package at.itsv.security.webservice;

import at.itsv.commons.config.keyvalue.KeyValueConfiguration;
import at.itsv.security.servicesecurity.passwordprovider.PasswordProvider;
import java.io.IOException;
import java.util.Set;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.xml.soap.SOAPMessage;
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.ws.security.WSPasswordCallback;

/* loaded from: input_file:at/itsv/security/webservice/PasswordHandler.class */
public class PasswordHandler implements CallbackHandler {
    private final KeyValueConfiguration configuration;
    private final PasswordProvider passwordProvider;
    private final SoapMessage message;
    private final String username;
    private final String password;

    public PasswordHandler(KeyValueConfiguration keyValueConfiguration, PasswordProvider passwordProvider, SoapMessage soapMessage) {
        this.configuration = keyValueConfiguration;
        this.passwordProvider = passwordProvider;
        this.message = soapMessage;
        this.username = null;
        this.password = null;
    }

    public PasswordHandler(KeyValueConfiguration keyValueConfiguration, PasswordProvider passwordProvider, SoapMessage soapMessage, String str, String str2) {
        this.configuration = keyValueConfiguration;
        this.passwordProvider = passwordProvider;
        this.message = soapMessage;
        this.username = str;
        this.password = str2;
    }

    @Override // javax.security.auth.callback.CallbackHandler
    public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
        if (!(callbackArr[0] instanceof WSPasswordCallback)) {
            throw new UnsupportedCallbackException(callbackArr[0]);
        }
        WSPasswordCallback wSPasswordCallback = (WSPasswordCallback) callbackArr[0];
        String findPassword = findPassword(wSPasswordCallback.getIdentifier());
        if (findPassword != null) {
            try {
                wSPasswordCallback.setPassword(constructMessagePassword(findPassword));
            } catch (WSSecurityException e) {
                throw new IOException("Error on creating password token for user " + wSPasswordCallback.getIdentifier(), e);
            }
        }
    }

    private String findPassword(String str) {
        if (this.username != null && this.username.equals(str)) {
            return this.password;
        }
        Set passwordsFor = this.passwordProvider.passwordsFor(str);
        if (passwordsFor.size() == 1) {
            return (String) passwordsFor.iterator().next();
        }
        if (passwordsFor.size() > 1) {
            throw new IllegalArgumentException("Mehrere Passwoerter nicht zulaessig! Benutzer: " + str);
        }
        return null;
    }

    private String constructMessagePassword(String str) throws WSSecurityException {
        return isSignatureEnabled() ? new XMLSignatureHMACSha1().createPasswordToken(((SOAPMessage) this.message.getContent(SOAPMessage.class)).getSOAPPart(), this.configuration, str) : str;
    }

    private boolean isSignatureEnabled() {
        return this.configuration.booleanValueOf(WSSecurityConfig.CONFIGURATION_SIGNATURE_ENABLED, false);
    }
}
