package com.ibm.ws.wssecurity.wssapi;

import com.ibm.websphere.management.application.AppConstants;
import com.ibm.websphere.wssecurity.callbackhandler.PropertyCallback;
import com.ibm.websphere.wssecurity.callbackhandler.SharedContextCallback;
import com.ibm.websphere.wssecurity.wssapi.WSSException;
import com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory;
import com.ibm.websphere.wssecurity.wssapi.XMLStructure;
import com.ibm.websphere.wssecurity.wssapi.decryption.WSSDecryption;
import com.ibm.websphere.wssecurity.wssapi.encryption.WSSEncryption;
import com.ibm.websphere.wssecurity.wssapi.signature.WSSSignature;
import com.ibm.websphere.wssecurity.wssapi.token.SAMLToken;
import com.ibm.websphere.wssecurity.wssapi.token.SecurityToken;
import com.ibm.websphere.wssecurity.wssapi.token.UsernameToken;
import com.ibm.websphere.wssecurity.wssapi.verification.WSSVerification;
import com.ibm.ws.wssecurity.common.WSSAlgorithmFactory;
import com.ibm.ws.wssecurity.platform.auth.WSSContext;
import com.ibm.ws.wssecurity.platform.auth.WSSContextFactory;
import com.ibm.ws.wssecurity.token.UTC;
import com.ibm.ws.wssecurity.util.Axis2Util;
import com.ibm.ws.wssecurity.util.ConfigUtil;
import com.ibm.ws.wssecurity.util.TokenUtils;
import com.ibm.ws.wssecurity.util.Tr;
import com.ibm.ws.wssecurity.util.TraceComponent;
import com.ibm.ws.wssecurity.wssapi.dec.impl.WSSDecryptionImpl;
import com.ibm.ws.wssecurity.wssapi.enc.impl.WSSEncryptionImpl;
import com.ibm.ws.wssecurity.wssapi.sig.impl.WSSSignatureImpl;
import com.ibm.ws.wssecurity.wssapi.token.impl.SecurityTokenManagerImpl;
import com.ibm.ws.wssecurity.wssapi.token.impl.SecurityTokenWrapper;
import com.ibm.ws.wssecurity.wssapi.token.impl.UNTGenerateLoginModule;
import com.ibm.ws.wssecurity.wssapi.token.impl.UsernameTokenImpl;
import com.ibm.ws.wssecurity.wssapi.verify.impl.WSSVerificationImpl;
import com.ibm.ws.wssecurity.xml.xss4j.AlgorithmFactory;
import com.ibm.ws.wssecurity.xml.xss4j.dsig.util.Base64;
import com.ibm.wsspi.wssecurity.core.Constants;
import com.ibm.wsspi.wssecurity.core.SoapSecurityException;
import com.ibm.wsspi.wssecurity.core.config.CallbackHandlerConfig;
import com.ibm.wsspi.wssecurity.core.config.TokenConsumerConfig;
import com.ibm.wsspi.wssecurity.core.config.TokenGeneratorConfig;
import com.ibm.wsspi.wssecurity.core.token.SecurityTokenManager;
import com.ibm.wsspi.wssecurity.wssapi.WSSTokenFactory;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.KeyStore;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.zip.GZIPOutputStream;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.xml.namespace.QName;
import org.apache.axiom.om.OMElement;
import org.apache.axis2.context.MessageContext;
import org.w3c.dom.Element;

/* loaded from: input_file:lib/com.ibm.jaxws.thinclient_9.0.jar:com/ibm/ws/wssecurity/wssapi/WSSUtil.class */
public class WSSUtil extends WSSUtilFactory {
    private static final String comp = "security.wssecurity";
    private static Map<String, String> tokenFactoryMap;
    private static final TraceComponent tc = Tr.register(WSSUtil.class, "Web Services Security", "com.ibm.ws.wssecurity.resources.wssmessages");
    private static final String clsName = WSSUtil.class.getName();
    private static AlgorithmFactory algorithmFactoryInstance = null;
    private static Map<String, String> tokenMap = new HashMap();

    public static SecurityToken newSecurityToken(Class cls) throws WSSException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "newSecurityToken(tokenClass[" + cls + "])");
        }
        if (cls == null) {
            throw WSSException.format("security.wssecurity.WSEC7011E", new String[]{"newSecurityToken"});
        }
        String name = cls.getName();
        String str = tokenMap.get(name);
        if (str == null) {
            str = name;
        }
        try {
            SecurityToken securityToken = (SecurityToken) Class.forName(str).newInstance();
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "newSecurityToken returns [" + (securityToken == null ? AppConstants.NULL_STRING : securityToken.getClass().getName()) + "]");
            }
            return securityToken;
        } catch (Exception e) {
            Tr.processException(e, clsName + ".newSecurityToken", "253");
            throw WSSException.format("security.wssecurity.WSEC7076E", str, e);
        }
    }

    public static SecurityToken newSecurityTokenForGnenerator(Class cls, CallbackHandler callbackHandler, String str, SecurityTokenManagerImpl securityTokenManagerImpl) throws WSSException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "newSecurityTokenForGnenerator(tokenClass[" + cls + "], loginConfigName[" + str + "])");
        }
        if (cls == null) {
            throw WSSException.format("security.wssecurity.WSEC7011E", new String[]{"newSecurityToken"});
        }
        SecurityToken securityToken = null;
        if (callbackHandler != null) {
            securityToken = getSharedToken(callbackHandler);
        }
        String str2 = null;
        if (securityToken == null) {
            String name = cls.getName();
            String str3 = tokenMap.get(name);
            str2 = tokenFactoryMap.get(name);
            if (str3 == null && str2 == null) {
                str3 = name;
            }
            if (str3 != null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "implClassName=" + str3);
                }
                try {
                    securityToken = (SecurityToken) Class.forName(str3).newInstance();
                } catch (ClassNotFoundException e) {
                    Tr.processException(e, clsName + ".newSecurityTokenForGnenerator", "313");
                    throw WSSException.format("security.wssecurity.WSEC7076E", str3, e);
                } catch (IllegalAccessException e2) {
                    Tr.processException(e2, clsName + ".newSecurityTokenForGnenerator", "307");
                    throw WSSException.format("security.wssecurity.WSEC7076E", str3, e2);
                } catch (InstantiationException e3) {
                    Tr.processException(e3, clsName + ".newSecurityTokenForGnenerator", "310");
                    throw WSSException.format("security.wssecurity.WSEC7076E", str3, e3);
                }
            }
        }
        if (securityToken != null && str == null) {
            str = DefaultValueManager.getInstance().getTokenMapping().get(securityToken.getValueType()).getJaasLoginConfigNameForGenerator();
            if (str == null) {
                throw WSSException.format("security.wssecurity.WSEC7077E");
            }
        }
        if (securityToken == null && str2 != null) {
            if (str == null) {
                throw WSSException.format("security.wssecurity.WSEC7077E");
            }
            try {
                WSSTokenFactory wSSTokenFactory = (WSSTokenFactory) Class.forName(str2).newInstance();
                if (wSSTokenFactory == null) {
                    throw WSSException.format("security.wssecurity.WSEC7011E", new String[]{str2});
                }
                securityToken = wSSTokenFactory.newSecurityToken(str, null, callbackHandler);
            } catch (ClassNotFoundException e4) {
                Tr.processException(e4, clsName + ".newSecurityTokenForGnenerator", "342");
                throw WSSException.format("security.wssecurity.WSEC7076E", str2, e4);
            } catch (IllegalAccessException e5) {
                Tr.processException(e5, clsName + ".newSecurityTokenForGnenerator", "336");
                throw WSSException.format("security.wssecurity.WSEC7076E", str2, e5);
            } catch (InstantiationException e6) {
                Tr.processException(e6, clsName + ".newSecurityTokenForGnenerator", "339");
                throw WSSException.format("security.wssecurity.WSEC7076E", str2, e6);
            }
        }
        securityTokenManagerImpl.addTokenWrapper(new SecurityTokenWrapper(securityToken, callbackHandler, str));
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "newSecurityTokenForGnenerator returns [" + (securityToken == null ? AppConstants.NULL_STRING : securityToken.getClass().getName()) + "]");
        }
        return securityToken;
    }

    public static SecurityToken newSecurityTokenForConsumer(Class cls, CallbackHandler callbackHandler, String str, SecurityTokenManagerImpl securityTokenManagerImpl) throws WSSException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "newSecurityTokenForConsumer(tokenClass[" + cls + "], loginConfigName[" + str + "])");
        }
        if (cls == null) {
            throw WSSException.format("security.wssecurity.WSEC7011E", new String[]{"newSecurityToken"});
        }
        SecurityToken securityToken = null;
        if (callbackHandler != null) {
            securityToken = getSharedToken(callbackHandler);
        }
        if (securityToken == null) {
            String name = cls.getName();
            String str2 = tokenMap.get(name);
            if (str2 == null) {
                str2 = name;
            }
            try {
                Class<?> cls2 = Class.forName(str2);
                if (cls2.isInterface()) {
                    cls2 = getSecurityTokenClass(securityTokenManagerImpl, cls);
                }
                securityToken = (SecurityToken) cls2.newInstance();
            } catch (ClassNotFoundException e) {
                Tr.processException(e, clsName + ".newSecurityTokenForConsumer", "402");
                throw WSSException.format("security.wssecurity.WSEC7076E", str2, e);
            } catch (IllegalAccessException e2) {
                Tr.processException(e2, clsName + ".newSecurityTokenForConsumer", "396");
                throw WSSException.format("security.wssecurity.WSEC7076E", str2, e2);
            } catch (InstantiationException e3) {
                Tr.processException(e3, clsName + ".newSecurityTokenForConsumer", "399");
                throw WSSException.format("security.wssecurity.WSEC7076E", str2, e3);
            }
        }
        if (str == null) {
            str = DefaultValueManager.getInstance().getTokenMapping().get(securityToken.getValueType()).getJaasLoginConfigNameForConsumer();
            if (str == null) {
                throw WSSException.format("security.wssecurity.WSEC7077E");
            }
        }
        securityTokenManagerImpl.addTokenWrapper(new SecurityTokenWrapper(securityToken, callbackHandler, str));
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "newSecurityTokenForConsumer returns [" + (securityToken == null ? AppConstants.NULL_STRING : securityToken.getClass().getName()) + "]");
        }
        return securityToken;
    }

    private static SecurityToken getSharedToken(CallbackHandler callbackHandler) throws WSSException {
        SharedContextCallback sharedContextCallback = new SharedContextCallback();
        SecurityToken securityToken = null;
        try {
            callbackHandler.handle(new Callback[]{sharedContextCallback});
            WSSDecryption wSSDecryption = sharedContextCallback.getWSSDecryption();
            WSSVerification wSSVerification = sharedContextCallback.getWSSVerification();
            if (wSSDecryption != null || wSSVerification != null) {
                if (wSSDecryption != null && (wSSDecryption instanceof WSSDecryptionImpl)) {
                    securityToken = ((WSSDecryptionImpl) wSSDecryption).getToken();
                }
                if (securityToken == null && wSSVerification != null && (wSSVerification instanceof WSSVerificationImpl)) {
                    securityToken = ((WSSVerificationImpl) wSSVerification).getToken();
                }
            }
            WSSEncryption wSSEncryption = sharedContextCallback.getWSSEncryption();
            WSSSignature wSSSignature = sharedContextCallback.getWSSSignature();
            if (wSSEncryption != null || wSSSignature != null) {
                if (wSSEncryption != null && (wSSEncryption instanceof WSSEncryptionImpl)) {
                    securityToken = ((WSSEncryptionImpl) wSSEncryption).getToken();
                }
                if (securityToken == null && wSSSignature != null && (wSSSignature instanceof WSSSignatureImpl)) {
                    securityToken = ((WSSSignatureImpl) wSSSignature).getToken();
                }
            }
            return securityToken;
        } catch (UnsupportedCallbackException e) {
            return null;
        } catch (Exception e2) {
            Tr.processException(e2, clsName + ".getSharedToken()", "443");
            throw WSSException.format("security.wssecurity.WSEC7076E", callbackHandler.getClass().getName(), e2);
        }
    }

    public static AlgorithmFactory getAlgorithmFactory() {
        if (algorithmFactoryInstance == null) {
            algorithmFactoryInstance = WSSAlgorithmFactory.getInstance();
        }
        return algorithmFactoryInstance;
    }

    public static boolean isStandAloneSecurityToken(SecurityToken securityToken) {
        return securityToken instanceof SAMLToken;
    }

    private static Class getSecurityTokenClass(SecurityTokenManagerImpl securityTokenManagerImpl, Class cls) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSecurityTokenClass(tokenClass[" + (cls == null ? AppConstants.NULL_STRING : cls.getName()) + "])");
        }
        Class cls2 = null;
        if (securityTokenManagerImpl != null && securityTokenManagerImpl.getTokenWrappers() != null) {
            Iterator<SecurityTokenWrapper> it = securityTokenManagerImpl.getTokenWrappers().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                SecurityToken securityToken = it.next().getSecurityToken();
                if (cls.isAssignableFrom(securityToken.getClass())) {
                    cls2 = securityToken.getClass();
                    break;
                }
                cls2 = cls;
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSecurityTokenClass returns [" + (cls2 == null ? AppConstants.NULL_STRING : cls2.getName()) + "])");
        }
        return cls2;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public String encode(byte[] bArr) {
        return Base64.encode(bArr);
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public byte[] decode(String str) {
        return Base64.decode(str);
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public byte[] decode(byte[] bArr) {
        return Base64.decode(bArr);
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public KeyStore getKeyStore(String str) throws WSSException {
        try {
            return ConfigUtil.getKeyStore(str);
        } catch (Exception e) {
            throw new WSSException(e);
        }
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public KeyStore getKeyStore(String str, String str2, char[] cArr) throws WSSException {
        KeyStore keyStore = null;
        String str3 = str2;
        try {
            String fileName = getFileName(str2);
            if (fileName != null) {
                str3 = fileName;
            }
        } catch (Exception e) {
        }
        try {
            keyStore = ConfigUtil.getKeyStore(str, str3, cArr);
        } catch (Exception e2) {
            new WSSException(e2);
        }
        return keyStore;
    }

    public String getFileName(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getFileName(name[" + str + "])");
        }
        String str2 = null;
        try {
            str2 = new File(str).toURL().getFile();
        } catch (Exception e) {
            Tr.processException(e, clsName + ".getFileName", "578");
        }
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getFileName returns [" + str2 + "]");
        }
        return str2;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public Map getHTTPRequestHeaders(MessageContext messageContext) {
        Map map = null;
        if (messageContext != null) {
            Object property = Axis2Util.getProperty(messageContext, MessageContext.TRANSPORT_HEADERS, false, false, true);
            if (property instanceof Map) {
                map = (Map) property;
            }
        }
        return map;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public Map getHTTPRequestHeaders(Map map) {
        Map map2 = null;
        if (map != null) {
            map2 = getHTTPRequestHeaders(getMessageContext(map));
        }
        return map2;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public Map getHTTPRequestHeaders(CallbackHandler callbackHandler) throws WSSException {
        Map map = null;
        if (callbackHandler != null) {
            map = getHTTPRequestHeaders(getMessageContext(callbackHandler));
        }
        return map;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public Map getWSSContext(CallbackHandler callbackHandler) throws WSSException {
        Map<Object, Object> map = null;
        PropertyCallback propertyCallback = new PropertyCallback(null);
        if (callbackHandler != null) {
            try {
                callbackHandler.handle(new Callback[]{propertyCallback});
            } catch (Exception e) {
                throw new WSSException(e);
            }
        }
        if (propertyCallback != null) {
            Map<Object, Object> properties = propertyCallback.getProperties();
            if (properties instanceof Map) {
                map = properties;
            }
        }
        return map;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public MessageContext getMessageContext(Map map) {
        MessageContext messageContext = null;
        if (map != null) {
            Object obj = map.get(Constants.WSSECURITY_MESSAGE_CONTEXT);
            if (obj instanceof MessageContext) {
                messageContext = (MessageContext) obj;
            }
        }
        return messageContext;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public MessageContext getMessageContext(CallbackHandler callbackHandler) throws WSSException {
        Map wSSContext;
        MessageContext messageContext = null;
        if (callbackHandler != null && (wSSContext = getWSSContext(callbackHandler)) != null) {
            messageContext = getMessageContext(wSSContext);
        }
        return messageContext;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public Map getCallbackHandlerProperties(CallbackHandler callbackHandler) throws WSSException {
        Map map = null;
        if (callbackHandler != null) {
            map = getCallbackHandlerProperties(getWSSContext(callbackHandler));
        }
        return map;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public Map getCallbackHandlerProperties(Map map) {
        CallbackHandlerConfig callbackHandlerConfig;
        Map<Object, Object> map2 = null;
        if (map != null && (callbackHandlerConfig = (CallbackHandlerConfig) map.get(CallbackHandlerConfig.CONFIG_KEY)) != null) {
            map2 = callbackHandlerConfig.getProperties();
        }
        return map2;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public OMElement getProcessingElement(Map map) {
        OMElement oMElement = null;
        if (map != null) {
            Object obj = map.get("com.ibm.ws.wssecurity.constants.processingElement");
            if (obj instanceof OMElement) {
                oMElement = (OMElement) obj;
            }
        }
        return oMElement;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public Element getDOMProcessingElement(Map map) {
        Element element = null;
        if (map != null) {
            Object obj = map.get(Constants.DOM_PROCESSING_ELEMENT);
            if (obj instanceof Element) {
                element = (Element) obj;
            }
        }
        return element;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public void setConsumedToken(Map map, SecurityToken securityToken) {
        SecurityTokenManager securityTokenManager;
        if (securityToken != null) {
            if (map != null && (securityTokenManager = (SecurityTokenManager) map.get(Constants.WSSECURITY_SECURITY_TOKEN_MANAGER)) != null) {
                securityTokenManager.addToken(securityToken);
            }
            ArrayList arrayList = new ArrayList();
            arrayList.add(securityToken);
            map.put(Constants.WSSECURITY_TOKEN_PROCESSED, arrayList);
        }
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public void setConsumedToken(Map map, List list) {
        SecurityTokenManager securityTokenManager;
        if (list != null) {
            if (map != null && (securityTokenManager = (SecurityTokenManager) map.get(Constants.WSSECURITY_SECURITY_TOKEN_MANAGER)) != null) {
                int size = list.size();
                for (int i = 0; i < size; i++) {
                    securityTokenManager.addToken((SecurityToken) list.get(i));
                }
            }
            map.put(Constants.WSSECURITY_TOKEN_PROCESSED, list);
        }
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public void setGeneratedToken(Map map, SecurityToken securityToken) {
        SecurityTokenManager securityTokenManager;
        if (securityToken != null) {
            if (map != null && (securityTokenManager = (SecurityTokenManager) map.get(Constants.WSSECURITY_SECURITY_TOKEN_MANAGER)) != null) {
                securityTokenManager.addToken(securityToken);
            }
            ArrayList arrayList = new ArrayList();
            arrayList.add(securityToken);
            map.put(Constants.WSSECURITY_TOKEN_TO_BE_INSERTED, arrayList);
        }
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public void setGeneratedToken(Map map, List list) {
        SecurityTokenManager securityTokenManager;
        if (list != null) {
            if (map != null && (securityTokenManager = (SecurityTokenManager) map.get(Constants.WSSECURITY_SECURITY_TOKEN_MANAGER)) != null) {
                int size = list.size();
                for (int i = 0; i < size; i++) {
                    securityTokenManager.addToken((SecurityToken) list.get(i));
                }
            }
            map.put(Constants.WSSECURITY_TOKEN_TO_BE_INSERTED, list);
        }
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public List getConsumedTokens(Map map) {
        Object obj;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getConsumedTokens(WSSContext[" + ConfigUtil.getObjState(map) + "])");
        }
        List list = null;
        if (map != null && (obj = map.get(Constants.WSSECURITY_TOKEN_PROCESSED)) != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Entry exists");
            }
            if (obj instanceof List) {
                list = (List) obj;
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Entry is not an instance of a List");
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getConsumedTokens returns [" + ConfigUtil.getObjState(list) + "]");
        }
        return list;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public TokenConsumerConfig getTokenConsumerConfig(Map map) {
        TokenConsumerConfig tokenConsumerConfig = null;
        if (map != null) {
            tokenConsumerConfig = (TokenConsumerConfig) map.get(TokenConsumerConfig.CONFIG_KEY);
        }
        return tokenConsumerConfig;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public TokenGeneratorConfig getTokenGeneratorConfig(Map map) {
        TokenGeneratorConfig tokenGeneratorConfig = null;
        if (map != null) {
            tokenGeneratorConfig = (TokenGeneratorConfig) map.get(TokenGeneratorConfig.CONFIG_KEY);
        }
        return tokenGeneratorConfig;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public boolean isServiceProvider() throws SoapSecurityException {
        MessageContext messageContext;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isServiceProvider");
        }
        boolean z = false;
        Map wssContext = ConfigUtil.getWssContext();
        if (wssContext != null && (messageContext = getMessageContext(wssContext)) != null) {
            z = Axis2Util.isServiceProvider(messageContext);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "isServiceProvider returns [" + z + "]");
        }
        return z;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public String digestPassword(byte[] bArr, Date date, char[] cArr) throws LoginException {
        String str = null;
        if (bArr != null && bArr.length != 0) {
            str = encode(bArr);
        }
        String str2 = null;
        if (date != null) {
            str2 = UTC.format(date);
        }
        return digestPassword(str, str2, cArr);
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public String digestPassword(String str, String str2, char[] cArr) throws LoginException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "digestPassword");
        }
        String digestPassword = UNTGenerateLoginModule.digestPassword(str, str2, cArr);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "digestPassword returns [" + digestPassword + "]");
        }
        return digestPassword;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public boolean verifyDigestedPassword(UsernameToken usernameToken, char[] cArr) throws LoginException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "verifyDigestedPassword(unt[" + ConfigUtil.getObjType(usernameToken) + "],passwordToCompare)");
        }
        boolean z = false;
        if (usernameToken != null && (usernameToken instanceof UsernameTokenImpl)) {
            z = ((UsernameTokenImpl) usernameToken).verifyDigestedPassword(cArr);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "verifyDigestedPassword returns [" + z + "]");
        }
        return z;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public SAMLToken getSaml20Token() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSaml20Token()");
        }
        SAMLToken sAMLToken = null;
        SecurityToken tokenFromSubject = getTokenFromSubject(new QName("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0"));
        if (tokenFromSubject != null && (tokenFromSubject instanceof SAMLToken)) {
            sAMLToken = (SAMLToken) tokenFromSubject;
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSaml20Token returns [" + ConfigUtil.getObjState(sAMLToken) + "]");
        }
        return sAMLToken;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public SecurityToken getTokenFromSubject(QName qName) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getTokenFromSubject(qname[" + qName + "])");
        }
        SecurityToken securityToken = null;
        try {
            securityToken = TokenUtils.getOneTokenFromSubject(getRunAsSubject(), qName);
        } catch (Exception e) {
            Tr.processException(e, clsName + ".getTokenFromSubject", "959");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Retrieving runas subject and security token encountered an error [", e.getLocalizedMessage() + "]");
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getTokenFromSubject returns [" + ConfigUtil.getObjState(securityToken) + "]");
        }
        return securityToken;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public String getBase64EncodedSaml20Token(boolean z) {
        String xml;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getBase64EncodedSaml20Token(compress[" + z + "])");
        }
        String str = null;
        SAMLToken saml20Token = getSaml20Token();
        if (saml20Token != null && (xml = getXML(saml20Token)) != null) {
            str = getBase64EncodedSamlToken(xml, z);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getBase64EncodedSaml20Token returns [" + str + "]");
        }
        return str;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public String getBase64EncodedSamlToken(String str, boolean z) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getBase64EncodedSamlToken(xml[" + str + "], compress[" + z + "])");
        }
        String str2 = null;
        byte[] bArr = null;
        if (str != null) {
            if (z) {
                bArr = compressSamlToken(str);
            } else {
                try {
                    bArr = str.getBytes("UTF-8");
                } catch (UnsupportedEncodingException e) {
                    Tr.processException(e, clsName + ".getBase64EncodedSamlToken", "1011");
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Cannot base64 encode the token due to [" + e.getLocalizedMessage() + "]");
                    }
                }
            }
            if (bArr != null && bArr.length > 0) {
                str2 = encode(bArr);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getBase64EncodedSamlToken returns [" + str2 + "]");
        }
        return str2;
    }

    private byte[] compressSamlToken(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "compressSamlToken");
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            GZIPOutputStream gZIPOutputStream = new GZIPOutputStream(byteArrayOutputStream);
            byte[] bArr = null;
            if (str != null) {
                try {
                    bArr = str.getBytes("UTF-8");
                } catch (UnsupportedEncodingException e) {
                    Tr.processException(e, clsName + ".compressSamlToken", "1044");
                }
            }
            if (bArr != null) {
                gZIPOutputStream.write(bArr);
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Error while trying to get token bytes using utf-8:");
            }
            gZIPOutputStream.close();
        } catch (IOException e2) {
            Tr.processException(e2, clsName + ".compressSamlToken", "1058");
            Tr.warning(tc, "Error extracting saml token from subject: [" + e2.getLocalizedMessage() + "]");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "compressSamlToken");
        }
        return byteArrayOutputStream.toByteArray();
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public OMElement getTokenElement(SecurityToken securityToken) {
        XMLStructure xml;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getTokenElement(token[" + ConfigUtil.getObjType(securityToken) + "])");
        }
        OMElement oMElement = null;
        if (securityToken != null && (xml = securityToken.getXML()) != null) {
            oMElement = ((com.ibm.wsspi.wssecurity.wssapi.OMStructure) xml).getNode();
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getTokenElement returns [" + ConfigUtil.getObjState(oMElement) + "]");
        }
        return oMElement;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public String getXML(SecurityToken securityToken) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getXML(SecurityToken token) ", securityToken.getId());
        }
        String str = null;
        OMElement tokenElement = getTokenElement(securityToken);
        if (tokenElement != null) {
            str = tokenElement.toString();
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getXML(SecurityToken) returns [" + str + "]");
        }
        return str;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory
    public Subject getRunAsSubject() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getRunAsSubject()");
        }
        WSSContext wSSContextFactory = WSSContextFactory.getInstance();
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "secContext[" + wSSContextFactory.toString() + "]");
        }
        Subject subject = null;
        if (wSSContextFactory != null) {
            try {
                subject = wSSContextFactory.getRunAsSubject();
            } catch (SoapSecurityException e) {
                Tr.processException(e, clsName + ".getRunAsSubject", "1129");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "getRunAsSubject encountered an error retrieving the runAs subject [" + e.getLocalizedMessage() + "]");
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getRunAsSubject() returns [" + ConfigUtil.getObjState(subject) + "]");
        }
        return subject;
    }

    static {
        tokenMap.put("com.ibm.websphere.wssecurity.wssapi.token.UsernameToken", "com.ibm.ws.wssecurity.wssapi.token.impl.UsernameTokenImpl");
        tokenMap.put("com.ibm.websphere.wssecurity.wssapi.token.X509Token", "com.ibm.ws.wssecurity.wssapi.token.impl.X509TokenImpl");
        tokenMap.put("com.ibm.websphere.wssecurity.wssapi.token.X509PKCS7Token", "com.ibm.ws.wssecurity.wssapi.token.impl.X509PKCS7TokenImpl");
        tokenMap.put("com.ibm.websphere.wssecurity.wssapi.token.X509PKIPathToken", "com.ibm.ws.wssecurity.wssapi.token.impl.X509PKIPathTokenImpl");
        tokenMap.put("com.ibm.websphere.wssecurity.wssapi.token.LTPAToken", "com.ibm.ws.wssecurity.wssapi.token.impl.LTPATokenImpl");
        tokenMap.put("com.ibm.websphere.wssecurity.wssapi.token.LTPAPropagationToken", "com.ibm.ws.wssecurity.wssapi.token.impl.LTPAPropagationTokenImpl");
        tokenMap.put("com.ibm.websphere.wssecurity.wssapi.token.DerivedKeyToken", "com.ibm.ws.wssecurity.wssapi.token.impl.DKToken");
        tokenMap.put("com.ibm.websphere.wssecurity.wssapi.token.SecurityContextToken", "com.ibm.ws.wssecurity.wssapi.token.impl.SCT");
        tokenMap.put("com.ibm.websphere.wssecurity.wssapi.token.SecurityContextToken13", "com.ibm.ws.wssecurity.wssapi.token.impl.SCT13");
        tokenMap.put("com.ibm.websphere.wssecurity.wssapi.token.KRB5_APREQToken", "com.ibm.ws.wssecurity.wssapi.token.impl.KRB5_APREQTokenImpl");
        tokenMap.put("com.ibm.websphere.wssecurity.wssapi.token.KRB5_APREQ1510Token", "com.ibm.ws.wssecurity.wssapi.token.impl.KRB5_APREQ1510TokenImpl");
        tokenMap.put("com.ibm.websphere.wssecurity.wssapi.token.KRB5_APREQ4120Token", "com.ibm.ws.wssecurity.wssapi.token.impl.KRB5_APREQ4120TokenImpl");
        tokenMap.put("com.ibm.websphere.wssecurity.wssapi.token.KRB5_GSSAPREQToken", "com.ibm.ws.wssecurity.wssapi.token.impl.KRB5_GSSAPREQTokenImpl");
        tokenMap.put("com.ibm.websphere.wssecurity.wssapi.token.KRB5_GSSAPREQ1510Token", "com.ibm.ws.wssecurity.wssapi.token.impl.KRB5_GSSAPREQ1510TokenImpl");
        tokenMap.put("com.ibm.websphere.wssecurity.wssapi.token.KRB5_GSSAPREQ4120Token", "com.ibm.ws.wssecurity.wssapi.token.impl.KRB5_GSSAPREQ4120TokenImpl");
        tokenMap.put("com.ibm.websphere.wssecurity.wssapi.token.LTPAv2Token", "com.ibm.ws.wssecurity.wssapi.token.impl.LTPAv2TokenImpl");
        tokenMap.put("com.ibm.websphere.wssecurity.wssapi.token.GenericSecurityToken", "com.ibm.ws.wssecurity.wssapi.token.impl.GenericSecurityTokenImpl");
        tokenFactoryMap = new HashMap();
        tokenFactoryMap.put("com.ibm.websphere.wssecurity.wssapi.token.SAMLToken", "com.ibm.ws.wssecurity.wssapi.token.impl.SAMLWSSTokenFactory");
    }
}
