package com.ibm.ws.wssecurity.handler;

import com.ibm.websphere.wssecurity.wssapi.WSSConsumingContext;
import com.ibm.ws.policyset.runtime.PolicySetConfiguration;
import com.ibm.ws.websvcs.transport.common.TransportConstants;
import com.ibm.ws.wssecurity.confimpl.PrivateConsumerConfig;
import com.ibm.ws.wssecurity.confimpl.PrivateGeneratorConfig;
import com.ibm.ws.wssecurity.platform.auth.WSSContextFactory;
import com.ibm.ws.wssecurity.trust.server.sts.Util.STSPolicySetUtil;
import com.ibm.ws.wssecurity.util.Axis2Util;
import com.ibm.ws.wssecurity.util.TokenHolder;
import com.ibm.ws.wssecurity.util.Tr;
import com.ibm.ws.wssecurity.util.TraceComponent;
import com.ibm.ws.wssecurity.wssapi.WSSConsumerTransformImpl;
import com.ibm.wsspi.wssecurity.core.SoapSecurityException;
import java.security.PrivilegedExceptionAction;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Properties;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.axis2.AxisFault;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.context.OperationContext;
import org.apache.axis2.description.AxisOperation;
import org.apache.axis2.description.AxisService;
import org.apache.axis2.description.HandlerDescription;
import org.apache.axis2.description.Parameter;
import org.apache.axis2.engine.Handler;

/* loaded from: input_file:lib/com.ibm.wsfp.main.jar:com/ibm/ws/wssecurity/handler/WSSecurityConsumerHandler.class */
public class WSSecurityConsumerHandler extends WSSecurityGlobalHandler {
    private static final String comp = "security.wssecurity";
    private static final long serialVersionUID = 0;
    private WSSecurityConsumerBase _ch = null;
    private static final String clsName = WSSecurityConsumerHandler.class.getName();
    private static final TraceComponent tc = Tr.register(WSSecurityConsumerHandler.class, "Web Services Security", "com.ibm.ws.wssecurity.resources.wssmessages");

    public WSSecurityConsumerHandler() {
        this.inboundHandler = true;
    }

    public void init(HandlerDescription handlerDescription) {
        this.handlerDesc = handlerDescription;
        this._ch = new WSSecurityConsumerBase();
        try {
            this._ch.init();
        } catch (Exception e) {
        }
    }

    @Override // com.ibm.ws.wssecurity.handler.WSSecurityGlobalHandler
    public Handler.InvocationResponse invoke(final MessageContext messageContext) throws AxisFault {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "invoke(MessageContext msgContext)");
        }
        if (messageContext != null) {
            try {
                if (Axis2Util.isServiceProvider(messageContext)) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "isServerSide == true");
                    }
                    try {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "runWith MessageContext = " + messageContext);
                        }
                        Handler.InvocationResponse invocationResponse = (Handler.InvocationResponse) WSSContextFactory.getInstance().runWith(new PrivilegedExceptionAction() { // from class: com.ibm.ws.wssecurity.handler.WSSecurityConsumerHandler.1
                            @Override // java.security.PrivilegedExceptionAction
                            public Object run() throws AxisFault {
                                if (WSSecurityConsumerHandler.tc.isDebugEnabled()) {
                                    Tr.debug(WSSecurityConsumerHandler.tc, "invokeAction, MessageContext");
                                }
                                return WSSecurityConsumerHandler.this._invoke(messageContext);
                            }
                        }, messageContext);
                        if (invocationResponse != null) {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "runWith return non-null response");
                            }
                            return invocationResponse;
                        }
                    } catch (SoapSecurityException e) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Exception caught " + e.getMessage());
                        }
                        throw AxisFault.makeFault(e);
                    }
                }
            } catch (Exception e2) {
                throw AxisFault.makeFault(e2);
            }
        }
        return _invoke(messageContext);
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v153, types: [com.ibm.ws.wssecurity.config.WSSConsumerConfig] */
    public Handler.InvocationResponse _invoke(MessageContext messageContext) throws AxisFault {
        Parameter parameter;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "_invoke(MessageContext msgContext)");
        }
        PrivateConsumerConfig privateConsumerConfig = null;
        Parameter parameter2 = null;
        boolean z = false;
        boolean z2 = false;
        boolean z3 = false;
        if (messageContext != null) {
            try {
                boolean isServiceProvider = Axis2Util.isServiceProvider(messageContext);
                if (isServiceProvider) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "isServerSide == true");
                    }
                    String wSAAction = messageContext.getWSAAction();
                    if (wSAAction == null) {
                        wSAAction = messageContext.getSoapAction();
                    }
                    if (wSAAction == null) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "neither WSAAction nor SoapAction included in message context");
                        }
                        wSAAction = STSPolicySetUtil.getActionFromMessage(messageContext);
                    }
                    setHttpSession(messageContext);
                    boolean isTrustRequest = STSPolicySetUtil.isTrustRequest(messageContext, wSAAction);
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "isTrustRequest() returned" + isTrustRequest);
                    }
                    String str = null;
                    if (isTrustRequest) {
                        str = STSPolicySetUtil.mapTrustAction(wSAAction);
                        if (str == null) {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "action == null");
                            }
                        } else if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "action is " + str);
                        }
                    }
                    if (isTrustRequest && str != null && str.length() > 0) {
                        z2 = true;
                        try {
                            PolicySetConfiguration trustPolicySetConfiguration = STSPolicySetUtil.getTrustPolicySetConfiguration(messageContext, str, WSSecurityGeneratorHandler.class.getClassLoader());
                            if (trustPolicySetConfiguration != null) {
                                messageContext.setProperty(Constants.TRUST_POLICY_SET_CONFIGURATION, trustPolicySetConfiguration);
                                Object policyTypeBinding = trustPolicySetConfiguration.getPolicyTypeBinding(PrivateConsumerConfig.class);
                                if (policyTypeBinding != null) {
                                    if (!(policyTypeBinding instanceof PrivateConsumerConfig)) {
                                        if (!(policyTypeBinding instanceof Exception)) {
                                            if (tc.isDebugEnabled()) {
                                                Tr.debug(tc, "Unable to process inbound SOAP message. Unexpected object in PolicyTypeBinding: " + policyTypeBinding);
                                            }
                                            Tr.error(tc, "security.wssecurity.WSSecurityConsumerHandler.s03", new Object[]{policyTypeBinding.getClass().getName()});
                                            throw AxisFault.makeFault(SoapSecurityException.format("security.wssecurity.WSSecurityConsumerHandler.s03", policyTypeBinding.getClass().getName()));
                                        }
                                        Exception exc = (Exception) policyTypeBinding;
                                        if (tc.isDebugEnabled()) {
                                            Tr.debug(tc, "Unable to process inbound SOAP message.  PolicySet not loaded properly.", exc);
                                        }
                                        Tr.processException(exc, clsName + ".invoke", "%C", this);
                                        if (exc instanceof SoapSecurityException) {
                                            throw AxisFault.makeFault(exc);
                                        }
                                        Tr.error(tc, "security.wssecurity.WSSecurityConsumerHandler.s02");
                                        throw AxisFault.makeFault(SoapSecurityException.format("security.wssecurity.WSSecurityConsumerHandler.s02", exc));
                                    }
                                    privateConsumerConfig = (PrivateConsumerConfig) policyTypeBinding;
                                    if (privateConsumerConfig != null && tc.isDebugEnabled()) {
                                        Tr.debug(tc, "Loaded trust policy set.");
                                    }
                                } else if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "No PolicyType Binding");
                                }
                            }
                        } catch (Exception e) {
                            throw AxisFault.makeFault(e);
                        }
                    }
                } else {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "isServerSide == false");
                    }
                    OperationContext operationContext = messageContext.getOperationContext();
                    if (operationContext == null) {
                        operationContext = (OperationContext) messageContext.getProperty("unverifiedOperationContext");
                    }
                    if (operationContext != null) {
                        Iterator it = operationContext.getMessageContexts().entrySet().iterator();
                        while (true) {
                            if (!it.hasNext()) {
                                break;
                            }
                            MessageContext messageContext2 = (MessageContext) ((Map.Entry) it.next()).getValue();
                            if (((Boolean) messageContext2.getProperty(com.ibm.ws.wssecurity.common.Constants.SCT_CANCEL)) != null && ((Boolean) messageContext2.getProperty(com.ibm.ws.wssecurity.common.Constants.SCT_CANCEL)).booleanValue()) {
                                z3 = true;
                                messageContext2.setProperty(com.ibm.ws.wssecurity.common.Constants.IS_BOOTSTRAP_REQUIRED, new Boolean(false));
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "isCancelResponseMessage = " + ((Boolean) messageContext2.getProperty(com.ibm.ws.wssecurity.common.Constants.SCT_CANCEL)).booleanValue());
                                }
                            } else if (((Boolean) messageContext2.getProperty(com.ibm.ws.wssecurity.common.Constants.IS_BOOTSTRAP_REQUIRED)) != null) {
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "Bootstrap property = " + ((Boolean) messageContext2.getProperty(com.ibm.ws.wssecurity.common.Constants.IS_BOOTSTRAP_REQUIRED)).booleanValue());
                                }
                                if (((Boolean) messageContext2.getProperty(com.ibm.ws.wssecurity.common.Constants.IS_BOOTSTRAP_REQUIRED)).booleanValue()) {
                                    z = true;
                                }
                                if (z) {
                                    if (((PrivateGeneratorConfig) messageContext2.getProperty(com.ibm.ws.wssecurity.common.Constants.BOOTSTRAP_APP_POLICY_CONFIG)) != null) {
                                        privateConsumerConfig = ((PrivateGeneratorConfig) messageContext2.getProperty(com.ibm.ws.wssecurity.common.Constants.BOOTSTRAP_APP_POLICY_CONFIG)).getBootstrapConsumerConfig();
                                        if (privateConsumerConfig != null && tc.isDebugEnabled()) {
                                            Tr.debug(tc, "Valid bootstrap config object");
                                        }
                                    }
                                    messageContext2.setProperty(com.ibm.ws.wssecurity.common.Constants.IS_BOOTSTRAP_REQUIRED, new Boolean(false));
                                    Object property = messageContext2.getProperty(com.ibm.ws.wssecurity.common.Constants.COOKIE_PROPERTY_MAP);
                                    if (property != null && (property instanceof Map)) {
                                        Map map = (Map) property;
                                        Object property2 = messageContext.getProperty(com.ibm.ws.wssecurity.common.Constants.COOKIE_PROPERTY);
                                        if (property2 != null) {
                                            map.put(com.ibm.ws.wssecurity.common.Constants.COOKIE_PROPERTY, property2);
                                            if (tc.isDebugEnabled()) {
                                                Tr.debug(tc, "Added Cookie property to SC_COOKIE_MAP: " + property2);
                                            }
                                        }
                                        Object property3 = messageContext.getProperty(com.ibm.ws.wssecurity.common.Constants.LOCATION_PROPERTY);
                                        if (property3 != null) {
                                            map.put(com.ibm.ws.wssecurity.common.Constants.LOCATION_PROPERTY, property3);
                                            if (tc.isDebugEnabled()) {
                                                Tr.debug(tc, "Added Location property to SC_COOKIE_MAP: " + property3);
                                            }
                                        }
                                    }
                                }
                            }
                        }
                    }
                }
                if (privateConsumerConfig == null && !z && !z2) {
                    AxisOperation axisOperation = messageContext.getAxisOperation();
                    if (axisOperation != null) {
                        parameter2 = axisOperation.getParameter("WASAxis2PolicySet");
                        if (parameter2 != null) {
                            Object value = parameter2.getValue();
                            PolicySetConfiguration policySetConfiguration = null;
                            if (value == null || !(value instanceof PolicySetConfiguration)) {
                                Object value2 = messageContext.getAxisService().getParameter("WASAxis2PolicySet").getValue();
                                if (value2 != null && (value2 instanceof PolicySetConfiguration)) {
                                    policySetConfiguration = (PolicySetConfiguration) value2;
                                }
                            } else {
                                policySetConfiguration = (PolicySetConfiguration) value;
                            }
                            if (policySetConfiguration != null) {
                                Object policyTypeBinding2 = policySetConfiguration.getPolicyTypeBinding(PrivateConsumerConfig.class);
                                if (policyTypeBinding2 != null) {
                                    if (!(policyTypeBinding2 instanceof PrivateConsumerConfig)) {
                                        if (!(policyTypeBinding2 instanceof Exception)) {
                                            if (tc.isDebugEnabled()) {
                                                Tr.debug(tc, "Unable to process inbound SOAP message. Unexpected object in PolicyTypeBinding: " + policyTypeBinding2);
                                            }
                                            Tr.error(tc, "security.wssecurity.WSSecurityConsumerHandler.s03", new Object[]{policyTypeBinding2.getClass().getName()});
                                            throw AxisFault.makeFault(SoapSecurityException.format("security.wssecurity.WSSecurityConsumerHandler.s03", policyTypeBinding2.getClass().getName()));
                                        }
                                        Exception exc2 = (Exception) policyTypeBinding2;
                                        if (tc.isDebugEnabled()) {
                                            Tr.debug(tc, "Unable to process inbound SOAP message.  PolicySet not loaded properly.", exc2);
                                        }
                                        Tr.processException(exc2, clsName + ".invoke", "%C", this);
                                        if (exc2 instanceof SoapSecurityException) {
                                            throw AxisFault.makeFault(exc2);
                                        }
                                        Tr.error(tc, "security.wssecurity.WSSecurityConsumerHandler.s02");
                                        throw AxisFault.makeFault(SoapSecurityException.format("security.wssecurity.WSSecurityConsumerHandler.s02", exc2));
                                    }
                                    privateConsumerConfig = (PrivateConsumerConfig) policyTypeBinding2;
                                    if (privateConsumerConfig != null && tc.isDebugEnabled()) {
                                        Tr.debug(tc, "Loaded policy using policy set.");
                                    }
                                } else if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "No PolicyType Binding");
                                }
                            }
                        }
                    }
                    if (axisOperation == null || parameter2 == null) {
                        PolicySetConfiguration policySetConfiguration2 = null;
                        AxisService axisService = messageContext.getAxisService();
                        if (axisService != null && (parameter = axisService.getParameter("WASAxis2PolicySet")) != null) {
                            Object value3 = parameter.getValue();
                            if (value3 != null && (value3 instanceof PolicySetConfiguration)) {
                                policySetConfiguration2 = (PolicySetConfiguration) value3;
                            }
                            if (policySetConfiguration2 != null) {
                                Object policyTypeBinding3 = policySetConfiguration2.getPolicyTypeBinding(PrivateConsumerConfig.class);
                                if (policyTypeBinding3 != null) {
                                    if (!(policyTypeBinding3 instanceof PrivateConsumerConfig)) {
                                        if (!(policyTypeBinding3 instanceof Exception)) {
                                            if (tc.isDebugEnabled()) {
                                                Tr.debug(tc, "Unable to process inbound SOAP message. Unexpected object in PolicyTypeBinding: " + policyTypeBinding3);
                                            }
                                            Tr.error(tc, "security.wssecurity.WSSecurityConsumerHandler.s03", new Object[]{policyTypeBinding3.getClass().getName()});
                                            throw AxisFault.makeFault(SoapSecurityException.format("security.wssecurity.WSSecurityConsumerHandler.s03", policyTypeBinding3.getClass().getName()));
                                        }
                                        Exception exc3 = (Exception) policyTypeBinding3;
                                        if (tc.isDebugEnabled()) {
                                            Tr.debug(tc, "Unable to process inbound SOAP message.  PolicySet not loaded properly.", exc3);
                                        }
                                        Tr.processException(exc3, clsName + ".invoke", "%C", this);
                                        if (exc3 instanceof SoapSecurityException) {
                                            throw AxisFault.makeFault(exc3);
                                        }
                                        Tr.error(tc, "security.wssecurity.WSSecurityConsumerHandler.s02");
                                        throw AxisFault.makeFault(SoapSecurityException.format("security.wssecurity.WSSecurityConsumerHandler.s02", exc3));
                                    }
                                    privateConsumerConfig = (PrivateConsumerConfig) policyTypeBinding3;
                                    if (privateConsumerConfig != null && tc.isDebugEnabled()) {
                                        Tr.debug(tc, "Loaded policy using policy set.");
                                    }
                                } else if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "No PolicyType Binding");
                                }
                            }
                        }
                    }
                }
                if (!z3) {
                    boolean z4 = false;
                    if (messageContext.getProperty(com.ibm.ws.wssecurity.common.Constants.WSSAPI_CONFIG_KEY_CONSUMER) != null) {
                        z4 = true;
                    } else {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Cannot find WSSAPI_CONFIG_KEY_CONSUMER on MessageContext. Look in WSS_PROPERTYMAP property map.");
                        }
                        HashMap wssPropertyMapFromInboundMessageContext = TokenHolder.getWssPropertyMapFromInboundMessageContext(messageContext);
                        if (wssPropertyMapFromInboundMessageContext != null) {
                            WSSConsumingContext wSSConsumingContext = (WSSConsumingContext) wssPropertyMapFromInboundMessageContext.get(com.ibm.ws.wssecurity.common.Constants.WSSAPI_CONFIG_KEY_CONSUMER);
                            if (wSSConsumingContext != null) {
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "Found WSSAPI_CONFIG_KEY_CONSUMER in WSS_PROPERTYMAP map. Putting it on MessageContext Options.");
                                }
                                z4 = true;
                                messageContext.setProperty(com.ibm.ws.wssecurity.common.Constants.WSSAPI_CONFIG_KEY_CONSUMER, wSSConsumingContext);
                            }
                        } else if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "WSS_PROPERTYMAP map not found.");
                        }
                    }
                    if (tc.isDebugEnabled() && z4) {
                        Tr.debug(tc, "WSSAPI logPolicySetOverride = " + WSSecurityGeneratorHandler.logPolicySetOverride);
                    }
                    if (privateConsumerConfig != null && z4 && !isServiceProvider && WSSecurityGeneratorHandler.logPolicySetOverride) {
                        Tr.warning(tc, "security.wssecurity.WSSecurityConsumerHandler.s01");
                    }
                    if (privateConsumerConfig == null) {
                        if (z4) {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "WSSAPI enables...");
                            }
                            try {
                                privateConsumerConfig = WSSConsumerTransformImpl.getInstance().transform(messageContext);
                            } catch (Exception e2) {
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "Error in WSSAPI: " + e2.toString());
                                }
                                throw AxisFault.makeFault(e2);
                            }
                        } else if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "WSSAPI consumer bindings not found. Response message will not be processed by web services security.");
                        }
                    }
                }
                if (privateConsumerConfig == null) {
                    return Handler.InvocationResponse.CONTINUE;
                }
                try {
                    this._ch.invoke(messageContext, privateConsumerConfig);
                    setSelfManagedData(messageContext);
                    if (z) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Setting Sandesha2AppProcessingDone to true");
                        }
                        messageContext.setProperty("Sandesha2AppProcessingDone", "true");
                    }
                } catch (Exception e3) {
                    Tr.processException(e3, clsName + ".invoke", "%C", this);
                    throw AxisFault.makeFault(e3);
                }
            } catch (Exception e4) {
                throw AxisFault.makeFault(e4);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "_invoke(MessageContext msgContext)");
        }
        return Handler.InvocationResponse.CONTINUE;
    }

    private void setHttpSession(MessageContext messageContext) {
        AxisService axisService;
        Parameter parameter;
        Object value;
        Parameter parameter2;
        Object value2;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setHttpSession(MessageContext msgContext)");
        }
        boolean z = false;
        if (messageContext != null) {
            PolicySetConfiguration policySetConfiguration = null;
            AxisOperation axisOperation = messageContext.getAxisOperation();
            if (axisOperation != null && (parameter2 = axisOperation.getParameter("WASAxis2PolicySet")) != null && (value2 = parameter2.getValue()) != null && (value2 instanceof PolicySetConfiguration)) {
                policySetConfiguration = (PolicySetConfiguration) value2;
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Found PolicySetConfiguration in AxisOperation");
                }
            }
            if (policySetConfiguration == null && (axisService = messageContext.getAxisService()) != null && (parameter = axisService.getParameter("WASAxis2PolicySet")) != null && (value = parameter.getValue()) != null && (value instanceof PolicySetConfiguration)) {
                policySetConfiguration = (PolicySetConfiguration) value;
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Found PolicySetConfiguration in AxisService");
                }
            }
            if (policySetConfiguration != null) {
                Object policyTypeConfiguration = policySetConfiguration.getPolicyTypeConfiguration(TransportConstants.HTTP_POLICY_KEY);
                if (policyTypeConfiguration != null && (policyTypeConfiguration instanceof Properties)) {
                    Properties properties = (Properties) policyTypeConfiguration;
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Found http policy");
                    }
                    String property = properties.getProperty(TransportConstants.MAINTAIN_SESSION);
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Session enabled property = " + property);
                    }
                    if (property != null && "yes".equalsIgnoreCase(property)) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Setting enableSession to true");
                        }
                        z = true;
                    }
                } else if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "No http policy found");
                }
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "No HTTP PolicySetConfiguration object found");
            }
        }
        if (z) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Attempting to enabling session");
            }
            Object property2 = messageContext.getProperty("transport.http.servletRequest");
            if (property2 != null && (property2 instanceof HttpServletRequest)) {
                HttpSession session = ((HttpServletRequest) property2).getSession(true);
                if (tc.isDebugEnabled()) {
                    if (session != null) {
                        Tr.debug(tc, "HTTP session is " + session.getId());
                    } else {
                        Tr.debug(tc, "HTTP session is null");
                    }
                }
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "transport.http.servletRequest is null or not of type HttpServletRequest");
            }
        } else if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Not enabling session");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setHttpSession(MessageContext msgContext)");
        }
    }
}
