package at.itsv.security.webservice;

import at.itsv.commons.config.keyvalue.KeyValueConfiguration;
import at.itsv.commons.config.keyvalue.KeyValueConfigurationBuilder;
import at.itsv.commons.stringconversion.StringConverter;
import at.itsv.security.servicesecurity.passwordprovider.PasswordProvider;
import at.itsv.security.servicesecurity.passwordprovider.PasswordProviderBuilder;
import java.io.IOException;
import java.lang.annotation.Annotation;
import java.util.HashMap;
import java.util.Map;
import javax.naming.NamingException;
import org.apache.cxf.binding.soap.SoapFault;
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.binding.soap.SoapVersion;
import org.apache.cxf.binding.soap.interceptor.AbstractSoapInterceptor;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.service.Service;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:at/itsv/security/webservice/AbstractWSSecurityInterceptor.class */
public abstract class AbstractWSSecurityInterceptor extends AbstractSoapInterceptor {
    protected static final Logger LOG = LoggerFactory.getLogger(AbstractWSSecurityInterceptor.class);
    private boolean useJndi;
    private String configurationPath;
    private String passwordPath;
    private KeyValueConfiguration configuration;
    private PasswordProvider passwordProvider;

    AbstractWSSecurityInterceptor() {
        this(null, null);
    }

    AbstractWSSecurityInterceptor(String str, String str2) {
        this(str, str2, true);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public AbstractWSSecurityInterceptor(String str, String str2, boolean z) {
        this("pre-protocol", str, str2, z);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public AbstractWSSecurityInterceptor(String str, String str2, String str3, boolean z) {
        super(str);
        this.useJndi = true;
        this.configurationPath = str2;
        this.passwordPath = str3;
        this.useJndi = z;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public KeyValueConfiguration configuration() {
        return this.configuration;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public PasswordProvider passwordProvider() {
        return this.passwordProvider;
    }

    public void handleMessage(SoapMessage soapMessage) throws Fault {
        SoapVersion version = soapMessage.getVersion();
        try {
            if (this.configuration == null) {
                loadConfiguration(soapMessage);
            }
            if (isSecurityEnabled()) {
                HashMap hashMap = new HashMap();
                StringBuilder sb = new StringBuilder();
                if (isTimestampEnabled()) {
                    sb.append("Timestamp ");
                }
                sb.append("UsernameToken");
                hashMap.put("action", sb.toString());
                if (getTimeToLiveSeconds() != null) {
                    hashMap.put("timeToLive", getTimeToLiveSeconds());
                    hashMap.put("timestampStrict", Boolean.TRUE.toString());
                }
                handleSecureMessageInternal(soapMessage, hashMap);
            }
        } catch (WSSecurityException e) {
            throw new SoapFault("Error on intercepting webservice for security issues ", e, version.getSender());
        }
    }

    protected abstract void handleSecureMessageInternal(SoapMessage soapMessage, Map<String, Object> map) throws WSSecurityException;

    protected abstract boolean loadPasswords();

    private WSSecurityConfig getWSecurityConfig(Class<?> cls) {
        for (Annotation annotation : cls.getAnnotations()) {
            if (annotation instanceof WSSecurityConfig) {
                return (WSSecurityConfig) annotation;
            }
        }
        return null;
    }

    private boolean isSecurityEnabled() {
        return this.configuration.booleanValueOf(WSSecurityConfig.CONFIGURATION_SECURITY_ENABLED, true);
    }

    private boolean isTimestampEnabled() {
        return this.configuration.booleanValueOf(WSSecurityConfig.CONFIGURATION_TIMESTAMP_ENABLED, true);
    }

    private String getTimeToLiveSeconds() {
        return this.configuration.valueOf(WSSecurityConfig.CONFIGURATION_TIME_TO_LIVE_SECONDS, (String) null);
    }

    private synchronized void loadConfiguration(SoapMessage soapMessage) throws WSSecurityException {
        if (this.configuration != null) {
            return;
        }
        LOG.info("Start: Reading configurations for Webservice ");
        Class<?> cls = (Class) ((Service) soapMessage.getExchange().get(Service.class)).get("endpoint.class");
        String str = "for Webservice of Class " + cls.getSimpleName();
        LOG.info("Reading configurations " + str);
        if (this.configurationPath == null) {
            WSSecurityConfig wSecurityConfig = getWSecurityConfig(cls);
            if (wSecurityConfig == null) {
                LOG.error("Wrong configuration for Webservice-Security : Configuration missing " + str);
                throw new WSSecurityException("Missing configuration for Webservice-Security on server side");
            }
            this.configurationPath = wSecurityConfig.configurationPath();
            this.passwordPath = wSecurityConfig.passwordPath();
            this.useJndi = !wSecurityConfig.useFilePath();
        }
        LOG.info("Using configuration-path " + this.configurationPath + " " + str);
        this.configuration = createConfiguration(this.configurationPath);
        if (isSecurityEnabled() && loadPasswords()) {
            if (this.passwordPath == null) {
                LOG.error("No password path configured for Webservice-Security " + str);
                throw new WSSecurityException("Wrong configuration for Webservice-Security on server side - password configuration is missing");
            }
            LOG.info("Using password-path " + this.passwordPath + " " + str);
            this.passwordProvider = PasswordProviderBuilder.fromKeyValueConfiguration(createConfiguration(this.passwordPath), (StringConverter) null).build();
        }
    }

    private KeyValueConfiguration createConfiguration(String str) throws WSSecurityException {
        try {
            return this.useJndi ? KeyValueConfigurationBuilder.fromJndi().withCheckedPrefix(WSSecurityConfig.JNDI_PREFIX + str + '/').build() : KeyValueConfigurationBuilder.fromJBossPropertiesResource(str).build();
        } catch (IOException e) {
            throw new WSSecurityException("Error on loading configuration from file " + str, e);
        } catch (IllegalArgumentException e2) {
            throw new WSSecurityException("Error on loading configuration", e2);
        } catch (NamingException e3) {
            throw new WSSecurityException("Error on initializing WS-security configuration. Couldn't create JNDI-Context.", e3);
        }
    }
}
