package com.sun.xml.wss;

import com.sun.org.apache.xml.security.exceptions.Base64DecodingException;
import com.sun.org.apache.xml.security.utils.Base64;
import com.sun.xml.wss.impl.SecurityHeaderBlockImpl;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Iterator;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.xml.soap.SOAPElement;
import javax.xml.soap.SOAPException;
import org.w3c.dom.Document;

/* loaded from: input_file:119167-09/SUNWascmn/reloc/appserver/lib/appserv-rt.jar:com/sun/xml/wss/UsernameToken.class */
public class UsernameToken extends SecurityHeaderBlockImpl implements SecurityToken {
    private String username;
    private String password;
    private String passwordType;
    private String passwordDigest;
    private byte[] decodedNonce;
    private String nonce;
    private String nonceEncodingType;
    private String created;
    private Document soapDoc;
    private static Logger log = Logger.getLogger("javax.enterprise.resource.webservices.security", "com.sun.xml.wss.LogStrings");
    static Class class$com$sun$xml$wss$UsernameToken;

    public static SecurityHeaderBlock fromSoapElement(SOAPElement sOAPElement) throws XWSSecurityException {
        Class cls;
        if (class$com$sun$xml$wss$UsernameToken == null) {
            cls = class$("com.sun.xml.wss.UsernameToken");
            class$com$sun$xml$wss$UsernameToken = cls;
        } else {
            cls = class$com$sun$xml$wss$UsernameToken;
        }
        return SecurityHeaderBlockImpl.fromSoapElement(sOAPElement, cls);
    }

    public UsernameToken(Document document, String str) {
        this.password = null;
        this.passwordType = MessageConstants.PASSWORD_TEXT_NS;
        this.passwordDigest = null;
        this.decodedNonce = null;
        this.nonce = null;
        this.nonceEncodingType = MessageConstants.BASE64_ENCODING_NS;
        this.created = null;
        this.soapDoc = document;
        this.username = str;
    }

    public UsernameToken(Document document, String str, String str2, boolean z) throws SecurityTokenException {
        this.password = null;
        this.passwordType = MessageConstants.PASSWORD_TEXT_NS;
        this.passwordDigest = null;
        this.decodedNonce = null;
        this.nonce = null;
        this.nonceEncodingType = MessageConstants.BASE64_ENCODING_NS;
        this.created = null;
        this.soapDoc = document;
        this.username = str;
        this.password = str2;
        if (z) {
            setPasswordType(MessageConstants.PASSWORD_DIGEST_NS);
        }
    }

    public UsernameToken(Document document, String str, String str2) throws SecurityTokenException {
        this(document, str, str2, false);
    }

    public UsernameToken(Document document, String str, String str2, boolean z, boolean z2) throws SecurityTokenException {
        this.password = null;
        this.passwordType = MessageConstants.PASSWORD_TEXT_NS;
        this.passwordDigest = null;
        this.decodedNonce = null;
        this.nonce = null;
        this.nonceEncodingType = MessageConstants.BASE64_ENCODING_NS;
        this.created = null;
        this.soapDoc = document;
        this.username = str;
        this.password = str2;
        if (z) {
            createNonce();
        }
        if (z2) {
            setPasswordType(MessageConstants.PASSWORD_DIGEST_NS);
        }
    }

    public UsernameToken(Document document, String str, String str2, boolean z, boolean z2, boolean z3) throws SecurityTokenException {
        this.password = null;
        this.passwordType = MessageConstants.PASSWORD_TEXT_NS;
        this.passwordDigest = null;
        this.decodedNonce = null;
        this.nonce = null;
        this.nonceEncodingType = MessageConstants.BASE64_ENCODING_NS;
        this.created = null;
        this.soapDoc = document;
        this.username = str;
        this.password = str2;
        if (z) {
            createNonce();
        }
        if (z2) {
            try {
                this.created = getCreatedFromTimestamp();
            } catch (Exception e) {
                throw new SecurityTokenException(e);
            }
        }
        if (z3) {
            setPasswordType(MessageConstants.PASSWORD_DIGEST_NS);
        }
    }

    public UsernameToken(SOAPElement sOAPElement) throws XWSSecurityException {
        Object obj;
        this.password = null;
        this.passwordType = MessageConstants.PASSWORD_TEXT_NS;
        this.passwordDigest = null;
        this.decodedNonce = null;
        this.nonce = null;
        this.nonceEncodingType = MessageConstants.BASE64_ENCODING_NS;
        this.created = null;
        setSOAPElement(sOAPElement);
        this.soapDoc = getOwnerDocument();
        if (!"UsernameToken".equals(getLocalName()) || !XMLUtil.inWsseNS(this)) {
            log.log(Level.SEVERE, "WSS0329.usernametoken.expected", new Object[]{getLocalName()});
            throw new SecurityTokenException(new StringBuffer().append("Expected UsernameToken Element, but Found ").append(getLocalName()).toString());
        }
        boolean z = false;
        Iterator childElements = getChildElements();
        Object obj2 = null;
        while (true) {
            obj = obj2;
            if (!childElements.hasNext() || (obj instanceof SOAPElement)) {
                break;
            } else {
                obj2 = childElements.next();
            }
        }
        if (obj instanceof SOAPElement) {
            SOAPElement sOAPElement2 = (SOAPElement) obj;
            if (!"Username".equals(sOAPElement2.getLocalName()) || !XMLUtil.inWsseNS(sOAPElement2)) {
                log.log(Level.SEVERE, "WSS0330.usernametoken.firstchild.mustbe.username");
                throw new SecurityTokenException("The first child of a UsernameToken Element, should be a Username ");
            }
            this.username = sOAPElement2.getValue();
        } else {
            z = true;
        }
        while (childElements.hasNext()) {
            Object next = childElements.next();
            if (next instanceof SOAPElement) {
                SOAPElement sOAPElement3 = (SOAPElement) next;
                if ("Password".equals(sOAPElement3.getLocalName()) && XMLUtil.inWsseNS(sOAPElement3)) {
                    String attribute = sOAPElement3.getAttribute("Type");
                    if (!"".equals(attribute)) {
                        setPasswordType(attribute);
                    }
                    if (MessageConstants.PASSWORD_TEXT_NS.equals(this.passwordType)) {
                        this.password = sOAPElement3.getValue();
                    } else {
                        this.passwordDigest = sOAPElement3.getValue();
                    }
                } else if ("Nonce".equals(sOAPElement3.getLocalName()) && XMLUtil.inWsseNS(sOAPElement3)) {
                    this.nonce = sOAPElement3.getValue();
                    String attribute2 = sOAPElement3.getAttribute("EncodingType");
                    if (!"".equals(attribute2)) {
                        setNonceEncodingType(attribute2);
                    }
                    try {
                        this.decodedNonce = Base64.decode(this.nonce);
                    } catch (Base64DecodingException e) {
                        throw new XWSSecurityException(e);
                    }
                } else if ("Created".equals(sOAPElement3.getLocalName()) && XMLUtil.inWsuNS(sOAPElement3)) {
                    this.created = sOAPElement3.getValue();
                } else {
                    z = true;
                }
            }
        }
        if (z) {
            log.log(Level.SEVERE, "WSS0331.invalid.usernametoken");
            throw new SecurityTokenException("Element passed was not a SOAPElement or is not a proper UsernameToken");
        }
        if (null == this.username) {
            log.log(Level.SEVERE, "WSS0332.usernametoken.null.username");
            throw new SecurityTokenException("Username token does not contain the username");
        }
    }

    public String getUsername() {
        return this.username;
    }

    private void setUsername(String str) {
        this.username = str;
    }

    public String getPassword() {
        return this.password;
    }

    public String getPasswordType() {
        return this.passwordType;
    }

    private void setPasswordType(String str) throws SecurityTokenException {
        if (MessageConstants.PASSWORD_TEXT_NS.equals(str) || MessageConstants.PASSWORD_DIGEST_NS.equals(str)) {
            this.passwordType = str;
        } else {
            log.log(Level.SEVERE, "WSS0306.invalid.passwd.type", new Object[]{MessageConstants.PASSWORD_TEXT_NS, MessageConstants.PASSWORD_DIGEST_NS});
            throw new SecurityTokenException("Invalid password type. Must be one of   http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText or http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest");
        }
    }

    public String getNonceEncodingType() {
        return this.nonceEncodingType;
    }

    private void setNonceEncodingType(String str) {
        if (MessageConstants.BASE64_ENCODING_NS.equals(str)) {
            this.nonceEncodingType = str;
        } else {
            log.log(Level.SEVERE, "WSS0307.nonce.enctype.invalid");
            throw new RuntimeException("Nonce encoding type invalid");
        }
    }

    public String getNonce() throws SecurityTokenException {
        return this.nonce;
    }

    public String getCreated() {
        return this.created;
    }

    public String getPasswordDigest() {
        return this.passwordDigest;
    }

    @Override // com.sun.xml.wss.impl.SecurityHeaderBlockImpl, com.sun.xml.wss.SecurityHeaderBlock
    public SOAPElement getAsSoapElement() throws SecurityTokenException {
        if (null != this.delegateElement) {
            return this.delegateElement;
        }
        try {
            setSOAPElement((SOAPElement) this.soapDoc.createElementNS(MessageConstants.WSSE_NS, "wsse:UsernameToken"));
            addNamespaceDeclaration(MessageConstants.WSSE_PREFIX, MessageConstants.WSSE_NS);
            if (null == this.username) {
                log.log(Level.SEVERE, "WSS0387.error.creating.usernametoken");
                throw new SecurityTokenException("username was not set");
            }
            addChildElement("Username", MessageConstants.WSSE_PREFIX).addTextNode(this.username);
            if (this.password != null) {
                SOAPElement addChildElement = addChildElement("Password", MessageConstants.WSSE_PREFIX);
                if (MessageConstants.PASSWORD_DIGEST_NS.equals(this.passwordType)) {
                    createDigest();
                    addChildElement.addTextNode(this.passwordDigest);
                } else {
                    addChildElement.addTextNode(this.password);
                }
                addChildElement.setAttribute("Type", this.passwordType);
            }
            if (this.nonce != null) {
                SOAPElement addChildElement2 = addChildElement("Nonce", MessageConstants.WSSE_PREFIX);
                addChildElement2.addTextNode(this.nonce);
                if (this.nonceEncodingType != null) {
                    addChildElement2.setAttribute("EncodingType", this.nonceEncodingType);
                }
            }
            if (this.created != null) {
                addChildElement("Created", MessageConstants.WSU_PREFIX, MessageConstants.WSU_NS).addTextNode(this.created);
            }
            return this.delegateElement;
        } catch (SOAPException e) {
            log.log(Level.SEVERE, "WSS0388.error.creating.usernametoken", e.getMessage());
            throw new SecurityTokenException(new StringBuffer().append("There was an error creating Username Token ").append(e.getMessage()).toString());
        }
    }

    private void createNonce() {
        this.decodedNonce = new byte[18];
        try {
            SecureRandom.getInstance("SHA1PRNG").nextBytes(this.decodedNonce);
            if (MessageConstants.BASE64_ENCODING_NS.equals(this.nonceEncodingType)) {
                this.nonce = Base64.encode(this.decodedNonce);
            } else {
                log.log(Level.SEVERE, "WSS0389.unrecognized.nonce.encoding", this.nonceEncodingType);
                throw new RuntimeException(new StringBuffer().append("Unrecognized encoding: ").append(this.nonceEncodingType).toString());
            }
        } catch (NoSuchAlgorithmException e) {
            log.log(Level.SEVERE, "WSS0310.no.such.algorithm", new Object[]{e.getMessage()});
            throw new RuntimeException(new StringBuffer().append("No such algorithm found").append(e.getMessage()).toString());
        }
    }

    private void createDigest() throws SecurityTokenException {
        String str;
        byte[] bArr;
        str = "";
        str = this.created != null ? new StringBuffer().append(str).append(this.created).toString() : "";
        if (this.password != null) {
            str = new StringBuffer().append(str).append(this.password).toString();
        }
        try {
            byte[] bytes = str.getBytes("utf-8");
            if (this.decodedNonce != null) {
                bArr = new byte[bytes.length + 18];
                for (int i = 0; i < 18; i++) {
                    bArr[i] = this.decodedNonce[i];
                }
                for (int i2 = 18; i2 < bytes.length + 18; i2++) {
                    bArr[i2] = bytes[i2 - 18];
                }
            } else {
                bArr = bytes;
            }
            try {
                this.passwordDigest = Base64.encode(MessageDigest.getInstance("SHA-1").digest(bArr));
            } catch (Exception e) {
                log.log(Level.SEVERE, "WSS0311.passwd.digest.couldnot.be.created", new Object[]{e.getMessage()});
                throw new SecurityTokenException(new StringBuffer().append("Password Digest could not be created. ").append(e.getMessage()).toString());
            }
        } catch (UnsupportedEncodingException e2) {
            log.log(Level.SEVERE, "WSS0390.unsupported.charset.exception");
            throw new SecurityTokenException(e2);
        }
    }

    private String getCreatedFromTimestamp() throws XWSSecurityException {
        Timestamp timestamp = new Timestamp();
        timestamp.createDateTime();
        return timestamp.getCreated();
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }
}
