package org.apache.rahas.impl;

import javax.xml.namespace.QName;
import org.apache.axiom.om.OMAttribute;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.soap.SOAPEnvelope;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.description.Parameter;
import org.apache.rahas.RahasConstants;
import org.apache.rahas.RahasData;
import org.apache.rahas.Token;
import org.apache.rahas.TokenCanceler;
import org.apache.rahas.TokenStorage;
import org.apache.rahas.TrustException;
import org.apache.rahas.TrustUtil;
import org.apache.ws.security.message.token.Reference;

/* loaded from: input_file:lib/open/rampart/rampart-trust-1.6.2.jar:org/apache/rahas/impl/TokenCancelerImpl.class */
public class TokenCancelerImpl implements TokenCanceler {
    private String configFile;
    private OMElement configElement;
    private String configParamName;

    @Override // org.apache.rahas.TokenCanceler
    public SOAPEnvelope cancel(RahasData rahasData) throws TrustException {
        TokenCancelerConfig tokenCancelerConfig = null;
        if (this.configElement != null) {
            tokenCancelerConfig = TokenCancelerConfig.load(this.configElement.getFirstChildWithName(SCTIssuerConfig.SCT_ISSUER_CONFIG));
        }
        if (tokenCancelerConfig == null && this.configFile != null) {
            tokenCancelerConfig = TokenCancelerConfig.load(this.configFile);
        }
        if (tokenCancelerConfig == null && this.configParamName != null) {
            Parameter parameter = rahasData.getInMessageContext().getParameter(this.configParamName);
            if (parameter == null || parameter.getParameterElement() == null) {
                throw new TrustException("expectedParameterMissing", new String[]{this.configParamName});
            }
            tokenCancelerConfig = TokenCancelerConfig.load(parameter.getParameterElement().getFirstChildWithName(SCTIssuerConfig.SCT_ISSUER_CONFIG));
        }
        if (tokenCancelerConfig == null) {
            throw new TrustException("missingConfiguration", new String[]{SCTIssuerConfig.SCT_ISSUER_CONFIG.getLocalPart()});
        }
        OMElement rstElement = rahasData.getRstElement();
        QName qName = new QName(rahasData.getWstNs(), "CancelTarget");
        OMElement firstChildWithName = rstElement.getFirstChildWithName(qName);
        if (firstChildWithName == null) {
            throw new TrustException("requiredElementNotFound", new String[]{qName.toString()});
        }
        OMElement firstChildWithName2 = firstChildWithName.getFirstChildWithName(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "SecurityTokenReference"));
        if (firstChildWithName2 == null) {
            throw new TrustException("cannotDetermineTokenId");
        }
        OMElement firstChildWithName3 = firstChildWithName2.getFirstChildWithName(Reference.TOKEN);
        if (firstChildWithName3 == null) {
            throw new TrustException("cannotDetermineTokenId");
        }
        OMAttribute attribute = firstChildWithName3.getAttribute(new QName("URI"));
        if (attribute == null) {
            throw new TrustException("cannotDetermineTokenId");
        }
        String attributeValue = attribute.getAttributeValue();
        if (attributeValue.charAt(0) == '#') {
            attributeValue = attributeValue.substring(1);
        }
        MessageContext inMessageContext = rahasData.getInMessageContext();
        TokenStorage tokenStore = TrustUtil.getTokenStore(inMessageContext);
        Token token = tokenStore.getToken(attributeValue);
        if (token == null) {
            throw new TrustException("tokenNotFound", new String[]{attributeValue});
        }
        token.setState(3);
        tokenStore.update(token);
        SOAPEnvelope createSOAPEnvelope = TrustUtil.createSOAPEnvelope(inMessageContext.getEnvelope().getNamespace().getNamespaceURI());
        int version = rahasData.getVersion();
        TrustUtil.createRequestedTokenCanceledElement(version, 1 == version ? TrustUtil.createRequestSecurityTokenResponseElement(version, createSOAPEnvelope.getBody()) : TrustUtil.createRequestSecurityTokenResponseElement(version, TrustUtil.createRequestSecurityTokenResponseCollectionElement(version, createSOAPEnvelope.getBody())));
        return createSOAPEnvelope;
    }

    @Override // org.apache.rahas.TokenCanceler
    public void setConfigurationFile(String str) {
        this.configFile = str;
    }

    @Override // org.apache.rahas.TokenCanceler
    public void setConfigurationElement(OMElement oMElement) {
        this.configElement = oMElement;
    }

    @Override // org.apache.rahas.TokenCanceler
    public void setConfigurationParamName(String str) {
        this.configParamName = str;
    }

    @Override // org.apache.rahas.TokenCanceler
    public String getResponseAction(RahasData rahasData) throws TrustException {
        return TrustUtil.getActionValue(rahasData.getVersion(), RahasConstants.RSTR_ACTION_CANCEL);
    }
}
