package com.ibm.ws.wssecurity.wssapi.token.impl;

import com.ibm.websphere.wssecurity.wssapi.WSSException;
import com.ibm.websphere.wssecurity.wssapi.XMLStructure;
import com.ibm.websphere.wssecurity.wssapi.token.SecurityToken;
import com.ibm.ws.wssecurity.keyinfo.KeyInfoConsumer;
import com.ibm.ws.wssecurity.util.ConfigUtil;
import com.ibm.ws.wssecurity.util.Tr;
import com.ibm.ws.wssecurity.util.TraceComponent;
import com.ibm.ws.wssecurity.wssapi.DefaultValueManager;
import com.ibm.ws.wssecurity.wssapi.TokenMapping;
import com.ibm.wsspi.wssecurity.core.SoapSecurityException;
import com.ibm.wsspi.wssecurity.wssapi.DOMStructure;
import com.ibm.wsspi.wssecurity.wssapi.OMStructure;
import java.io.Externalizable;
import java.io.IOException;
import java.io.ObjectInput;
import java.io.ObjectOutput;
import java.security.Key;
import java.security.SecurityPermission;
import java.util.HashMap;
import java.util.Map;
import javax.security.auth.callback.CallbackHandler;
import javax.xml.namespace.QName;
import org.apache.axiom.om.OMElement;
import org.apache.axis2.util.ObjectStateUtils;
import org.apache.axis2.util.XMLUtils;

/* loaded from: input_file:lib/com.ibm.jaxws.thinclient_9.0.jar:com/ibm/ws/wssecurity/wssapi/token/impl/SecurityTokenWrapper.class */
public class SecurityTokenWrapper implements SecurityToken, Consumable, Generatable, Externalizable, com.ibm.ws.wssecurity.wssapi.token.SecurityTokenWrapper {
    private static final String comp = "security.wssecurity";
    private static final long serialVersionUID = 6615415757895974041L;
    private static final String VERSION_NUMBER = "1.0";
    private String wssapiLoginConfigName;
    private CallbackHandler wssapiCallbackHandler;
    private int wssapiReferenceType;
    private SecurityToken securityToken;
    private String keyInfoType;
    private SoapSecurityException error;
    private int usedTokenGeneratorHash;
    private int usedTokenConsumerHash;
    private int usedTokenConsumerClass;
    private boolean referenced;
    private boolean processed;
    private boolean usedToLogin;
    private String keyInfoUniqueID;
    private transient DOMStructure currentDOM;
    private transient OMStructure OMSfromCurrentDOM;
    private boolean defaultImpl;
    private static final TraceComponent tc = Tr.register(SecurityTokenWrapper.class, "Web Services Security", "com.ibm.ws.wssecurity.resources.wssmessages");
    private static final SecurityPermission SETKEYINFOTYPE_PERM = new SecurityPermission("wssapi.SecurityTokenWrapper.setKeyInfoType");
    private static final SecurityPermission SETUSEDTOKENCONSUMER_PERM = new SecurityPermission("wssapi.SecurityTokenWrapper.setUsedTokenConsumer");
    private static final SecurityPermission SETUSEDTOKENGENERATOR_PERM = new SecurityPermission("wssapi.SecurityTokenWrapper.setUsedTokenGenerator");
    private static final SecurityPermission SETREADONLY_PERM = new SecurityPermission("wssapi.SecurityTokenWrapper.setReadOnly");
    private static final SecurityPermission SETREFERENCED_PERM = new SecurityPermission("wssapi.SecurityTokenWrapper.setReferenced");
    private static final SecurityPermission SETPROCESSED_PERM = new SecurityPermission("wssapi.SecurityTokenWrapper.setProcessed");
    private static final SecurityPermission SETERROR_PERM = new SecurityPermission("wssapi.SecurityTokenWrapper.setError");
    private static final SecurityPermission SETUSEDTOLOGIN_PERM = new SecurityPermission("wssapi.SecurityTokenWrapper.setUsedToLogin");
    private static Map<Integer, String> referenceMap = new HashMap();
    private OMElement str = null;
    private boolean readOnly = false;
    private String endPoint = "";

    public SecurityTokenWrapper(SecurityToken securityToken) {
        this.defaultImpl = false;
        if (securityToken instanceof SecurityTokenImpl) {
            this.defaultImpl = true;
        }
        this.securityToken = securityToken;
    }

    public SecurityTokenWrapper(SecurityToken securityToken, CallbackHandler callbackHandler, String str) {
        this.defaultImpl = false;
        if (securityToken instanceof SecurityTokenImpl) {
            this.defaultImpl = true;
        }
        this.securityToken = securityToken;
        this.wssapiCallbackHandler = callbackHandler;
        this.wssapiLoginConfigName = str;
    }

    public SecurityTokenWrapper(SecurityToken securityToken, CallbackHandler callbackHandler, boolean z) {
        this.defaultImpl = false;
        if (securityToken instanceof SecurityTokenImpl) {
            this.defaultImpl = true;
        }
        this.securityToken = securityToken;
        this.wssapiCallbackHandler = callbackHandler;
        TokenMapping tokenMapping = DefaultValueManager.getInstance().getTokenMapping().get(securityToken.getValueType());
        this.wssapiLoginConfigName = z ? tokenMapping.getJaasLoginConfigNameForGenerator() : tokenMapping.getJaasLoginConfigNameForConsumer();
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.SecurityToken
    public Key getKey(int i) throws WSSException {
        return this.securityToken.getKey(i);
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.SecurityToken
    public XMLStructure getXML() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "SecurityTokenWrapper:getXML()...readonly: " + isReadOnly());
        }
        XMLStructure xml = this.securityToken.getXML();
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "SecurityToken XMLStructure: " + xml);
            Tr.debug(tc, "SecurityToken XMLStructure hash: " + xml.hashCode());
        }
        if (!this.defaultImpl && xml != null) {
            if (xml instanceof DOMStructure) {
                if (this.currentDOM == null || !xml.equals(this.currentDOM)) {
                    try {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Current DOM Element hash: " + (this.currentDOM == null ? null : Integer.valueOf(this.currentDOM.hashCode())));
                        }
                        this.currentDOM = (DOMStructure) xml;
                        this.OMSfromCurrentDOM = new com.ibm.ws.wssecurity.wssapi.OMStructure(XMLUtils.toOM(this.currentDOM.getNode()));
                    } catch (Exception e) {
                        if (!tc.isDebugEnabled()) {
                            return null;
                        }
                        Tr.error(tc, ConfigUtil.getMessage("security.wssecurity.X509TokenConsumer.s01", new String[]{e.getMessage()}));
                        return null;
                    }
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Saved current DOM: " + this.currentDOM);
                    Tr.debug(tc, "Saved current OMStructure from DOM: " + this.OMSfromCurrentDOM);
                }
                xml = this.readOnly ? new com.ibm.ws.wssecurity.wssapi.OMStructure(this.OMSfromCurrentDOM.getNode().cloneOMElement()) : this.OMSfromCurrentDOM;
            } else if (xml instanceof OMStructure) {
                if (this.readOnly) {
                    xml = new com.ibm.ws.wssecurity.wssapi.OMStructure(((OMStructure) xml).getNode().cloneOMElement());
                }
            } else if (tc.isDebugEnabled()) {
                Tr.error(tc, "Unexpected XMLStructure: " + xml);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "SecurityTokenWrapper:getXML() exits...");
        }
        return xml;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.SecurityToken
    public String getId() {
        return this.securityToken.getId();
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.SecurityToken
    public String getReferenceURI() {
        return this.securityToken.getReferenceURI();
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.SecurityToken
    public String getKeyIdentifier() {
        return this.securityToken.getKeyIdentifier();
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.SecurityToken
    public QName getKeyIdentifierEncodingType() {
        return this.securityToken.getKeyIdentifierEncodingType();
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.SecurityToken
    public QName getKeyIdentifierValueType() {
        return this.securityToken.getKeyIdentifierEncodingType();
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.SecurityToken
    public String getKeyName() {
        return this.securityToken.getKeyName();
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.SecurityToken
    public QName getValueType() {
        return this.securityToken.getValueType();
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.SecurityToken
    public QName getTokenQname() {
        return this.securityToken.getTokenQname();
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.SecurityToken
    public String getThumbprint() {
        return this.securityToken.getThumbprint();
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.SecurityToken
    public QName getThumbprintValueType() {
        return this.securityToken.getThumbprintValueType();
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.SecurityToken
    public QName getThumbprintEncodingType() {
        return this.securityToken.getThumbprintEncodingType();
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.SecurityToken, com.ibm.wsspi.security.token.Token
    public String getPrincipal() {
        return this.securityToken.getPrincipal();
    }

    public CallbackHandler getWssapiCallbackHandler() {
        return this.wssapiCallbackHandler;
    }

    public String getWssapiLoginConfigName() {
        return this.wssapiLoginConfigName;
    }

    public int getWssapiReferenceType() {
        return this.wssapiReferenceType;
    }

    public String getWssapiReferenceTypeByStr() {
        return referenceMap.get(Integer.valueOf(this.wssapiReferenceType));
    }

    public void setWssapiReferenceType(int i) {
        this.wssapiReferenceType = i;
    }

    @Override // com.ibm.ws.wssecurity.wssapi.token.SecurityTokenWrapper
    public SecurityToken getSecurityToken() {
        return this.securityToken;
    }

    public String getKeyInfoType() {
        return this.keyInfoType;
    }

    public void setKeyInfoType(String str) {
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Performing Java 2 Security Permission Check ...");
                Tr.debug(tc, "Expecting : " + SETKEYINFOTYPE_PERM.toString());
            }
            securityManager.checkPermission(SETKEYINFOTYPE_PERM);
        }
        if (this.readOnly) {
            return;
        }
        this.keyInfoType = str;
    }

    public int getUsedTokenGeneratorHash() {
        return this.usedTokenGeneratorHash;
    }

    public void setUsedTokenGenerator(int i) {
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Performing Java 2 Security Permission Check ...");
                Tr.debug(tc, "Expecting : " + SETUSEDTOKENGENERATOR_PERM.toString());
            }
            securityManager.checkPermission(SETUSEDTOKENGENERATOR_PERM);
        }
        if (this.readOnly) {
            return;
        }
        this.usedTokenGeneratorHash = i;
    }

    public int getUsedTokenConsumerClass() {
        return this.usedTokenConsumerClass;
    }

    public int getUsedTokenConsumerHash() {
        return this.usedTokenConsumerHash;
    }

    public void setUsedTokenConsumer(int i, int i2) {
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Performing Java 2 Security Permission Check ...");
                Tr.debug(tc, "Expecting : " + SETUSEDTOKENCONSUMER_PERM.toString());
            }
            securityManager.checkPermission(SETUSEDTOKENCONSUMER_PERM);
        }
        if (this.readOnly) {
            return;
        }
        this.usedTokenConsumerHash = i;
        this.usedTokenConsumerClass = i2;
    }

    public String getKeyInfoUniqueID() {
        return this.keyInfoUniqueID;
    }

    public void setKeyInfoUniqueID(String str) {
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Performing Java 2 Security Permission Check ...");
                Tr.debug(tc, "Expecting : " + SETKEYINFOTYPE_PERM.toString());
            }
            securityManager.checkPermission(SETKEYINFOTYPE_PERM);
        }
        if (this.readOnly) {
            return;
        }
        this.keyInfoUniqueID = str;
    }

    public boolean isReadOnly() {
        return this.readOnly;
    }

    public void setReadOnly() {
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Performing Java 2 Security Permission Check ...");
                Tr.debug(tc, "Expecting : " + SETREADONLY_PERM.toString());
            }
            securityManager.checkPermission(SETREADONLY_PERM);
        }
        if (this.defaultImpl) {
            ((SecurityTokenImpl) this.securityToken).readOnly = true;
        }
        this.readOnly = true;
    }

    public boolean isReferenced() {
        return this.referenced;
    }

    public void setReferenced(boolean z) {
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Performing Java 2 Security Permission Check ...");
                Tr.debug(tc, "Expecting : " + SETREFERENCED_PERM.toString());
            }
            securityManager.checkPermission(SETREFERENCED_PERM);
        }
        if (this.readOnly) {
            return;
        }
        this.referenced = z;
    }

    public boolean isProcessed() {
        return this.processed;
    }

    public void setProcessed(boolean z) {
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Performing Java 2 Security Permission Check ...");
                Tr.debug(tc, "Expecting : " + SETPROCESSED_PERM.toString());
            }
            securityManager.checkPermission(SETPROCESSED_PERM);
        }
        if (this.readOnly) {
            return;
        }
        this.processed = z;
    }

    public SoapSecurityException getError() {
        return this.error;
    }

    public void setError(SoapSecurityException soapSecurityException) {
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Performing Java 2 Security Permission Check ...");
                Tr.debug(tc, "Expecting : " + SETERROR_PERM.toString());
            }
            securityManager.checkPermission(SETERROR_PERM);
        }
        if (this.readOnly) {
            return;
        }
        this.error = soapSecurityException;
    }

    public boolean isUsedToLogin() {
        return this.usedToLogin;
    }

    public void setUsedToLogin(boolean z) {
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Performing Java 2 Security Permission Check ...");
                Tr.debug(tc, "Expecting : " + SETUSEDTOLOGIN_PERM.toString());
            }
            securityManager.checkPermission(SETUSEDTOLOGIN_PERM);
        }
        if (this.readOnly) {
            return;
        }
        this.usedToLogin = z;
    }

    @Override // com.ibm.ws.wssecurity.wssapi.token.SecurityTokenWrapper
    public void setEndPoint(String str) {
        this.endPoint = str;
    }

    @Override // com.ibm.ws.wssecurity.wssapi.token.SecurityTokenWrapper
    public String getEndPoint() {
        return this.endPoint;
    }

    public OMElement getSignedSecurityTokenReference() {
        return this.str;
    }

    public void setSignedSecurityTokenReference(OMElement oMElement) {
        this.str = oMElement;
    }

    @Override // java.io.Externalizable
    public void readExternal(ObjectInput objectInput) throws IOException, ClassNotFoundException {
        if ("1.0".equals(ObjectStateUtils.readString(objectInput, "SecurityTokenWrapper.version"))) {
            this.wssapiLoginConfigName = ObjectStateUtils.readString(objectInput, "SecurityTokenWrapper.wssapiLoginConfigName");
            Object readObject = ObjectStateUtils.readObject(objectInput, "SecurityTokenWrapper.wssapiCallBackHandler");
            if (readObject != null) {
                this.wssapiCallbackHandler = (CallbackHandler) readObject;
            }
            this.wssapiReferenceType = objectInput.readInt();
            Object readObject2 = ObjectStateUtils.readObject(objectInput, "SecurityTokenWrapper.securityToken");
            if (readObject2 != null) {
                this.securityToken = (SecurityToken) readObject2;
            }
            this.keyInfoType = ObjectStateUtils.readString(objectInput, "SecurityTokenWrapper.keyInfoType");
            Object readObject3 = ObjectStateUtils.readObject(objectInput, "SecurityTokenWrapper.error");
            if (readObject3 != null) {
                this.error = (SoapSecurityException) readObject3;
            }
            this.usedTokenGeneratorHash = objectInput.readInt();
            this.usedTokenConsumerHash = objectInput.readInt();
            this.usedTokenConsumerClass = objectInput.readInt();
            this.referenced = objectInput.readBoolean();
            this.processed = objectInput.readBoolean();
            this.usedToLogin = objectInput.readBoolean();
            this.defaultImpl = objectInput.readBoolean();
            this.readOnly = objectInput.readBoolean();
            this.endPoint = objectInput.readUTF();
        }
    }

    @Override // java.io.Externalizable
    public void writeExternal(ObjectOutput objectOutput) throws IOException {
        ObjectStateUtils.writeString(objectOutput, "1.0", "SecurityTokenWrapper.version");
        ObjectStateUtils.writeString(objectOutput, this.wssapiLoginConfigName, "SecurityTokenWrapper.wssapiLoginConfigName");
        ObjectStateUtils.writeObject(objectOutput, this.wssapiCallbackHandler, "SecurityTokenWrapper.wssapiCallBackHandler");
        objectOutput.writeInt(this.wssapiReferenceType);
        ObjectStateUtils.writeObject(objectOutput, this.securityToken, "SecurityTokenWrapper.securityToken");
        ObjectStateUtils.writeString(objectOutput, this.keyInfoType, "SecurityTokenWrapper.keyInfoType");
        ObjectStateUtils.writeObject(objectOutput, this.error, "SecurityTokenWrapper.error");
        objectOutput.writeInt(this.usedTokenGeneratorHash);
        objectOutput.writeInt(this.usedTokenConsumerHash);
        objectOutput.writeInt(this.usedTokenConsumerClass);
        objectOutput.writeBoolean(this.referenced);
        objectOutput.writeBoolean(this.processed);
        objectOutput.writeBoolean(this.usedToLogin);
        objectOutput.writeBoolean(this.defaultImpl);
        objectOutput.writeBoolean(this.readOnly);
        objectOutput.writeUTF(this.endPoint);
    }

    static {
        referenceMap.put(65, KeyInfoConsumer.STRREF);
        referenceMap.put(66, KeyInfoConsumer.KEYID);
        referenceMap.put(67, KeyInfoConsumer.EMB);
        referenceMap.put(68, KeyInfoConsumer.THUMBPRINT);
        referenceMap.put(71, KeyInfoConsumer.X509ISSUER);
    }
}
