package com.ibm.ws.wssecurity.wssapi.token.impl;

import com.ibm.websphere.wssecurity.callbackhandler.GenericIssuedTokenConsumeCallback;
import com.ibm.websphere.wssecurity.callbackhandler.PropertyCallback;
import com.ibm.websphere.wssecurity.wssapi.token.SAMLToken;
import com.ibm.websphere.wssecurity.wssapi.token.SecurityToken;
import com.ibm.websphere.wssecurity.wssapi.trust.WSSTrustClient;
import com.ibm.websphere.wssecurity.wssapi.trust.WSSTrustClientValidateResult;
import com.ibm.ws.wssecurity.admin.BindingPropertyConstants;
import com.ibm.ws.wssecurity.config.WSSConsumerConfig;
import com.ibm.ws.wssecurity.platform.audit.WSSAuditEventGenerator;
import com.ibm.ws.wssecurity.platform.audit.WSSAuditEventGeneratorFactory;
import com.ibm.ws.wssecurity.platform.audit.WSSAuditService;
import com.ibm.ws.wssecurity.platform.auth.WSSContextManagerFactory;
import com.ibm.ws.wssecurity.saml.common.SAMLCommonConstants;
import com.ibm.ws.wssecurity.saml.common.util.IdUtils;
import com.ibm.ws.wssecurity.saml.saml20.assertion.Assertion;
import com.ibm.ws.wssecurity.util.ConfigUtil;
import com.ibm.ws.wssecurity.util.DOMUtils;
import com.ibm.ws.wssecurity.util.NamespaceUtil;
import com.ibm.ws.wssecurity.util.Tr;
import com.ibm.ws.wssecurity.util.TraceComponent;
import com.ibm.ws.wssecurity.util.WSSecurityFactoryBuilder;
import com.ibm.ws.wssecurity.wssapi.OMStructure;
import com.ibm.wsspi.wssecurity.core.Constants;
import com.ibm.wsspi.wssecurity.core.config.TokenConsumerConfig;
import com.ibm.wsspi.wssecurity.core.token.SecurityTokenManager;
import com.ibm.wsspi.wssecurity.core.token.config.RequesterConfiguration;
import com.ibm.wsspi.wssecurity.core.token.config.WSSConstants;
import com.ibm.wsspi.wssecurity.trust.config.ProviderConfig;
import com.ibm.wsspi.wssecurity.trust.config.RequesterConfig;
import java.util.List;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import javax.xml.namespace.QName;
import org.apache.axiom.om.OMElement;
import org.apache.axis2.client.Options;
import org.apache.axis2.context.MessageContext;

/* loaded from: input_file:lib/com.ibm.wsfp.main.jar:com/ibm/ws/wssecurity/wssapi/token/impl/GenericIssuedTokenConsumeLoginModule.class */
public class GenericIssuedTokenConsumeLoginModule implements LoginModule {
    private static final String comp = "security.wssecurity";
    private Subject _subject;
    private CallbackHandler _handler;
    private Map _sharedState;
    private Map _options;
    SecurityTokenManager _securityTokenManager;
    Map<Object, Object> _context;
    private static final TraceComponent tc = Tr.register(GenericIssuedTokenConsumeLoginModule.class, "Web Services Security", "com.ibm.ws.wssecurity.resources.wssmessages");
    private static final String clsName = GenericIssuedTokenConsumeLoginModule.class.getName();
    private static final QName VALUETYPE_Q = new QName("", "ValueType");
    private static QName IDQAttr = new QName(null, Assertion.ID);
    private static QName AssertionIDQAttr = new QName(null, "AssertionID");
    private static String _factoryKey = (String) WSSecurityFactoryBuilder.getImplClassName("com.ibm.ws.wssecurity.platform.ExchangeToken");
    private static TokenFactory _tokenFactory = TokenFactoryFactory.getTokenFactory(_factoryKey);
    private SecurityToken _token = null;
    private SecurityToken _token2 = null;
    private SecurityToken _token3 = null;
    MessageContext messageContext = null;
    private WSSAuditService _wssAuditService = null;
    private WSSAuditEventGenerator _wssAuditEventGenerator = null;
    boolean _isAuthnDeniedEventRequired = false;
    boolean _isAuthnSuccessEventRequired = false;

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> map, Map<String, ?> map2) {
        this._subject = subject;
        this._handler = callbackHandler;
        this._sharedState = map;
        this._options = map2;
        this._wssAuditService = WSSContextManagerFactory.getInstance().getAuditService();
        this._wssAuditEventGenerator = WSSAuditEventGeneratorFactory.getInstance();
        this._isAuthnDeniedEventRequired = this._wssAuditService.isEventRequired(WSSAuditService.WSSAuditEventType.SECURITY_AUTHN, WSSAuditService.WSSAuditOutcome.DENIED, this._context);
        this._isAuthnSuccessEventRequired = this._wssAuditService.isEventRequired(WSSAuditService.WSSAuditEventType.SECURITY_AUTHN, WSSAuditService.WSSAuditOutcome.SUCCESS, this._context);
    }

    public boolean login() throws LoginException {
        GenericIssuedTokenConsumeCallback genericIssuedTokenConsumeCallback = new GenericIssuedTokenConsumeCallback();
        PropertyCallback propertyCallback = new PropertyCallback(null);
        try {
            this._handler.handle(new Callback[]{genericIssuedTokenConsumeCallback, propertyCallback});
            this._context = propertyCallback.getProperties();
            TokenConsumerConfig tokenConsumerConfig = (TokenConsumerConfig) this._context.get(TokenConsumerConfig.CONFIG_KEY);
            WSSConsumerConfig wSSConsumerConfig = (WSSConsumerConfig) this._context.get("com.ibm.wsspi.wssecurity.config.wssConsumer.configKey");
            MessageContext messageContext = (MessageContext) this._context.get(Constants.WSSECURITY_MESSAGE_CONTEXT);
            this._securityTokenManager = (SecurityTokenManager) this._context.get(Constants.WSSECURITY_SECURITY_TOKEN_MANAGER);
            OMElement oMElement = (OMElement) this._context.get("com.ibm.ws.wssecurity.constants.processingElement");
            QName validateValueType = validateValueType(oMElement, tokenConsumerConfig, this._context);
            if (validateValueType != null) {
                processGenericSecurityToken(oMElement, genericIssuedTokenConsumeCallback, wSSConsumerConfig, tokenConsumerConfig, messageContext, this._context, validateValueType);
                return true;
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Could not correlate the received token and the assigned configuration");
            }
            throw new LoginException(ConfigUtil.getMessage("security.wssecurity.CWWSS7545E"));
        } catch (Exception e) {
            Tr.processException(e, clsName + ".login", "%C", this);
            throw new LoginException(ConfigUtil.getMessage("security.wssecurity.BSTokenLoginModule.s01", new String[]{e.toString()}));
        }
    }

    private void processGenericSecurityToken(OMElement oMElement, GenericIssuedTokenConsumeCallback genericIssuedTokenConsumeCallback, WSSConsumerConfig wSSConsumerConfig, TokenConsumerConfig tokenConsumerConfig, MessageContext messageContext, Map<Object, Object> map, QName qName) throws LoginException {
        SecurityToken createFullToken;
        SecurityToken validateGenericSecurityToken = validateGenericSecurityToken(oMElement, genericIssuedTokenConsumeCallback, wSSConsumerConfig, tokenConsumerConfig, messageContext, qName);
        if (validateGenericSecurityToken == null && genericIssuedTokenConsumeCallback.getExchangedTokenType() != null && !WSSConstants.WST12.STATUS_TOKEN.equalsIgnoreCase(genericIssuedTokenConsumeCallback.getExchangedTokenType()) && !WSSConstants.WST13.STATUS_TOKEN.equalsIgnoreCase(genericIssuedTokenConsumeCallback.getExchangedTokenType())) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "There is no exchanged SecurityToken from trust service.");
            }
            if (this._isAuthnDeniedEventRequired) {
                this._wssAuditEventGenerator.setExtendedAuditData(this._context, WSSAuditEventGenerator.TOKEN_SENT_FOR_EXCHANGE_TYPE, qName.toString());
            }
            throw new LoginException(ConfigUtil.getMessage("security.wssecurity.CWWSS7546E"));
        }
        QName qName2 = null;
        if (validateGenericSecurityToken != null) {
            qName2 = validateGenericSecurityToken.getValueType();
            if (qName2 == null || (qName2.getLocalPart() != null && qName2.getLocalPart().contains(BindingPropertyConstants.LTPA))) {
                qName2 = getValueType(((OMStructure) validateGenericSecurityToken.getXML()).getNode(), map, genericIssuedTokenConsumeCallback.getExchangedTokenType());
                if (qName2 == null) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "The new exchanged token ValueType is not identified.");
                    }
                    throw new LoginException(ConfigUtil.getMessage("security.wssecurity.CWWSS7547E"));
                }
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "The new exchanged token is " + qName2);
            }
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Token has been validated by trust service.");
        }
        boolean z = true;
        if (validateGenericSecurityToken == null) {
            z = false;
        }
        boolean z2 = true;
        String str = (String) tokenConsumerConfig.getProperties().get(com.ibm.ws.wssecurity.common.Constants.TOKEN_FORWARDABLE);
        if (str != null && str.equalsIgnoreCase("false")) {
            z2 = false;
        }
        String tokenId = getTokenId(oMElement);
        if (!z) {
            SecurityToken createFullToken2 = createFullToken(oMElement, qName, map, z2);
            if (this._isAuthnSuccessEventRequired) {
                this._wssAuditEventGenerator.setExtendedAuditData(this._context, WSSAuditEventGenerator.TOKEN_ID, createFullToken2.getId());
            }
            this._token = createFullToken2;
            return;
        }
        if (validateGenericSecurityToken instanceof SAMLToken) {
            createFullToken = validateGenericSecurityToken;
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "The exchanged token has been created.");
            }
        } else {
            createFullToken = createFullToken(((OMStructure) validateGenericSecurityToken.getXML()).getNode(), qName2, map, z2);
        }
        ExchangeTokenImpl createSimpleToken = createSimpleToken(oMElement, qName, tokenId, createFullToken, z2);
        if (qName.equals(SAMLCommonConstants._SAML11_TOKENTYPE_QNAME) || qName.equals(SAMLCommonConstants._SAML20_TOKENTYPE_QNAME)) {
            this._token3 = createFullToken(oMElement, qName, map, false);
            if (((SAMLToken) this._token3).getConfirmationMethod() == null || ((SAMLToken) this._token3).getConfirmationMethod().contains("bearer")) {
                this._token3 = null;
            }
        }
        if (this._isAuthnSuccessEventRequired) {
            Map<String, Object> extendedAuditData = this._wssAuditEventGenerator.setExtendedAuditData(this._context, WSSAuditEventGenerator.EXCHANGED_TOKEN_TYPE, createFullToken.getValueType().toString());
            this._wssAuditEventGenerator.addExtendedAuditData(extendedAuditData, WSSAuditEventGenerator.EXCHANGED_TOKEN_ID, createFullToken.getId());
            this._wssAuditEventGenerator.addExtendedAuditData(extendedAuditData, WSSAuditEventGenerator.TOKEN_SENT_FOR_EXCHANGE_TYPE, createSimpleToken.getValueType().toString());
            this._wssAuditEventGenerator.addExtendedAuditData(extendedAuditData, WSSAuditEventGenerator.TOKEN_SENT_FOR_EXCHANGE_ID, createSimpleToken.getId());
        }
        this._token = createFullToken;
        this._token2 = createSimpleToken;
    }

    private static QName validateValueType(OMElement oMElement, TokenConsumerConfig tokenConsumerConfig, Map<Object, Object> map) {
        QName qName = null;
        QName type = tokenConsumerConfig.getType();
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "The ValueType in Token Configuration is " + type);
        }
        String attributeValue = oMElement.getAttributeValue(VALUETYPE_Q);
        String localName = oMElement.getLocalName();
        QName qName2 = null;
        int i = 0;
        Object obj = map.get(com.ibm.ws.wssecurity.common.Constants.WSS_VERSION);
        if (obj != null && (obj instanceof Integer)) {
            i = ((Integer) obj).intValue();
        }
        if (attributeValue != null) {
            qName2 = DOMUtils.getQName(oMElement, attributeValue, i);
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "The ValueType in receiving token is " + qName2);
        }
        if (qName2 == null) {
            QName qName3 = new QName(oMElement.getNamespace() == null ? null : oMElement.getNamespace().getNamespaceURI(), oMElement.getLocalName());
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "The QName of receiving token is " + qName3);
            }
            if (NamespaceUtil.equals(qName3, type)) {
                qName = type;
            } else if (NamespaceUtil.equals(qName3, SAMLCommonConstants._SAML11_QNAME) && NamespaceUtil.equals(type, SAMLCommonConstants._SAML11_TOKENTYPE_QNAME)) {
                qName = type;
            } else if (NamespaceUtil.equals(qName3, SAMLCommonConstants._SAML20_QNAME) && NamespaceUtil.equals(type, SAMLCommonConstants._SAML20_TOKENTYPE_QNAME)) {
                qName = type;
            } else if ("UsernameToken".equals(localName) && (type.equals(com.ibm.ws.wssecurity.common.Constants.UNTOKEN) || type.equals(com.ibm.ws.wssecurity.common.Constants.UNTOKEN_11))) {
                qName = type;
            }
        } else if (NamespaceUtil.equals(qName2, type)) {
            qName = type;
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Valid token ValueType:" + qName);
        }
        return qName;
    }

    private static QName getValueType(OMElement oMElement, Map<Object, Object> map, String str) {
        String attributeValue = oMElement.getAttributeValue(VALUETYPE_Q);
        QName qName = null;
        String localName = oMElement.getLocalName();
        int i = 0;
        Object obj = map.get(com.ibm.ws.wssecurity.common.Constants.WSS_VERSION);
        if (obj != null && (obj instanceof Integer)) {
            i = ((Integer) obj).intValue();
        }
        if (attributeValue != null) {
            qName = DOMUtils.getQName(oMElement, attributeValue, i);
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "The ValueType in receiving token is " + qName);
        }
        if (qName == null) {
            QName qName2 = new QName(oMElement.getNamespace() == null ? null : oMElement.getNamespace().getNamespaceURI(), oMElement.getLocalName());
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "The QName of receiving token is " + qName2);
            }
            if (NamespaceUtil.equals(qName2, SAMLCommonConstants._SAML11_QNAME)) {
                qName = SAMLCommonConstants._SAML11_TOKENTYPE_QNAME;
            } else if (NamespaceUtil.equals(qName2, SAMLCommonConstants._SAML20_QNAME)) {
                qName = SAMLCommonConstants._SAML20_TOKENTYPE_QNAME;
            } else if ("UsernameToken".equals(localName) && com.ibm.ws.wssecurity.common.Constants.UNTOKEN.getLocalPart().equals(str)) {
                qName = com.ibm.ws.wssecurity.common.Constants.UNTOKEN;
            } else if ("UsernameToken".equals(localName) && com.ibm.ws.wssecurity.common.Constants.UNTOKEN_11.getLocalPart().equals(str)) {
                qName = com.ibm.ws.wssecurity.common.Constants.UNTOKEN_11;
            }
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Valid token ValueType:" + qName);
        }
        return qName;
    }

    private static String getTokenId(OMElement oMElement) {
        String str = null;
        QName idAttributeName = IdUtils.getInstance().getIdAttributeName(oMElement);
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "The identifier attribute of the target element is [" + idAttributeName + "].");
        }
        if (idAttributeName != null) {
            str = oMElement.getAttributeValue(idAttributeName);
        } else {
            QName qName = new QName(oMElement.getNamespace() == null ? null : oMElement.getNamespace().getNamespaceURI(), oMElement.getLocalName());
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "The QName of receiving token is " + qName);
            }
            if (NamespaceUtil.equals(qName, SAMLCommonConstants._SAML11_QNAME)) {
                str = oMElement.getAttributeValue(AssertionIDQAttr);
            } else if (NamespaceUtil.equals(qName, SAMLCommonConstants._SAML20_QNAME)) {
                str = oMElement.getAttributeValue(IDQAttr);
            }
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "The token ID is " + str);
        }
        return str;
    }

    private static SecurityToken createFullToken(OMElement oMElement, QName qName, Map map, boolean z) throws LoginException {
        int i = 0;
        Object obj = map.get(com.ibm.ws.wssecurity.common.Constants.WSS_VERSION);
        if (obj != null && (obj instanceof Integer)) {
            i = ((Integer) obj).intValue();
        }
        OMStructure oMStructure = new OMStructure();
        oMStructure.setNode(oMElement);
        try {
            return CommonTokenParser.getSecurityToken(oMStructure, qName, i, z, null);
        } catch (Exception e) {
            LoginException loginException = new LoginException(e.getMessage());
            loginException.initCause(e.getCause());
            throw loginException;
        }
    }

    private static ExchangeTokenImpl createSimpleToken(OMElement oMElement, QName qName, String str, SecurityToken securityToken, boolean z) {
        ExchangeTokenImpl exchangeTokenImpl = (ExchangeTokenImpl) _tokenFactory.getToken(z);
        exchangeTokenImpl.id = str;
        exchangeTokenImpl.valueType = qName;
        OMStructure oMStructure = new OMStructure();
        oMStructure.setNode(oMElement);
        exchangeTokenImpl.xml = oMStructure;
        exchangeTokenImpl.setAuthorizationToken(securityToken);
        return exchangeTokenImpl;
    }

    private static SecurityToken validateGenericSecurityToken(OMElement oMElement, GenericIssuedTokenConsumeCallback genericIssuedTokenConsumeCallback, WSSConsumerConfig wSSConsumerConfig, TokenConsumerConfig tokenConsumerConfig, MessageContext messageContext, QName qName) throws LoginException {
        try {
            String stsURI = genericIssuedTokenConsumeCallback.getStsURI();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "issueToken/stsEndpointAddress:  " + stsURI);
            }
            String str = null;
            if (messageContext.getTo() != null) {
                str = messageContext.getTo().getAddress();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "The End Point Address (from mc) is: " + str);
                }
            } else {
                Options options = messageContext.getOptions();
                if (options != null) {
                    str = options.getTo().getAddress();
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "The End Point Address (from options, from mc returns null) is: " + str);
                }
            }
            try {
                String wstNamespace = genericIssuedTokenConsumeCallback.getWstNamespace();
                if (wstNamespace == null) {
                    wstNamespace = "http://docs.oasis-open.org/ws-sx/ws-trust/200512";
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "issueToken...  WS-Trust namespace:  " + wstNamespace);
                }
                ProviderConfig newProviderConfig = WSSTrustClient.newProviderConfig(wstNamespace, stsURI);
                newProviderConfig.setPolicySetName(genericIssuedTokenConsumeCallback.getStsPolicy());
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "issueToken...  policySetName:  " + genericIssuedTokenConsumeCallback.getStsPolicy());
                }
                if (genericIssuedTokenConsumeCallback.getStsValidatePolicy() != null && !genericIssuedTokenConsumeCallback.getStsValidatePolicy().isEmpty()) {
                    newProviderConfig.setPolicySetName(genericIssuedTokenConsumeCallback.getStsValidatePolicy());
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "issueToken...  validate policySetName:  " + genericIssuedTokenConsumeCallback.getStsValidatePolicy());
                    }
                }
                newProviderConfig.setBindingName(genericIssuedTokenConsumeCallback.getStsBinding());
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "issueToken...  stsBinding:  " + genericIssuedTokenConsumeCallback.getStsBinding());
                }
                if (genericIssuedTokenConsumeCallback.getStsValidateBinding() != null && !genericIssuedTokenConsumeCallback.getStsValidateBinding().isEmpty()) {
                    newProviderConfig.setBindingName(genericIssuedTokenConsumeCallback.getStsValidateBinding());
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "issueToken...  Validate stsBinding:  " + genericIssuedTokenConsumeCallback.getStsValidateBinding());
                    }
                }
                newProviderConfig.setBindingScope(genericIssuedTokenConsumeCallback.getStsBindingScope());
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "issueToken...  stsBindingScope:  " + genericIssuedTokenConsumeCallback.getStsBindingScope());
                }
                RequesterConfig newRequesterConfig = WSSTrustClient.newRequesterConfig(wstNamespace);
                newRequesterConfig.put(RequesterConfiguration.RSTT.APPLIESTO_ADDRESS, str);
                newRequesterConfig.setSOAPNamespace("http://schemas.xmlsoap.org/soap/envelope/");
                if (genericIssuedTokenConsumeCallback.getStsSoapVersion() != null && genericIssuedTokenConsumeCallback.getStsSoapVersion().equals(com.ibm.ws.websvcs.rm.policyset.Constants._WSRM_1_1)) {
                    newRequesterConfig.setSOAPNamespace("http://schemas.xmlsoap.org/soap/envelope/");
                } else if (genericIssuedTokenConsumeCallback.getStsSoapVersion() != null && genericIssuedTokenConsumeCallback.getStsSoapVersion().equals("1.2")) {
                    newRequesterConfig.setSOAPNamespace("http://www.w3.org/2003/05/soap-envelope");
                } else if (com.ibm.ws.wssecurity.common.Constants.NS_SOAP12.equalsIgnoreCase(messageContext.getEnvelope().getNamespace().getName())) {
                    newRequesterConfig.setSOAPNamespace("http://www.w3.org/2003/05/soap-envelope");
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "issueToken...  soapNamespace:  " + newRequesterConfig.getSOAPNamespace());
                }
                newRequesterConfig.setRSTTProperties(genericIssuedTokenConsumeCallback.getProperties());
                String exchangedTokenType = genericIssuedTokenConsumeCallback.getExchangedTokenType();
                newRequesterConfig.put(RequesterConfiguration.RSTT.TOKENTYPE, exchangedTokenType);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "issueToken...  tokenType:  " + exchangedTokenType);
                }
                newProviderConfig.setIncludeRSTRProperties(true);
                String validateTarget = genericIssuedTokenConsumeCallback.getValidateTarget();
                if (genericIssuedTokenConsumeCallback.validateTargets[0].equalsIgnoreCase(validateTarget)) {
                    newRequesterConfig.put(RequesterConfiguration.RSTT.VALIDATETARGET_TOKEN_XML, oMElement.toStringWithConsume());
                } else if (genericIssuedTokenConsumeCallback.validateTargets[1].equalsIgnoreCase(validateTarget)) {
                    newRequesterConfig.put(RequesterConfiguration.RSTT.VALIDATETARGET_REFERENCE_URI, getTokenId(oMElement));
                    newRequesterConfig.put(RequesterConfiguration.RSTT.VALIDATETARGET_REFERENCE_VALUETYPE, qName.getNamespaceURI());
                } else if (genericIssuedTokenConsumeCallback.validateTargets[2].equalsIgnoreCase(validateTarget)) {
                    newRequesterConfig.put(RequesterConfiguration.RSTT.EXTENSION_BASE, oMElement.toStringWithConsume());
                } else {
                    newRequesterConfig.put(RequesterConfiguration.RSTT.EXTENSION_BASE, oMElement.toStringWithConsume());
                }
                if (genericIssuedTokenConsumeCallback.getIssuer() != null && !genericIssuedTokenConsumeCallback.getIssuer().isEmpty()) {
                    newRequesterConfig.put(RequesterConfiguration.RSTT.ISSUER_ADDRESS, genericIssuedTokenConsumeCallback.getIssuer());
                }
                List<WSSTrustClientValidateResult> validate = WSSTrustClient.getInstance(newProviderConfig).validate(newProviderConfig, newRequesterConfig);
                if (validate == null || validate.size() != 1) {
                    if (validate == null || validate.isEmpty()) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "issueToken...  There is no WSSTrustClientValidateResult.");
                        }
                        throw new LoginException(ConfigUtil.getMessage("security.wssecurity.CWWSS7548E"));
                    }
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "issueToken...  There are more than one WSSTrustClientValidateResult.");
                    }
                    throw new LoginException(ConfigUtil.getMessage("security.wssecurity.CWWSS7549E"));
                }
                WSSTrustClientValidateResult wSSTrustClientValidateResult = validate.get(0);
                String statusCode = wSSTrustClientValidateResult.getStatusCode();
                if (WSSConstants.WST12.STATUS_CODE_VALID.equalsIgnoreCase(statusCode) || WSSConstants.WST13.STATUS_CODE_VALID.equalsIgnoreCase(statusCode)) {
                    return wSSTrustClientValidateResult.getSecurityToken();
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "issueToken...  StatusCode:  " + statusCode);
                }
                throw new LoginException(statusCode);
            } catch (Exception e) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, ConfigUtil.getMessage("security.wssecurity.CWWSS7513E", new String[]{e.toString()}));
                    e.printStackTrace();
                }
                LoginException loginException = new LoginException(e.getMessage());
                loginException.initCause(e);
                throw loginException;
            }
        } catch (Exception e2) {
            throw new LoginException(e2.getMessage());
        }
    }

    public boolean commit() throws LoginException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "commit()");
        }
        if (this._token != null) {
            this._securityTokenManager.addToken(this._token);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "The token hash value = " + this._token.hashCode());
            }
            this._context.put(Constants.WSSECURITY_TOKEN_PROCESSED, this._token);
        }
        if (this._token2 != null) {
            this._securityTokenManager.addToken(this._token2);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "The token hash value = " + this._token2.hashCode());
            }
            this._context.put(Constants.WSSECURITY_TOKEN_PROCESSED, this._token2);
        }
        if (this._token3 != null) {
            this._securityTokenManager.addToken(this._token3);
        }
        if (!tc.isEntryEnabled()) {
            return true;
        }
        Tr.exit(tc, "commit()");
        return true;
    }

    public boolean logout() throws LoginException {
        return false;
    }

    public boolean abort() throws LoginException {
        return false;
    }
}
