package com.sun.xml.wss.impl;

import com.sun.org.apache.xml.security.utils.Base64;
import com.sun.xml.wss.SecurityEnvironment;
import com.sun.xml.wss.XWSSecurityException;
import com.sun.xml.wss.impl.callback.CertificateValidationCallback;
import com.sun.xml.wss.impl.callback.DecryptionKeyCallback;
import com.sun.xml.wss.impl.callback.EncryptionKeyCallback;
import com.sun.xml.wss.impl.callback.PasswordCallback;
import com.sun.xml.wss.impl.callback.PasswordValidationCallback;
import com.sun.xml.wss.impl.callback.PrefixNamespaceMappingCallback;
import com.sun.xml.wss.impl.callback.PropertyCallback;
import com.sun.xml.wss.impl.callback.SignatureKeyCallback;
import com.sun.xml.wss.impl.callback.SignatureVerificationKeyCallback;
import com.sun.xml.wss.impl.callback.UsernameCallback;
import java.math.BigInteger;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Calendar;
import java.util.Date;
import java.util.GregorianCalendar;
import java.util.Properties;
import java.util.Timer;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.crypto.SecretKey;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.x500.X500Principal;

/* loaded from: input_file:119166-13/SUNWascmn/reloc/appserver/lib/appserv-rt.jar:com/sun/xml/wss/impl/DefaultSecurityEnvironmentImpl.class */
public class DefaultSecurityEnvironmentImpl implements SecurityEnvironment {
    CallbackHandler callbackHandler;
    long MAX_CLOCK_SKEW = 60000;
    long MAX_NONCE_AGE = 7200000;
    long TIMESTAMP_FRESHNESS_LIMIT = 300000;
    private boolean timeRelatedDefaultsUpdated = false;
    NonceCache nonceCache = null;
    final boolean USE_DAEMON_THREAD = true;
    final Timer nonceCleanupTimer = new Timer(true);
    protected static Logger log = Logger.getLogger("javax.enterprise.resource.webservices.security", "com.sun.xml.wss.LogStrings");
    private static final SimpleDateFormat calendarFormatter1 = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");
    private static final SimpleDateFormat calendarFormatter2 = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'.'sss'Z'");

    public DefaultSecurityEnvironmentImpl(CallbackHandler callbackHandler) {
        this.callbackHandler = callbackHandler;
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public X509Certificate getDefaultCertificate() throws XWSSecurityException {
        SignatureKeyCallback.DefaultPrivKeyCertRequest defaultPrivKeyCertRequest = new SignatureKeyCallback.DefaultPrivKeyCertRequest();
        try {
            this.callbackHandler.handle(new Callback[]{new SignatureKeyCallback(defaultPrivKeyCertRequest)});
            X509Certificate x509Certificate = defaultPrivKeyCertRequest.getX509Certificate();
            if (x509Certificate != null) {
                return x509Certificate;
            }
            log.log(Level.SEVERE, "WSS0218.cannot.locate.default.cert");
            throw new XWSSecurityException("Unable to locate a default certificate");
        } catch (Exception e) {
            log.log(Level.SEVERE, "WSS0216.callbackhandler.handle.exception", new Object[]{"SignatureKeyCallback.DefaultPrivKeyCertRequest"});
            log.log(Level.SEVERE, "WSS0217.callbackhandler.handle.exception.log", (Throwable) e);
            throw new XWSSecurityException(e);
        }
    }

    public PrivateKey getDefaultPrivateKey() throws XWSSecurityException {
        SignatureKeyCallback.DefaultPrivKeyCertRequest defaultPrivKeyCertRequest = new SignatureKeyCallback.DefaultPrivKeyCertRequest();
        try {
            this.callbackHandler.handle(new Callback[]{new SignatureKeyCallback(defaultPrivKeyCertRequest)});
            PrivateKey privateKey = defaultPrivKeyCertRequest.getPrivateKey();
            if (privateKey != null) {
                return privateKey;
            }
            log.log(Level.SEVERE, "WSS0219.cannot.locate.default.privkey");
            throw new XWSSecurityException("Unable to locate a default certificate");
        } catch (Exception e) {
            log.log(Level.SEVERE, "WSS0216.callbackhandler.handle.exception", new Object[]{"SignatureKeyCallback.DefaultPrivKeyCertRequest"});
            log.log(Level.SEVERE, "WSS0217.callbackhandler.handle.exception.log", (Throwable) e);
            throw new XWSSecurityException(e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public SecretKey getSecretKey(String str, boolean z) throws XWSSecurityException {
        SecretKey symmetricKey;
        if (z) {
            EncryptionKeyCallback.AliasSymmetricKeyRequest aliasSymmetricKeyRequest = new EncryptionKeyCallback.AliasSymmetricKeyRequest(str);
            try {
                this.callbackHandler.handle(new Callback[]{new EncryptionKeyCallback(aliasSymmetricKeyRequest)});
                symmetricKey = aliasSymmetricKeyRequest.getSymmetricKey();
            } catch (Exception e) {
                log.log(Level.SEVERE, "WSS0216.callbackhandler.handle.exception", new Object[]{"EncryptionKeyCallback.AliasSymmetricKeyRequest"});
                log.log(Level.SEVERE, "WSS0217.callbackhandler.handle.exception.log", (Throwable) e);
                throw new XWSSecurityException(e);
            }
        } else {
            DecryptionKeyCallback.AliasSymmetricKeyRequest aliasSymmetricKeyRequest2 = new DecryptionKeyCallback.AliasSymmetricKeyRequest(str);
            try {
                this.callbackHandler.handle(new Callback[]{new DecryptionKeyCallback(aliasSymmetricKeyRequest2)});
                symmetricKey = aliasSymmetricKeyRequest2.getSymmetricKey();
            } catch (Exception e2) {
                log.log(Level.SEVERE, "WSS0216.callbackhandler.handle.exception", new Object[]{"DecryptionKeyCallback.AliasSymmetricKeyRequest"});
                log.log(Level.SEVERE, "WSS0217.callbackhandler.handle.exception.log", (Throwable) e2);
                throw new XWSSecurityException(e2);
            }
        }
        if (symmetricKey != null) {
            return symmetricKey;
        }
        log.log(Level.SEVERE, "WSS0220.cannot.locate.symmetrickey.for.decrypt");
        throw new XWSSecurityException(new StringBuffer().append("Could not locate the symmetric key for alias ").append(str).toString());
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public X509Certificate getCertificate(String str, boolean z) throws XWSSecurityException {
        X509Certificate x509Certificate;
        if (str == null && z) {
            return getDefaultCertificate();
        }
        if (z) {
            SignatureKeyCallback.AliasPrivKeyCertRequest aliasPrivKeyCertRequest = new SignatureKeyCallback.AliasPrivKeyCertRequest(str);
            try {
                this.callbackHandler.handle(new Callback[]{new SignatureKeyCallback(aliasPrivKeyCertRequest)});
                x509Certificate = aliasPrivKeyCertRequest.getX509Certificate();
            } catch (Exception e) {
                log.log(Level.SEVERE, "WSS0216.callbackhandler.handle.exception", new Object[]{"SignatureKeyCallback.AliasPrivKeyCertRequest"});
                log.log(Level.SEVERE, "WSS0217.callbackhandler.handle.exception.log", (Throwable) e);
                throw new XWSSecurityException(e);
            }
        } else {
            EncryptionKeyCallback.AliasX509CertificateRequest aliasX509CertificateRequest = new EncryptionKeyCallback.AliasX509CertificateRequest(str);
            try {
                this.callbackHandler.handle(new Callback[]{new EncryptionKeyCallback(aliasX509CertificateRequest)});
                x509Certificate = aliasX509CertificateRequest.getX509Certificate();
            } catch (Exception e2) {
                log.log(Level.SEVERE, "WSS0216.callbackhandler.handle.exception", new Object[]{"EncryptionKeyCallback.AliasX509CertificateRequest"});
                log.log(Level.SEVERE, "WSS0217.callbackhandler.handle.exception.log", (Throwable) e2);
                throw new XWSSecurityException(e2);
            }
        }
        if (x509Certificate != null) {
            return x509Certificate;
        }
        log.log(Level.SEVERE, "WSS0221.cannot.locate.cert", new Object[]{z ? "Signature" : "Key Ecnryption"});
        throw new XWSSecurityException(new StringBuffer().append("Unable to locate certificate for the alias ").append(str).toString());
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public X509Certificate getCertificate(PublicKey publicKey) throws XWSSecurityException {
        throw new XWSSecurityException("getCertificate(PublicKey) has not been implemented currently");
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public PrivateKey getPrivateKey(String str) throws XWSSecurityException {
        if (str == null) {
            return getDefaultPrivateKey();
        }
        SignatureKeyCallback.AliasPrivKeyCertRequest aliasPrivKeyCertRequest = new SignatureKeyCallback.AliasPrivKeyCertRequest(str);
        try {
            this.callbackHandler.handle(new Callback[]{new SignatureKeyCallback(aliasPrivKeyCertRequest)});
            PrivateKey privateKey = aliasPrivKeyCertRequest.getPrivateKey();
            if (privateKey != null) {
                return privateKey;
            }
            log.log(Level.SEVERE, "WSS0222.cannot.locate.privkey", new Object[]{str});
            throw new XWSSecurityException(new StringBuffer().append("Unable to locate private key for the alias ").append(str).toString());
        } catch (Exception e) {
            log.log(Level.SEVERE, "WSS0216.callbackhandler.handle.exception", new Object[]{"SignatureKeyCallback.AliasPrivKeyCertRequest"});
            log.log(Level.SEVERE, "WSS0217.callbackhandler.handle.exception.log", (Throwable) e);
            throw new XWSSecurityException(e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public PrivateKey getPrivateKey(byte[] bArr) throws XWSSecurityException {
        DecryptionKeyCallback.X509SubjectKeyIdentifierBasedRequest x509SubjectKeyIdentifierBasedRequest = new DecryptionKeyCallback.X509SubjectKeyIdentifierBasedRequest(bArr);
        try {
            this.callbackHandler.handle(new Callback[]{new DecryptionKeyCallback(x509SubjectKeyIdentifierBasedRequest)});
            PrivateKey privateKey = x509SubjectKeyIdentifierBasedRequest.getPrivateKey();
            if (privateKey != null) {
                return privateKey;
            }
            log.log(Level.SEVERE, "WSS0222.cannot.locate.privkey", new Object[]{bArr});
            throw new XWSSecurityException(new StringBuffer().append("No Matching private key for ").append(Base64.encode(bArr)).append(" subject key identifier found").toString());
        } catch (Exception e) {
            log.log(Level.SEVERE, "WSS0216.callbackhandler.handle.exception", new Object[]{"DecryptionKeyCallback.X509SubjectKeyIdentifierBasedRequest"});
            log.log(Level.SEVERE, "WSS0217.callbackhandler.handle.exception.log", (Throwable) e);
            throw new XWSSecurityException(e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public PrivateKey getPrivateKey(X509Certificate x509Certificate) throws XWSSecurityException {
        DecryptionKeyCallback.X509CertificateBasedRequest x509CertificateBasedRequest = new DecryptionKeyCallback.X509CertificateBasedRequest(x509Certificate);
        try {
            this.callbackHandler.handle(new Callback[]{new DecryptionKeyCallback(x509CertificateBasedRequest)});
            PrivateKey privateKey = x509CertificateBasedRequest.getPrivateKey();
            if (privateKey != null) {
                return privateKey;
            }
            log.log(Level.SEVERE, "WSS0222.cannot.locate.privkey", new Object[]{"given certificate"});
            throw new XWSSecurityException("Could not retrieve private Key matching the given certificate");
        } catch (Exception e) {
            log.log(Level.SEVERE, "WSS0216.callbackhandler.handle.exception", new Object[]{"DecryptionKeyCallback.X509CertificateBasedRequest"});
            log.log(Level.SEVERE, "WSS0217.callbackhandler.handle.exception.log", (Throwable) e);
            throw new XWSSecurityException(e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public PrivateKey getPrivateKey(BigInteger bigInteger, String str) throws XWSSecurityException {
        DecryptionKeyCallback.X509IssuerSerialBasedRequest x509IssuerSerialBasedRequest = new DecryptionKeyCallback.X509IssuerSerialBasedRequest(str, bigInteger);
        try {
            this.callbackHandler.handle(new Callback[]{new DecryptionKeyCallback(x509IssuerSerialBasedRequest)});
            PrivateKey privateKey = x509IssuerSerialBasedRequest.getPrivateKey();
            if (privateKey != null) {
                return privateKey;
            }
            log.log(Level.SEVERE, "WSS0222.cannot.locate.privkey", new Object[]{new StringBuffer().append(bigInteger).append(":").append(str).toString()});
            throw new XWSSecurityException(new StringBuffer().append("No Matching private key for serial number ").append(bigInteger).append(" and issuer name ").append(str).append(" found").toString());
        } catch (Exception e) {
            log.log(Level.SEVERE, "WSS0216.callbackhandler.handle.exception", new Object[]{"DecryptionKeyCallback.X509IssuerSerialBasedRequest"});
            log.log(Level.SEVERE, "WSS0217.callbackhandler.handle.exception.log", (Throwable) e);
            throw new XWSSecurityException(e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public PrivateKey getPrivateKey(PublicKey publicKey) throws XWSSecurityException {
        throw new UnsupportedOperationException("This method has not been implemented currently");
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public PublicKey getPublicKey(byte[] bArr) throws XWSSecurityException {
        return getCertificate(bArr).getPublicKey();
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public X509Certificate getCertificate(byte[] bArr) throws XWSSecurityException {
        SignatureVerificationKeyCallback.X509SubjectKeyIdentifierBasedRequest x509SubjectKeyIdentifierBasedRequest = new SignatureVerificationKeyCallback.X509SubjectKeyIdentifierBasedRequest(bArr);
        try {
            this.callbackHandler.handle(new Callback[]{new SignatureVerificationKeyCallback(x509SubjectKeyIdentifierBasedRequest)});
            X509Certificate x509Certificate = x509SubjectKeyIdentifierBasedRequest.getX509Certificate();
            if (x509Certificate != null) {
                return x509Certificate;
            }
            log.log(Level.SEVERE, "WSS0221.cannot.locate.cert", new Object[]{bArr});
            throw new XWSSecurityException(new StringBuffer().append("No Matching public key for ").append(Base64.encode(bArr)).append(" subject key identifier found").toString());
        } catch (Exception e) {
            log.log(Level.SEVERE, "WSS0216.callbackhandler.handle.exception", new Object[]{"SignatureVerificationKeyCallback.X509SubjectKeyIdentifierBasedRequest"});
            log.log(Level.SEVERE, "WSS0217.callbackhandler.handle.exception.log", (Throwable) e);
            throw new XWSSecurityException(e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public PublicKey getPublicKey(BigInteger bigInteger, String str) throws XWSSecurityException {
        return getCertificate(bigInteger, str).getPublicKey();
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public X509Certificate getCertificate(BigInteger bigInteger, String str) throws XWSSecurityException {
        SignatureVerificationKeyCallback.X509IssuerSerialBasedRequest x509IssuerSerialBasedRequest = new SignatureVerificationKeyCallback.X509IssuerSerialBasedRequest(str, bigInteger);
        try {
            this.callbackHandler.handle(new Callback[]{new SignatureVerificationKeyCallback(x509IssuerSerialBasedRequest)});
            X509Certificate x509Certificate = x509IssuerSerialBasedRequest.getX509Certificate();
            if (x509Certificate != null) {
                return x509Certificate;
            }
            log.log(Level.SEVERE, "WSS0221.cannot.locate.cert", new Object[]{new StringBuffer().append(bigInteger).append(":").append(str).toString()});
            throw new XWSSecurityException(new StringBuffer().append("No Matching public key for serial number ").append(bigInteger).append(" and issuer name ").append(str).append(" found").toString());
        } catch (Exception e) {
            log.log(Level.SEVERE, "WSS0216.callbackhandler.handle.exception", new Object[]{"SignatureVerificationKeyCallback.X509IssuerSerialBasedRequest"});
            log.log(Level.SEVERE, "WSS0217.callbackhandler.handle.exception.log", (Throwable) e);
            throw new XWSSecurityException(e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public String getUsername() throws XWSSecurityException {
        UsernameCallback usernameCallback = new UsernameCallback();
        try {
            this.callbackHandler.handle(new Callback[]{usernameCallback});
            return usernameCallback.getUsername();
        } catch (Exception e) {
            log.log(Level.SEVERE, "WSS0216.callbackhandler.handle.exception", new Object[]{"UsernameCallback"});
            log.log(Level.SEVERE, "WSS0217.callbackhandler.handle.exception.log", (Throwable) e);
            throw new XWSSecurityException(e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public String getPassword() throws XWSSecurityException {
        PasswordCallback passwordCallback = new PasswordCallback();
        try {
            this.callbackHandler.handle(new Callback[]{passwordCallback});
            return passwordCallback.getPassword();
        } catch (Exception e) {
            throw new XWSSecurityException(e.getMessage(), e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public boolean authenticateUser(String str, String str2) {
        PasswordValidationCallback passwordValidationCallback = new PasswordValidationCallback(new PasswordValidationCallback.PlainTextPasswordRequest(str, str2));
        try {
            this.callbackHandler.handle(new Callback[]{passwordValidationCallback});
        } catch (Exception e) {
        }
        return passwordValidationCallback.getResult();
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public boolean authenticateUser(String str, String str2, String str3, String str4) throws XWSSecurityException {
        PasswordValidationCallback passwordValidationCallback = new PasswordValidationCallback(new PasswordValidationCallback.DigestPasswordRequest(str, str2, str3, str4));
        try {
            this.callbackHandler.handle(new Callback[]{passwordValidationCallback});
        } catch (Exception e) {
        }
        return passwordValidationCallback.getResult();
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public Subject getSubject() {
        throw new UnsupportedOperationException("This environment does not have an associated Subject");
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public boolean validateAndCacheNonce(String str, String str2) {
        if (this.nonceCache == null) {
            this.nonceCache = new NonceCache();
            log.log(Level.FINE, new StringBuffer().append("Creating NonceCache for first time.....").append(this.nonceCache).toString());
        } else if (this.nonceCache.wasCanceled()) {
            this.nonceCache = null;
            this.nonceCache = new NonceCache();
            log.log(Level.FINE, new StringBuffer().append("Re-Creating NonceCache because it was canceled.....").append(this.nonceCache).toString());
        }
        if (!this.nonceCache.isScheduled()) {
            log.log(Level.FINE, new StringBuffer().append("About to Store a new Nonce, but Reclaimer not Scheduled, so scheduling one").append(this.nonceCache).toString());
            setNonceCacheCleanup(true);
        }
        return this.nonceCache.validateAndCacheNonce(str, str2);
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public boolean validateCreationTime(String str) throws XWSSecurityException {
        Date parse;
        try {
            try {
                parse = calendarFormatter1.parse(str);
            } catch (ParseException e) {
                parse = calendarFormatter2.parse(str);
            }
            Date freshnessAndSkewAdjustedDate = getFreshnessAndSkewAdjustedDate();
            log.log(Level.FINE, new StringBuffer().append("Time at which token was created: ").append(parse.toString()).toString());
            log.log(Level.FINE, new StringBuffer().append("Current time: ").append(freshnessAndSkewAdjustedDate.toString()).toString());
            if (parse.before(freshnessAndSkewAdjustedDate)) {
                log.log(Level.SEVERE, "WSS0341.created.older.than.timestamp.freshness");
                return false;
            }
            if (!getGMTDateWithSkewAdjusted(new GregorianCalendar(), true).before(parse)) {
                return true;
            }
            log.log(Level.SEVERE, "WSS0340.created.ahead.of.current");
            return false;
        } catch (Exception e2) {
            log.log(Level.SEVERE, "WSS0328.error.parsing.creationtime");
            throw new XWSSecurityException(e2);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public boolean validateExpirationTime(String str) throws XWSSecurityException {
        Date parse;
        if (str == null) {
            return true;
        }
        try {
            try {
                parse = calendarFormatter1.parse(str);
            } catch (ParseException e) {
                parse = calendarFormatter2.parse(str);
            }
            if (!parse.before(getGMTDateWithSkewAdjusted(new GregorianCalendar(), false))) {
                return true;
            }
            log.log(Level.SEVERE, "WSS0393.current.ahead.of.expires");
            return false;
        } catch (Exception e2) {
            log.log(Level.SEVERE, "WSS0394.error.parsing.expirationtime");
            throw new XWSSecurityException(e2);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public boolean validateCertificate(X509Certificate x509Certificate) throws XWSSecurityException {
        CertificateValidationCallback certificateValidationCallback = new CertificateValidationCallback(x509Certificate);
        try {
            this.callbackHandler.handle(new Callback[]{certificateValidationCallback});
            return certificateValidationCallback.getResult();
        } catch (Exception e) {
            throw new XWSSecurityException(e.getMessage(), e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public void updateOtherPartySubject(Subject subject, String str, String str2) {
        subject.getPrincipals().add(new X500Principal(new StringBuffer().append("CN=").append(str).toString()));
        subject.getPrivateCredentials().add(str2);
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public void updateOtherPartySubject(Subject subject, X509Certificate x509Certificate) {
        subject.getPrincipals().add(x509Certificate.getSubjectX500Principal());
        subject.getPublicCredentials().add(x509Certificate);
    }

    private Date getFreshnessAndSkewAdjustedDate() throws ParseException {
        updateTimeRelatedDefaults();
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        long j = gregorianCalendar.get(15);
        if (gregorianCalendar.getTimeZone().inDaylightTime(gregorianCalendar.getTime())) {
            j += gregorianCalendar.getTimeZone().getDSTSavings();
        }
        gregorianCalendar.setTimeInMillis(((gregorianCalendar.getTimeInMillis() - j) - this.MAX_CLOCK_SKEW) - this.TIMESTAMP_FRESHNESS_LIMIT);
        return gregorianCalendar.getTime();
    }

    public void setNonceCacheCleanup(boolean z) {
        if (!z) {
            if (this.nonceCache.isScheduled()) {
                this.nonceCache.cancel();
                this.nonceCache.scheduled(false);
                return;
            }
            return;
        }
        updateTimeRelatedDefaults();
        if (this.nonceCache.isScheduled()) {
            return;
        }
        log.log(Level.FINE, new StringBuffer().append("Scheduling Nonce Reclaimer task...... for ").append(this).append(":").append(this.nonceCache).toString());
        this.nonceCleanupTimer.schedule(this.nonceCache, this.MAX_NONCE_AGE, this.MAX_NONCE_AGE);
        this.nonceCache.scheduled(true);
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public boolean validateSamlIssuer(String str) {
        throw new UnsupportedOperationException();
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public boolean validateSamlUser(String str, String str2, String str3) {
        throw new UnsupportedOperationException();
    }

    public void destroy() {
        if (this.nonceCache.isScheduled()) {
            setNonceCacheCleanup(false);
        }
        this.nonceCache = null;
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public void setSubject(Subject subject) {
        throw new UnsupportedOperationException("Setting a Subject is not allowed");
    }

    private Date getGMTDateWithSkewAdjusted(Calendar calendar, boolean z) {
        updateTimeRelatedDefaults();
        long j = calendar.get(15);
        if (calendar.getTimeZone().inDaylightTime(calendar.getTime())) {
            j += calendar.getTimeZone().getDSTSavings();
        }
        long timeInMillis = calendar.getTimeInMillis() - j;
        calendar.setTimeInMillis(z ? timeInMillis + this.MAX_CLOCK_SKEW : timeInMillis - this.MAX_CLOCK_SKEW);
        return calendar.getTime();
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public Properties getPrefixNamespaceMappings() throws XWSSecurityException {
        PrefixNamespaceMappingCallback prefixNamespaceMappingCallback = new PrefixNamespaceMappingCallback();
        try {
            this.callbackHandler.handle(new Callback[]{prefixNamespaceMappingCallback});
            return prefixNamespaceMappingCallback.getMappings();
        } catch (UnsupportedCallbackException e) {
            return null;
        } catch (Exception e2) {
            throw new XWSSecurityException(e2.getMessage(), e2);
        }
    }

    private void updateTimeRelatedDefaults() {
        if (this.timeRelatedDefaultsUpdated) {
            return;
        }
        this.timeRelatedDefaultsUpdated = true;
        PropertyCallback propertyCallback = new PropertyCallback();
        try {
            this.callbackHandler.handle(new Callback[]{propertyCallback});
        } catch (UnsupportedCallbackException e) {
        } catch (Exception e2) {
            log.log(Level.SEVERE, "WSS0215.failed.propertycallback", (Throwable) e2);
        }
        this.MAX_CLOCK_SKEW = propertyCallback.getMaxClockSkew();
        this.TIMESTAMP_FRESHNESS_LIMIT = propertyCallback.getTimestampFreshnessLimit();
        this.MAX_NONCE_AGE = propertyCallback.getMaxNonceAge();
    }
}
