package com.ibm.ws.jaxrs20.client.security.saml;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.security.saml2.PropagationHelper;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ffdc.annotation.FFDCIgnore;
import com.ibm.ws.jaxrs20.client.JAXRSClientConstants;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import java.util.Arrays;
import java.util.Map;
import javax.ws.rs.ProcessingException;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.Message;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.apache.cxf.transport.https.HttpsURLConnectionFactory;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:wlp/lib/com.ibm.ws.jaxrs-2.0.client_1.0.14.jar:com/ibm/ws/jaxrs20/client/security/saml/PropagationHandler.class */
public class PropagationHandler extends AbstractPhaseInterceptor<Message> {
    private static final TraceComponent tc = Tr.register((Class<?>) PropagationHandler.class, JAXRSClientConstants.TR_GROUP, JAXRSClientConstants.TR_RESOURCE_BUNDLE);
    static final long serialVersionUID = 5699156845639467812L;

    public PropagationHandler() {
        super(Phase.PRE_LOGICAL);
    }

    @Override // org.apache.cxf.interceptor.Interceptor
    public void handleMessage(Message message) throws Fault {
        Object obj = message.get(JAXRSClientConstants.SAML_HANDLER);
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "Please check if customer is using the [com.ibm.ws.jaxrs.client.saml.sendToken], client configuration property and the value should be true", new Object[0]);
        }
        if (obj != null) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "The client configuration property [com.ibm.ws.jaxrs.client.saml.sendToken] value is " + obj, new Object[0]);
            }
            configClientSAMLHandler(message, obj.toString().toLowerCase());
        }
    }

    @FFDCIgnore({NoClassDefFoundError.class})
    private void configClientSAMLHandler(Message message, String str) {
        if (!str.equals("true")) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "No client SAML handler configuration is specified, skipping this handler.", new Object[0]);
                return;
            }
            return;
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "Entering SAML Handler", new Object[0]);
        }
        if (((String) message.get(Message.ENDPOINT_ADDRESS)).startsWith(HttpsURLConnectionFactory.HTTPS_URL_PROTOCOL_ID) && TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "user is using SSL connection", new Object[0]);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "About to get a SAML authentication token from the runAs Subject", new Object[0]);
        }
        try {
            String encodedSaml20Token = PropagationHelper.getEncodedSaml20Token(false);
            if (encodedSaml20Token != null && !encodedSaml20Token.isEmpty()) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "Retrieved the encoded SAML token. About to set it on the request Header " + encodedSaml20Token, new Object[0]);
                }
                Map map = (Map) message.get(Message.PROTOCOL_HEADERS);
                map.put("Authorization", Arrays.asList("SAML " + encodedSaml20Token));
                message.put(Message.PROTOCOL_HEADERS, map);
            }
        } catch (NoClassDefFoundError e) {
            Tr.warning(tc, "failed_to_extract_saml_token_from_subject", e);
        } catch (Throwable th) {
            FFDCFilter.processException(th, "com.ibm.ws.jaxrs20.client.security.saml.PropagationHandler", "96", this, new Object[]{message, str});
            Tr.warning(tc, "failed_to_extract_saml_token_from_subject", th);
            throw new ProcessingException(th);
        }
    }
}
