package com.ibm.ws.websvcs.transport.http;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.ssl.JSSEHelper;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.util.AccessController;
import com.ibm.ws.webservices.utils.JavaUtils;
import com.ibm.ws.websvcs.Constants;
import com.ibm.ws.websvcs.resources.NLSProvider;
import com.ibm.ws.websvcs.transport.Config;
import com.ibm.ws.websvcs.transport.channel.DefaultHTTPSTransportClientProperties;
import com.ibm.ws.websvcs.transport.channel.WSAddress;
import com.ibm.ws.websvcs.transport.security.ConfigSSL;
import com.ibm.ws.websvcs.transport.security.ConfigSSLProvider;
import com.ibm.ws.websvcs.transport.security.WSConfigSSLChangeListener;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.Properties;
import org.apache.axis2.AxisFault;
import org.apache.axis2.context.MessageContext;

/* loaded from: input_file:lib/com.ibm.wsfp.main.jar:com/ibm/ws/websvcs/transport/http/SetupSSLConfiguration.class */
public class SetupSSLConfiguration {
    private static final TraceComponent _tc = Tr.register(SetupSSLConfiguration.class, Constants.TR_GROUP, Constants.TR_RESOURCE_BUNDLE);
    private MessageContext localmsgContext;

    public SetupSSLConfiguration(MessageContext messageContext) {
        this.localmsgContext = messageContext;
    }

    public void setupEffectiveSSLConfiguration(final WSAddress wSAddress, final DefaultHTTPSTransportClientProperties defaultHTTPSTransportClientProperties) throws AxisFault {
        if (_tc.isEntryEnabled()) {
            Tr.entry(_tc, "setupEffectiveSSLConfiguration");
        }
        try {
            Config config = (Config) AccessController.doPrivileged(new PrivilegedExceptionAction() { // from class: com.ibm.ws.websvcs.transport.http.SetupSSLConfiguration.1
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws AxisFault {
                    return ConfigSSLProvider.getInstance(defaultHTTPSTransportClientProperties).getConfig(SetupSSLConfiguration.this.localmsgContext, wSAddress, defaultHTTPSTransportClientProperties);
                }
            });
            if (_tc.isDebugEnabled()) {
                Tr.debug(_tc, "Effective SSL configuration: " + (config == null ? null : config.toString()));
            }
            if (config == null) {
                throw new AxisFault(NLSProvider.getNLS().getFormattedMessage("sslConfigResolveFailed01", new Object[]{wSAddress.toString()}, "No Secure Sockets Layer (SSL) configuration is available for the {0} endpoint."));
            }
            wSAddress.setTransportConfiguration(config);
            config.addTargetAddress(wSAddress);
            if (_tc.isEntryEnabled()) {
                Tr.exit(_tc, "setupEffectiveSSLConfiguration");
            }
        } catch (PrivilegedActionException e) {
            FFDCFilter.processException(e, "com.ibm.ws.webservices.engine.transport.http.HTTPSender.invoke", "%C", this);
            if (_tc.isDebugEnabled()) {
                Tr.debug(_tc, "exception01 " + JavaUtils.stackToString(e));
            }
            throw e.getException();
        }
    }

    public void restoreSSLConfiguration(final WSAddress wSAddress) throws AxisFault, PrivilegedActionException {
        if (_tc.isEntryEnabled()) {
            Tr.entry(_tc, "restoreSSLConfiguration");
        }
        try {
            AccessController.doPrivileged(new PrivilegedExceptionAction() { // from class: com.ibm.ws.websvcs.transport.http.SetupSSLConfiguration.2
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws AxisFault, PrivilegedActionException {
                    JSSEHelper jSSEHelper = JSSEHelper.getInstance();
                    ConfigSSL configSSL = (ConfigSSL) wSAddress.transportConfiguration();
                    if (configSSL == null) {
                        return null;
                    }
                    WSConfigSSLChangeListener wSConfigSSLChangeListener = configSSL.getlistener();
                    if (wSConfigSSLChangeListener != null) {
                        if (SetupSSLConfiguration._tc.isDebugEnabled()) {
                            Tr.debug(SetupSSLConfiguration._tc, "De-registering WSConfigSSLChangeListener: " + wSConfigSSLChangeListener);
                        }
                        wSConfigSSLChangeListener.deRegister();
                    }
                    Properties preCfg = configSSL.getPreCfg();
                    if (preCfg != null) {
                        if (SetupSSLConfiguration._tc.isDebugEnabled()) {
                            Tr.debug(SetupSSLConfiguration._tc, "Restoring previously saved SSL configuration: " + preCfg);
                        }
                    } else if (SetupSSLConfiguration._tc.isDebugEnabled()) {
                        Tr.debug(SetupSSLConfiguration._tc, "No previously saved SSL configuration to be restored.");
                    }
                    jSSEHelper.setSSLPropertiesOnThread(preCfg);
                    return null;
                }
            });
            if (_tc.isEntryEnabled()) {
                Tr.exit(_tc, "restoreSSLConfiguration");
            }
        } catch (PrivilegedActionException e) {
            FFDCFilter.processException(e, "com.ibm.ws.webservices.engine.transport.http.setupSSL.restoreSSLConfiguration", "1059", this);
            if (_tc.isDebugEnabled()) {
                Tr.debug(_tc, "exception01 " + JavaUtils.stackToString(e));
            }
            throw e;
        }
    }
}
