenResponse.getKeyType() != null) {
            hashMap.put("KeyType", iTrustRequestSecurityTokenResponse.getKeyType());
        }
        if (iTrustRequestSecurityTokenResponse.getSignatureAlgorithm() != null) {
            hashMap.put("SignatureAlgorithm", iTrustRequestSecurityTokenResponse.getSignatureAlgorithm());
        }
        if (iTrustRequestSecurityTokenResponse.getEncryptionAlgorithm() != null) {
            hashMap.put("EncryptionAlgorithm", iTrustRequestSecurityTokenResponse.getEncryptionAlgorithm());
        }
        if (iTrustRequestSecurityTokenResponse.getCanonicalizationAlgorithm() != null) {
            hashMap.put("CanonicalizationAlgorithm", iTrustRequestSecurityTokenResponse.getCanonicalizationAlgorithm());
        }
        OMElement proofEncryptionXML = iTrustRequestSecurityTokenResponse.getProofEncryptionXML();
        if (proofEncryptionXML != null) {
            hashMap.put(ConsumerConfig.RSTR.PROOFENCRYPTIONXML, proofEncryptionXML);
        }
        OMElement encryptionXML = iTrustRequestSecurityTokenResponse.getEncryptionXML();
        if (encryptionXML != null) {
            hashMap.put(ConsumerConfig.RSTR.ENCRYPTIONXML, encryptionXML);
        }
        if (iTrustRequestSecurityTokenResponse.getSignWith() != null) {
            hashMap.put("SignWith", iTrustRequestSecurityTokenResponse.getSignWith());
        }
        if (iTrustRequestSecurityTokenResponse.getEncryptWith() != null) {
            hashMap.put("EncryptWith", iTrustRequestSecurityTokenResponse.getEncryptWith());
        }
        if (iTrustRequestSecurityTokenResponse.getForwardable() != null) {
            hashMap.put("Forwardable", iTrustRequestSecurityTokenResponse.getForwardable());
        }
        if (iTrustRequestSecurityTokenResponse.getDelegatable() != null) {
            hashMap.put("Delegatable", iTrustRequestSecurityTokenResponse.getDelegatable());
        }
        if (iTrustRequestSecurityTokenResponse.getStatusReason() != null) {
            hashMap.put(ConsumerConfig.RSTR.STATUS_REASON, iTrustRequestSecurityTokenResponse.getStatusReason());
        }
        if (iTrustRequestSecurityTokenResponse.getRequestedSecurityTokenXML() != null) {
            hashMap.put("RequestedSecurityToken", iTrustRequestSecurityTokenResponse.getRequestedSecurityTokenXML());
        }
        if (iTrustRequestSecurityTokenResponse.getRequestedProofToken() != null) {
            hashMap.put(ConsumerConfig.RSTR.REQUESTEDPROOFTOKENXML, iTrustRequestSecurityTokenResponse.getRequestedProofToken());
        }
        if (iTrustRequestSecurityTokenResponse.getRequestedUnattachedReference() != null) {
            hashMap.put(ConsumerConfig.RSTR.REQUESTEDUNATTACHEDREFERENCEXML, iTrustRequestSecurityTokenResponse.getRequestedUnattachedReference());
        }
        if (iTrustRequestSecurityTokenResponse.getRequestedAttachedReference() != null) {
            hashMap.put(ConsumerConfig.RSTR.REQUESTEDATTACHEDREFERENCEXML, iTrustRequestSecurityTokenResponse.getRequestedAttachedReference());
        }
        hashMap.put(ConsumerConfig.RSTR.REQUESTSECURITYTOKENRESPONSEXML, iTrustRequestSecurityTokenResponse.getRSTR());
        TrustDispatchResponse dispatchResponse = iTrustRequestSecurityTokenResponse.getDispatchResponse();
        if (dispatchResponse != null && dispatchResponse.getDispatchTest() && (rst = dispatchResponse.getRST()) != null) {
            hashMap.put("wstrustClientStandAloneTest", new OMStructure(rst));
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "parseRSTR");
        }
        return hashMap;
    }

    public static List<SecurityToken> processRSTRC(ITrustRequestSecurityTokenResponseCollection iTrustRequestSecurityTokenResponseCollection, List<ITrustRequesterConfig> list, boolean z) throws SoapSecurityException {
        Map<String, Object> parseRSTR;
        SecurityToken createSecurityToken;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "processRSTRC");
        }
        ArrayList arrayList = new ArrayList();
        Iterator<ITrustRequestSecurityTokenResponse> rSTRCollection = iTrustRequestSecurityTokenResponseCollection.getRSTRCollection();
        if (rSTRCollection.hasNext() && (parseRSTR = parseRSTR(rSTRCollection.next())) != null && (createSecurityToken = createSecurityToken(parseRSTR, z)) != null) {
            arrayList.add(createSecurityToken);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "processRSTRC");
        }
        return arrayList;
    }

    public static List<WSSTrustClientValidateResult> processValidateRSTRC(ITrustRequestSecurityTokenResponseCollection iTrustRequestSecurityTokenResponseCollection, List<ITrustRequesterConfig> list, boolean z) throws SoapSecurityException {
        ITrustRequestSecurityTokenResponse next;
        Map<String, Object> parseRSTR;
        OMElement rst;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "processRSTRC");
        }
        ArrayList arrayList = new ArrayList();
        SecurityToken securityToken = null;
        Iterator<ITrustRequestSecurityTokenResponse> rSTRCollection = iTrustRequestSecurityTokenResponseCollection.getRSTRCollection();
        if (rSTRCollection.hasNext() && (parseRSTR = parseRSTR((next = rSTRCollection.next()))) != null) {
            if (parseRSTR.containsKey("RequestedSecurityToken")) {
                securityToken = createSecurityToken(parseRSTR, z);
            }
            WSSTrustClientValidateResultImpl wSSTrustClientValidateResultImpl = new WSSTrustClientValidateResultImpl((String) parseRSTR.get("StatusCode"), (String) parseRSTR.get(ConsumerConfig.RSTR.STATUS_REASON), securityToken);
            if (z) {
                OMElement rstr = next.getRSTR();
                if (rstr != null) {
                    wSSTrustClientValidateResultImpl.setProperty(ConsumerConfig.RSTR.REQUESTSECURITYTOKENRESPONSEXML, new OMStructure(rstr));
                }
                TrustDispatchResponse dispatchResponse = next.getDispatchResponse();
                if (dispatchResponse != null && dispatchResponse.getDispatchTest() && (rst = dispatchResponse.getRST()) != null) {
                    wSSTrustClientValidateResultImpl.setProperty("wstrustClientStandAloneTest", new OMStructure(rst));
                }
            }
            arrayList.add(wSSTrustClientValidateResultImpl);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "processRSTRC");
        }
        return arrayList;
    }

    public static SecurityToken processRSTR(ITrustRequestSecurityTokenResponse iTrustRequestSecurityTokenResponse, ITrustRequesterConfig iTrustRequesterConfig, boolean z) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "processRSTR");
        }
        SecurityToken securityToken = null;
        Map<String, Object> parseRSTR = parseRSTR(iTrustRequestSecurityTokenResponse);
        if (parseRSTR != null && parseRSTR.containsKey("RequestedSecurityToken")) {
            securityToken = createSecurityToken(parseRSTR, z);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "processRSTR");
        }
        return securityToken;
    }

    public static List<WSSTrustClientValidateResult> processValidateRSTRC(ITrustRequestSecurityTokenResponseCollection iTrustRequestSecurityTokenResponseCollection, ITrustRequesterConfig iTrustRequesterConfig, boolean z) throws SoapSecurityException {
        ITrustRequestSecurityTokenResponse next;
        Map<String, Object> parseRSTR;
        OMElement rst;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "processRSTR");
        }
        SecurityToken securityToken = null;
        ArrayList arrayList = new ArrayList();
        Iterator<ITrustRequestSecurityTokenResponse> rSTRCollection = iTrustRequestSecurityTokenResponseCollection.getRSTRCollection();
        if (rSTRCollection.hasNext() && (parseRSTR = parseRSTR((next = rSTRCollection.next()))) != null) {
            if (parseRSTR.containsKey("RequestedSecurityToken")) {
                securityToken = createSecurityToken(parseRSTR, z);
            }
            WSSTrustClientValidateResultImpl wSSTrustClientValidateResultImpl = new WSSTrustClientValidateResultImpl((String) parseRSTR.get("StatusCode"), (String) parseRSTR.get(ConsumerConfig.RSTR.STATUS_REASON), securityToken);
            if (z) {
                OMElement rstr = next.getRSTR();
                if (rstr != null) {
                    wSSTrustClientValidateResultImpl.setProperty(ConsumerConfig.RSTR.REQUESTSECURITYTOKENRESPONSEXML, new OMStructure(rstr));
                }
                TrustDispatchResponse dispatchResponse = next.getDispatchResponse();
                if (dispatchResponse != null && dispatchResponse.getDispatchTest() && (rst = dispatchResponse.getRST()) != null) {
                    wSSTrustClientValidateResultImpl.setProperty("wstrustClientStandAloneTest", new OMStructure(rst));
                }
            }
            arrayList.add(wSSTrustClientValidateResultImpl);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "processRSTR");
        }
        return arrayList;
    }
}
