package com.ibm.ws.wssecurity.platform.auth;

import com.ibm.ws.wssecurity.token.CacheableToken;
import com.ibm.ws.wssecurity.token.CacheableTokenCache;
import com.ibm.ws.wssecurity.token.CacheableTokenCacheFactory;
import com.ibm.ws.wssecurity.util.CacheConfigFactory;
import com.ibm.ws.wssecurity.util.ConstantsRetrieverFactory;
import com.ibm.ws.wssecurity.util.Tr;
import com.ibm.ws.wssecurity.util.TraceComponent;
import com.ibm.ws.wssecurity.wssapi.token.impl.SCT;
import com.ibm.wsspi.wssecurity.core.Constants;
import com.ibm.wsspi.wssecurity.core.SoapSecurityException;
import java.util.Date;
import org.apache.axis2.AxisFault;
import org.apache.axis2.addressing.EndpointReference;
import org.apache.axis2.context.ConfigurationContext;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.description.Parameter;
import org.apache.axis2.engine.AxisConfiguration;

/* loaded from: input_file:lib/com.ibm.jaxws.thinclient_9.0.jar:com/ibm/ws/wssecurity/platform/auth/SecureConversationCacheHelper.class */
public class SecureConversationCacheHelper {
    private static final String comp = "security.wssecurity";
    private static final String SERVICE_SCOPE = "SERVICE_SCOPE";
    private static final TraceComponent tc = Tr.register(SecureConversationCacheHelper.class, "Web Services Security", "com.ibm.ws.wssecurity.resources.wssmessages");
    private static final String CLS_NAME = SecureConversationCacheHelper.class.getName();
    private static String sessionIdentifier = Constants.WSSECURITY_SECURECONVERSATION_IDENTIFIER;
    private static CacheableTokenCache _sCache = CacheableTokenCacheFactory.getClientInstance();
    private static long extraTime = CacheConfigFactory.getInstance().getCacheGraceTimeMilliseconds();
    private static boolean jdbcEnabled = CacheConfigFactory.getInstance().isJDBCCache();
    private static String clusterName = null;
    private static String sctscope = com.ibm.ws.wssecurity.common.Constants.SCT_SCOPE;

    public static Object getSecurityContextTokenFromCacheByUUID(String str) {
        if (str == null) {
            return null;
        }
        return _sCache.getToken(convertUUID(str));
    }

    public static String computeKey(MessageContext messageContext) throws SoapSecurityException {
        if (messageContext == null) {
            return null;
        }
        if (clusterName == null) {
            clusterName = CacheConfigFactory.getInstance().getClusterName();
            if (clusterName == null) {
                clusterName = "";
            }
        }
        String str = null;
        String str2 = null;
        ConfigurationContext configurationContext = messageContext.getConfigurationContext();
        if (configurationContext == null) {
            throw SoapSecurityException.format("security.wssecurity.SecureConversationCacheHelper.s02");
        }
        AxisConfiguration axisConfiguration = configurationContext.getAxisConfiguration();
        if (axisConfiguration == null) {
            throw SoapSecurityException.format("security.wssecurity.SecureConversationCacheHelper.s01");
        }
        Parameter parameter = axisConfiguration.getParameter(ConstantsRetrieverFactory.getInstance().getApplicationNameKey());
        if (parameter != null) {
            str = (String) parameter.getValue();
        }
        Parameter parameter2 = axisConfiguration.getParameter(ConstantsRetrieverFactory.getInstance().getModuleNameKey());
        if (parameter2 != null) {
            str2 = (String) parameter2.getValue();
        }
        EndpointReference to = messageContext.getTo();
        if (to == null) {
            throw SoapSecurityException.format("security.wssecurity.SecureConversationCacheHelper.s03");
        }
        String address = to.getAddress();
        if (str == null) {
            str = "J2SE_THIN_CLIENT";
        }
        if (str2 == null) {
            str2 = "J2SE_THIN_CLIENT_MODULE";
        }
        if (to == null) {
            throw SoapSecurityException.format("security.wssecurity.SecureConversationCacheHelper.s03");
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "clusterName=" + clusterName);
            Tr.debug(tc, "appName=" + str);
            Tr.debug(tc, "moduleName=" + str2);
            Tr.debug(tc, "endPoint=" + to);
        }
        String str3 = clusterName + str + str2 + address;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "computeKey(MessageContext) returns [" + str3 + "]");
        }
        return str3;
    }

    public static Object getSecurityContextTokenFromCacheByContext(MessageContext messageContext) {
        if (messageContext == null) {
            return null;
        }
        CacheableToken cacheableToken = null;
        String clientCacheKeyFromMessage = getClientCacheKeyFromMessage(messageContext);
        if (clientCacheKeyFromMessage != null) {
            cacheableToken = _sCache.getToken(convertUUID(clientCacheKeyFromMessage));
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "getting it from message context using session key=[" + clientCacheKeyFromMessage + "], lookup result=[" + cacheableToken + "]");
            }
        }
        if (cacheableToken == null && !SERVICE_SCOPE.equalsIgnoreCase(getSCTScope(messageContext))) {
            try {
                String computeKey = computeKey(messageContext);
                if (computeKey != null) {
                    cacheableToken = _sCache.getToken(convertUUID(computeKey));
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "getting it from cache using non-session key=[" + computeKey + "], lookup result=[" + cacheableToken + "]");
                }
            } catch (SoapSecurityException e) {
                Tr.processException(e, CLS_NAME, "getSecurityContextTokenFromCacheByContext_1");
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.debug(tc, "getSecurityContextTokenFromCacheByContext(MessageContext) returns [" + cacheableToken + "]");
        }
        return cacheableToken;
    }

    public static Object getSecurityContextTokenFromDBCache(String str, long j) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSecurityContextTokenFromDBCache(String uuid = " + str);
        }
        if (str == null) {
            return null;
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSecurityContextTokenFromDBCache(String uuid = " + str);
        }
        return _sCache.getTokenFromDatabase(convertUUID(str), j);
    }

    public static void setPeristentSecurityContextTokenToCache(String str, SCT sct, Object obj) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setPersistentSecurityContextTokenToCache(String uuid = " + str);
        }
        if (str == null || str.trim().length() == 0) {
            return;
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "setting cache using uuid as a key = " + str);
        }
        _sCache.cacheToken(convertUUID(str), sct, getSCTExpirationTimeInMillis(sct));
        String clientID = sct.getClientID();
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "setting cache using non-session key of " + clientID);
        }
        if (clientID != null) {
            _sCache.cacheToken(convertUUID(clientID), sct, getSCTExpirationTimeInMillis(sct));
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setPersistentSecurityContextTokenToCache(String uuid = " + str);
        }
    }

    public static void setSecurityContextTokenToCache(String str, MessageContext messageContext, SCT sct, Object obj) {
        String clientID;
        if (str == null || str.trim().length() == 0) {
            return;
        }
        if (SERVICE_SCOPE.equalsIgnoreCase(getSCTScope(messageContext))) {
            if (str != null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "setting cache using session key of " + str);
                }
                _sCache.cacheToken(convertUUID(str), sct, getSCTExpirationTimeInMillis(sct));
                addClientCacheKeyToMessage(messageContext, str);
                return;
            }
            return;
        }
        try {
            String computeKey = computeKey(messageContext);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "setting cache using non-session key of " + computeKey);
            }
            if (computeKey != null) {
                _sCache.cacheToken(convertUUID(computeKey), sct, getSCTExpirationTimeInMillis(sct));
            } else if (messageContext == null && (clientID = sct.getClientID()) != null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "setting cache using non-session key of " + clientID);
                }
                _sCache.cacheToken(convertUUID(clientID), sct, getSCTExpirationTimeInMillis(sct));
            }
        } catch (SoapSecurityException e) {
            Tr.processException(e, CLS_NAME, "getSecurityContextTokenFromCacheByContext_1");
        }
        if (str != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "setting cache using session key of " + str);
            }
            _sCache.cacheToken(convertUUID(str), sct, getSCTExpirationTimeInMillis(sct));
            addClientCacheKeyToMessage(messageContext, str);
        }
    }

    public static void invalidateCache(String str) {
        if (str == null || str.trim().length() == 0) {
            return;
        }
        Object securityContextTokenFromCacheByUUID = getSecurityContextTokenFromCacheByUUID(str);
        if (!(securityContextTokenFromCacheByUUID instanceof SCT)) {
            _sCache.removeToken(convertUUID(str));
            return;
        }
        SCT sct = (SCT) securityContextTokenFromCacheByUUID;
        String clientID = sct.getClientID();
        if (clientID != null) {
            _sCache.removeToken(convertUUID(clientID));
        }
        String identifier = sct.getIdentifier();
        if (identifier == null || identifier.equals(clientID)) {
            return;
        }
        _sCache.removeToken(convertUUID(identifier));
    }

    public static void cleanupContexts(MessageContext messageContext) {
        Parameter parameter;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "cleanupContexts(MessageContext) " + messageContext);
        }
        EndpointReference to = messageContext.getTo();
        String address = to != null ? to.getAddress() : "";
        if (address == null) {
            address = "";
        }
        if (messageContext.getProperty(sessionIdentifier + address) != null) {
            messageContext.setProperty(sessionIdentifier + address, null);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "removed session identifier from message context.");
            }
        }
        if (messageContext.getAxisService() != null && (parameter = messageContext.getAxisService().getParameter(sessionIdentifier + address)) != null) {
            try {
                messageContext.getAxisService().removeParameter(parameter);
                Parameter parameter2 = messageContext.getAxisService().getParameter(sessionIdentifier);
                if (parameter2 != null) {
                    messageContext.getAxisService().removeParameter(parameter2);
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "removed session identifier from service context.");
                }
            } catch (AxisFault e) {
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "cleanupContexts(MessageContext) " + messageContext);
        }
    }

    public static void invalidateCache(MessageContext messageContext) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "invalidateCache(MessageContext) " + messageContext);
        }
        if (messageContext == null) {
            return;
        }
        Object securityContextTokenFromCacheByContext = getSecurityContextTokenFromCacheByContext(messageContext);
        if (securityContextTokenFromCacheByContext instanceof SCT) {
            SCT sct = (SCT) securityContextTokenFromCacheByContext;
            String clientID = sct.getClientID();
            if (clientID != null) {
                _sCache.removeToken(convertUUID(clientID));
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "removed sct from cache using non-session key = " + clientID);
                }
            }
            String identifier = sct.getIdentifier();
            if (identifier != null && !identifier.equals(clientID)) {
                _sCache.removeToken(convertUUID(identifier));
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "removed sct from cache using session key = " + identifier);
                }
            }
            cleanupContexts(messageContext);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "invalidateCache(MessageContext) " + messageContext);
        }
    }

    private static String getClientCacheKeyFromMessage(MessageContext messageContext) {
        Parameter parameter;
        if (messageContext == null) {
            return null;
        }
        EndpointReference to = messageContext.getTo();
        String address = to != null ? to.getAddress() : "";
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Need endPoint as part of the session key = " + address);
        }
        if (address == null) {
            address = "";
        }
        String str = (String) messageContext.getProperty(sessionIdentifier + address);
        if (str != null && str.length() > 0) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Returning SecureConversation session id is (message context)" + str);
            }
            return str;
        }
        if (messageContext.getAxisService() != null && (parameter = messageContext.getAxisService().getParameter(sessionIdentifier + address)) != null) {
            str = (String) parameter.getValue();
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "SecureConversation session id is " + str);
        }
        return str;
    }

    private static void addClientCacheKeyToMessage(MessageContext messageContext, String str) {
        if (str == null || str.trim().length() <= 0 || messageContext == null) {
            return;
        }
        EndpointReference to = messageContext.getTo();
        String address = to != null ? to.getAddress() : "";
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, " Adding endPoint to the session key = " + address);
        }
        if (address == null) {
            address = "";
        }
        messageContext.setProperty(sessionIdentifier + address, str);
        try {
            messageContext.getAxisService().addParameter(new Parameter(sessionIdentifier + address, str));
            messageContext.getAxisService().addParameter(new Parameter(sessionIdentifier, str));
        } catch (Exception e) {
            Tr.debug(tc, "Unable to add client sessionId to AxisContext. ", e);
        }
    }

    private static String getSCTScope(MessageContext messageContext) {
        if (messageContext == null) {
            return null;
        }
        return (String) messageContext.getProperty(sctscope);
    }

    private static String convertUUID(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "convertUUID", str);
        }
        if (!jdbcEnabled) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "convertUUID", str);
            }
            return str;
        }
        String str2 = str + "C";
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "convertUUID", str2);
        }
        return str2;
    }

    private static long getSCTExpirationTimeInMillis(SCT sct) {
        String[] instances = sct.getInstances();
        int i = 600000;
        if (instances.length > 0) {
            Date expiration = sct.getExpiration(instances[0]);
            for (int i2 = 1; i2 < instances.length; i2++) {
                if (sct.getExpiration(instances[i2]).after(expiration)) {
                    expiration = sct.getExpiration(instances[i2]);
                }
            }
            i = new Long(expiration.getTime() - System.currentTimeMillis()).intValue();
        }
        if (i < 0) {
            i = 0;
        }
        int intValue = i + new Long(extraTime).intValue();
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "SCT will stay in ccahe for " + intValue + " milliseconds");
        }
        return intValue;
    }
}
