package org.apache.cxf.ws.security.policy.interceptors;

import java.util.Arrays;
import java.util.Map;
import org.apache.cxf.binding.soap.Soap11;
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.message.Message;
import org.apache.cxf.ws.policy.AbstractPolicyInterceptorProvider;
import org.apache.cxf.ws.policy.AssertionInfoMap;
import org.apache.cxf.ws.security.SecurityConstants;
import org.apache.cxf.ws.security.trust.STSClient;
import org.apache.neethi.All;
import org.apache.neethi.ExactlyOne;
import org.apache.neethi.Policy;
import org.apache.wss4j.dom.WSSConfig;
import org.apache.wss4j.policy.SP11Constants;
import org.apache.wss4j.policy.SP12Constants;
import org.apache.wss4j.policy.model.AlgorithmSuite;

/* loaded from: input_file:lib/open/cxf/wssec/cxf-rt-ws-security-3.0.3.jar:org/apache/cxf/ws/security/policy/interceptors/SpnegoTokenInterceptorProvider.class */
public class SpnegoTokenInterceptorProvider extends AbstractPolicyInterceptorProvider {
    private static final long serialVersionUID = -3412111025613191505L;

    public SpnegoTokenInterceptorProvider() {
        super(Arrays.asList(SP11Constants.SPNEGO_CONTEXT_TOKEN, SP12Constants.SPNEGO_CONTEXT_TOKEN));
        getOutInterceptors().add(new SpnegoContextTokenOutInterceptor());
        getOutFaultInterceptors().add(new SpnegoContextTokenOutInterceptor());
        getInInterceptors().add(new SpnegoContextTokenInInterceptor());
        getInFaultInterceptors().add(new SpnegoContextTokenInInterceptor());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String setupClient(STSClient sTSClient, SoapMessage soapMessage, AssertionInfoMap assertionInfoMap) {
        sTSClient.setTrust(NegotiationUtils.getTrust10(assertionInfoMap));
        sTSClient.setTrust(NegotiationUtils.getTrust13(assertionInfoMap));
        Policy policy = new Policy();
        ExactlyOne exactlyOne = new ExactlyOne();
        policy.addPolicyComponent(exactlyOne);
        All all = new All();
        all.addPolicyComponent(NegotiationUtils.getAddressingPolicy(assertionInfoMap, false));
        exactlyOne.addPolicyComponent(all);
        sTSClient.setPolicy(policy);
        sTSClient.setSoap11(soapMessage.getVersion() == Soap11.getInstance());
        sTSClient.setSpnego(true);
        sTSClient.setContext(WSSConfig.getNewInstance().getIdAllocator().createSecureId("_", null));
        String obj = soapMessage.getContextualProperty(Message.ENDPOINT_ADDRESS).toString();
        sTSClient.setLocation(obj);
        AlgorithmSuite algorithmSuite = NegotiationUtils.getAlgorithmSuite(assertionInfoMap);
        if (algorithmSuite != null) {
            sTSClient.setAlgorithmSuite(algorithmSuite);
            int maximumSymmetricKeyLength = algorithmSuite.getAlgorithmSuiteType().getMaximumSymmetricKeyLength();
            if (maximumSymmetricKeyLength < 256) {
                sTSClient.setKeySize(maximumSymmetricKeyLength);
            }
        }
        mapSecurityProps(soapMessage, sTSClient.getRequestContext());
        return obj;
    }

    private static void mapSecurityProps(Message message, Map<String, Object> map) {
        for (String str : SecurityConstants.ALL_PROPERTIES) {
            Object contextualProperty = message.getContextualProperty(str);
            if (contextualProperty != null) {
                map.put(str, contextualProperty);
            }
        }
    }
}
