package com.sun.xml.wss.filter;

import com.sun.xml.wss.MessageFilter;
import com.sun.xml.wss.SecurableSoapMessage;
import com.sun.xml.wss.SecurityHeader;
import com.sun.xml.wss.X509SecurityToken;
import com.sun.xml.wss.XWSSecurityException;
import java.security.cert.X509Certificate;
import java.util.logging.Level;

/* loaded from: input_file:119166-13/SUNWascmn/reloc/appserver/lib/appserv-rt.jar:com/sun/xml/wss/filter/ExportCertificateTokenFilter.class */
public class ExportCertificateTokenFilter extends FilterBase implements MessageFilter {
    String alias;
    DefaultCertificateToken defaultToken;

    /* loaded from: input_file:119166-13/SUNWascmn/reloc/appserver/lib/appserv-rt.jar:com/sun/xml/wss/filter/ExportCertificateTokenFilter$DefaultCertificateToken.class */
    public static class DefaultCertificateToken {
    }

    public ExportCertificateTokenFilter() {
        this.alias = null;
        this.defaultToken = null;
    }

    public ExportCertificateTokenFilter(String str) {
        this.alias = null;
        this.defaultToken = null;
        this.alias = str;
    }

    public ExportCertificateTokenFilter(DefaultCertificateToken defaultCertificateToken) throws XWSSecurityException {
        this.alias = null;
        this.defaultToken = null;
        this.defaultToken = defaultCertificateToken;
    }

    @Override // com.sun.xml.wss.MessageFilter
    public void process(SecurableSoapMessage securableSoapMessage) throws XWSSecurityException {
        SecurityHeader findOrCreateSecurityHeader = securableSoapMessage.findOrCreateSecurityHeader();
        if (this.defaultToken != null) {
            exportCertificateToken(securableSoapMessage, findOrCreateSecurityHeader, securableSoapMessage.getSecurityEnvironment().getDefaultCertificate());
            return;
        }
        if (this.alias != null) {
            exportCertificateToken(securableSoapMessage, findOrCreateSecurityHeader, securableSoapMessage.getSecurityEnvironment().getCertificate(this.alias, true));
            return;
        }
        X509SecurityToken x509SecurityToken = (X509SecurityToken) securableSoapMessage.getFilterParameter(FilterParameterConstants.BINARY_SEC_TOKEN);
        if (x509SecurityToken == null) {
            log.log(Level.SEVERE, "WSS0169.token.not.set.parameter.list");
            throw new XWSSecurityException("Token to be exported was not set in Parameter List");
        }
        findOrCreateSecurityHeader.insertHeaderBlock(x509SecurityToken);
    }

    private void exportCertificateToken(SecurableSoapMessage securableSoapMessage, SecurityHeader securityHeader, X509Certificate x509Certificate) throws XWSSecurityException {
        String generateId = securableSoapMessage.generateId();
        X509SecurityToken x509SecurityToken = new X509SecurityToken(securableSoapMessage.getSOAPPart(), x509Certificate, generateId);
        securableSoapMessage.setToken(generateId, x509SecurityToken);
        securityHeader.insertHeaderBlock(x509SecurityToken);
    }
}
