package com.sun.xml.wss.filter;

import com.sun.xml.wss.MessageFilter;
import com.sun.xml.wss.SamlAssertionHeaderBlock;
import com.sun.xml.wss.SecurableSoapMessage;
import com.sun.xml.wss.SecurityHeader;
import com.sun.xml.wss.SignatureHeaderBlock;
import com.sun.xml.wss.XWSSecurityException;
import com.sun.xml.wss.saml.assertion.Assertion;
import com.sun.xml.wss.saml.common.SAMLException;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import javax.xml.soap.SOAPElement;

/* loaded from: input_file:119166-12/SUNWascmn/reloc/appserver/lib/appserv-rt.jar:com/sun/xml/wss/filter/ExportSamlAssertionFilter.class */
public class ExportSamlAssertionFilter extends FilterBase implements MessageFilter {
    private Assertion assertion_;
    private String aliasForSigning;

    public ExportSamlAssertionFilter(Assertion assertion) throws XWSSecurityException {
        this.assertion_ = null;
        this.aliasForSigning = null;
        if (null == assertion) {
            throw new XWSSecurityException("Assertion may not be null.");
        }
        this.assertion_ = assertion;
    }

    public ExportSamlAssertionFilter(Assertion assertion, String str) throws XWSSecurityException {
        this.assertion_ = null;
        this.aliasForSigning = null;
        if (null == assertion) {
            throw new XWSSecurityException("Assertion may not be null.");
        }
        this.assertion_ = assertion;
        this.aliasForSigning = str;
    }

    @Override // com.sun.xml.wss.MessageFilter
    public void process(SecurableSoapMessage securableSoapMessage) throws XWSSecurityException {
        SecurityHeader findOrCreateSecurityHeader = securableSoapMessage.findOrCreateSecurityHeader();
        try {
            SamlAssertionHeaderBlock samlAssertionHeaderBlock = new SamlAssertionHeaderBlock((SOAPElement) this.assertion_.toElement(securableSoapMessage.getSOAPPart(), (short) this.assertion_.getMinorVersion()));
            PrivateKey privateKey = null;
            SignatureHeaderBlock signatureHeaderBlock = null;
            if (this.aliasForSigning != null) {
                X509Certificate certificate = securableSoapMessage.getSecurityEnvironment().getCertificate(this.aliasForSigning, true);
                privateKey = securableSoapMessage.getSecurityEnvironment().getPrivateKey(certificate);
                signatureHeaderBlock = samlAssertionHeaderBlock.addSignature(certificate, privateKey, "RSA", securableSoapMessage);
            }
            findOrCreateSecurityHeader.insertHeaderBlock(samlAssertionHeaderBlock);
            if (signatureHeaderBlock != null) {
                signatureHeaderBlock.sign(privateKey);
            }
            securableSoapMessage.setToken(this.assertion_.getAssertionID(), samlAssertionHeaderBlock);
        } catch (SAMLException e) {
            throw new XWSSecurityException(e);
        }
    }
}
