package com.ibm.ws.wssecurity.util;

import com.ibm.websphere.wssecurity.wssapi.token.SecurityToken;
import com.ibm.websphere.wssecurity.wssapi.token.UsernameToken;
import com.ibm.ws.wssecurity.platform.auth.WSSContext;
import com.ibm.ws.wssecurity.platform.auth.WSSContextManagerFactory;
import com.ibm.ws.wssecurity.wssapi.token.SecurityTokenWrapper;
import com.ibm.wsspi.wssecurity.core.SoapSecurityException;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.Iterator;
import java.util.Set;
import javax.security.auth.Subject;
import org.apache.axis2.context.MessageContext;

/* loaded from: input_file:lib/com.ibm.jaxws.thinclient_9.0.jar:com/ibm/ws/wssecurity/util/UNTokenCacheUtil.class */
public class UNTokenCacheUtil {
    private static final TraceComponent tc = Tr.register(UNTokenCacheUtil.class, "Web Services Security", "com.ibm.ws.wssecurity.resources.wssmessages");
    private static final String CLS_NAME = UNTokenCacheUtil.class.getName();
    private static final String comp = "security.wssecurity";

    public static void invalidatetUNTokenFromCache(final MessageContext messageContext) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "invalidatetUNTokenFromCache(MessageContext mCtx)");
        }
        Subject subject = null;
        try {
            WSSContext serializableContext = WSSContextManagerFactory.getInstance().getSerializableContext();
            if (serializableContext != null) {
                subject = serializableContext.getRunAsSubject(messageContext);
            }
        } catch (SoapSecurityException e) {
            if (tc.isDebugEnabled()) {
                Tr.error(tc, "SOAP Security Exception caught while trying to get the context " + e.getMessage());
            }
        }
        final Subject subject2 = subject;
        AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: com.ibm.ws.wssecurity.util.UNTokenCacheUtil.1
            @Override // java.security.PrivilegedAction
            public Object run() {
                try {
                    Set set = null;
                    if (subject2 != null) {
                        set = subject2.getPrivateCredentials(SecurityTokenWrapper.class);
                    }
                    if (set != null && !set.isEmpty()) {
                        SecurityTokenWrapper securityTokenWrapper = null;
                        SecurityToken securityToken = null;
                        Iterator it = set.iterator();
                        while (true) {
                            if (!it.hasNext()) {
                                break;
                            }
                            if (UNTokenCacheUtil.tc.isDebugEnabled()) {
                                Tr.debug(UNTokenCacheUtil.tc, "checking token");
                            }
                            securityTokenWrapper = (SecurityTokenWrapper) it.next();
                            SecurityToken securityToken2 = securityTokenWrapper.getSecurityToken();
                            if (securityToken2 != null && (securityToken2 instanceof UsernameToken) && securityTokenWrapper.getEndPoint() != null && securityTokenWrapper.getEndPoint().length() > 0 && messageContext.getTo().getAddress() != null && messageContext.getTo().getAddress().equals(securityTokenWrapper.getEndPoint())) {
                                securityToken = securityToken2;
                                break;
                            }
                        }
                        if (securityToken != null) {
                            if (UNTokenCacheUtil.tc.isDebugEnabled()) {
                                Tr.debug(UNTokenCacheUtil.tc, "Token found in subject, removing from token cache");
                            }
                            subject2.getPrivateCredentials().remove(securityTokenWrapper);
                        } else if (UNTokenCacheUtil.tc.isDebugEnabled()) {
                            Tr.debug(UNTokenCacheUtil.tc, "Token NOT found in subject!");
                        }
                    } else if (UNTokenCacheUtil.tc.isDebugEnabled()) {
                        Tr.debug(UNTokenCacheUtil.tc, "invalid token wrapper set from subject");
                    }
                    return null;
                } catch (Exception e2) {
                    if (!UNTokenCacheUtil.tc.isDebugEnabled()) {
                        return null;
                    }
                    Tr.error(UNTokenCacheUtil.tc, "Exception caught while remove UsernameToken(s) from the cache " + e2.getMessage());
                    return null;
                }
            }
        });
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "invalidatetUNTokenFromCache(MessageContext mCtx)");
        }
    }
}
