package com.ibm.rational.ttt.common.cxf.utils;

import com.ibm.rational.test.lt.models.ws.LoggingUtil;
import com.ibm.rational.test.lt.models.wscore.datamodel.adaptation.ResourceProxy;
import com.ibm.rational.test.lt.models.wscore.datamodel.adaptation.util.ResourceProxyResolverAccess;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.KeyConfiguration;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.KeyStoreConfiguration;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.KeystoreManager;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.policy.PolicyConfiguration;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.policy.PolicyMdl;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.policy.PolicyRemoteService;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.xmlsec.X509Key;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.xmlsec.impl.KeyStoreTypeUtil;
import com.ibm.rational.test.lt.models.wscore.utils.SimpleProperty;
import com.ibm.rational.test.lt.models.wscore.utils.util.StringUtil;
import com.ibm.rational.ttt.common.cxf.conduit.ISOACXFConstants;
import com.ibm.rational.ttt.common.cxf.handler.ClientCallbackHandler;
import com.ibm.rational.ttt.common.cxf.handler.StoreCallbackHandler;
import java.io.File;
import java.util.Map;
import java.util.Properties;
import org.apache.cxf.message.Message;
import org.apache.cxf.ws.addressing.MAPAggregator;
import org.apache.cxf.ws.security.SecurityConstants;
import org.apache.cxf.ws.security.tokenstore.TokenStore;
import org.apache.rampart.RampartConstants;

/* loaded from: input_file:coremdl.jar:com/ibm/rational/ttt/common/cxf/utils/CxfUtils.class */
public class CxfUtils {
    public static final String PASSWORD_SEPARATOR = "$$";

    public static Map createStsContextAnswer(PolicyMdl policyMdl, KeystoreManager keystoreManager) {
        Properties properties = new Properties();
        properties.put(MAPAggregator.ADDRESSING_DISABLED, Boolean.TRUE);
        properties.put(SecurityConstants.CACHE_ISSUED_TOKEN_IN_ENDPOINT, false);
        properties.put(Message.REQUESTOR_ROLE, Boolean.FALSE);
        return properties;
    }

    public static Map createStsContextCall(PolicyMdl policyMdl, KeystoreManager keystoreManager, TokenStore tokenStore, String str) {
        Properties properties = new Properties();
        properties.put("ws-security.callback-handler", new StoreCallbackHandler(new ClientCallbackHandler(), tokenStore));
        properties.put(SecurityConstants.CACHE_ISSUED_TOKEN_IN_ENDPOINT, false);
        properties.put(ISOACXFConstants.STS_URL, "");
        properties.put(MAPAggregator.ADDRESSING_DISABLED, Boolean.FALSE);
        properties.put(MAPAggregator.USING_ADDRESSING, Boolean.TRUE);
        if (keystoreManager != null && policyMdl.isUseSTSService()) {
            PolicyRemoteService policyRemoteService = (PolicyRemoteService) policyMdl.getStsservice();
            if (policyRemoteService != null) {
                properties.putAll(createContextCall(policyRemoteService.getPolicyMdl(), keystoreManager, true, tokenStore, true, str));
            }
            properties.put("ws-security.sts.applies-to", str);
            for (SimpleProperty simpleProperty : policyRemoteService.getPolicyMdl().getPolicyConfiguration().getSimpleProperty()) {
                String trim = simpleProperty.getName().trim();
                String trim2 = simpleProperty.getValue().trim();
                if (!new String().equals(trim2)) {
                    if (PolicyConfiguration.ENCRYPTION_USER_LN.equals(trim)) {
                        properties.put("ws-security.encryption.username", trim2);
                        if (properties.get("ws-security.encryption.properties") == null && properties.get("ws-security.signature.properties") != null) {
                            properties.put("ws-security.encryption.properties", properties.get("ws-security.signature.properties"));
                        }
                    } else if (PolicyConfiguration.USER_LN.equals(trim)) {
                        properties.put("ws-security.username", trim2);
                    } else if (PolicyConfiguration.USER_CERT_ALIAS_LN.equals(trim)) {
                        properties.put("ws-security.sts.token.username", trim2);
                    } else if (PolicyConfiguration.NAME_PASSWORD_CALLBACK.equals(trim)) {
                        ClientCallbackHandler.addPassword(getName(trim2), getPassword(trim2));
                        properties.put("ws-security.username", getName(trim2));
                    } else if ("ws-security.sts.applies-to".equals(trim)) {
                        properties.put("ws-security.sts.applies-to", trim2);
                    } else {
                        properties.put(trim, trim2);
                    }
                }
            }
            if (policyRemoteService.isUseProof() && policyRemoteService.getKeyInformation() != null) {
                properties.put("ws-security.sts.token.username", policyRemoteService.getKeyInformation().getName().getValue());
                X509Key x509Key = (X509Key) policyRemoteService.getKeyInformation();
                Properties createCryptoProperties = createCryptoProperties(x509Key, keystoreManager);
                if (validName(x509Key)) {
                    properties.put("ws-security.sts.token.username", x509Key.getName().getValue());
                }
                properties.put("ws-security.sts.token.properties", createCryptoProperties);
            }
            if (policyRemoteService.getUrl() != null && !StringUtil.emptyString(policyRemoteService.getUrl().getValue())) {
                properties.put(ISOACXFConstants.STS_URL, policyRemoteService.getUrl().getValue());
            }
        }
        properties.put(Message.REQUESTOR_ROLE, Boolean.FALSE);
        return properties;
    }

    public static Map createContextAnswer(PolicyMdl policyMdl, KeystoreManager keystoreManager, boolean z, TokenStore tokenStore) {
        PolicyConfiguration policyConfiguration = policyMdl.getPolicyConfiguration();
        Properties properties = new Properties();
        properties.put("ws-security.callback-handler", new StoreCallbackHandler(new ClientCallbackHandler(), tokenStore));
        properties.put(SecurityConstants.CACHE_ISSUED_TOKEN_IN_ENDPOINT, false);
        if (keystoreManager != null && policyConfiguration.isUseUncryption()) {
            X509Key x509Key = (X509Key) policyConfiguration.getUncryptionstore();
            if (isValidInTermsOfPublicCert(x509Key)) {
                Properties createEncryptionProperties = createEncryptionProperties(x509Key, keystoreManager, z);
                registerKey(x509Key);
                properties.putAll(createEncryptionProperties);
            }
        }
        properties.put(MAPAggregator.ADDRESSING_DISABLED, Boolean.TRUE);
        properties.put(Message.REQUESTOR_ROLE, Boolean.FALSE);
        return properties;
    }

    public static Map createContextCall(PolicyMdl policyMdl, KeystoreManager keystoreManager, boolean z, TokenStore tokenStore, Boolean bool, String str) {
        PolicyConfiguration policyConfiguration = policyMdl.getPolicyConfiguration();
        Properties properties = new Properties();
        properties.put("ws-security.callback-handler", new StoreCallbackHandler(new ClientCallbackHandler(), tokenStore));
        properties.put(SecurityConstants.CACHE_ISSUED_TOKEN_IN_ENDPOINT, false);
        properties.put(ISOACXFConstants.STS_URL, "");
        properties.put(MAPAggregator.ADDRESSING_DISABLED, Boolean.valueOf(!bool.booleanValue()));
        properties.put(MAPAggregator.USING_ADDRESSING, bool);
        if (keystoreManager != null) {
            if (policyMdl.isUseSTSService()) {
                properties.put("ws-security.sts.applies-to", str);
            }
            if (policyConfiguration.isUseSignature()) {
                X509Key x509Key = (X509Key) policyConfiguration.getSignaturestore();
                if (isValid(x509Key)) {
                    Properties createSignatureProperties = createSignatureProperties(x509Key, keystoreManager, z);
                    registerKey(x509Key);
                    properties.putAll(createSignatureProperties);
                }
            }
            if (policyConfiguration.isUseEncryption()) {
                X509Key x509Key2 = (X509Key) policyConfiguration.getEncryptionstore();
                if (isValidInTermsOfPublicCert(x509Key2)) {
                    Properties createEncryptionProperties = createEncryptionProperties(x509Key2, keystoreManager, z);
                    registerKey(x509Key2);
                    properties.putAll(createEncryptionProperties);
                }
            }
            for (SimpleProperty simpleProperty : policyConfiguration.getSimpleProperty()) {
                String trim = simpleProperty.getName().trim();
                String trim2 = simpleProperty.getValue().trim();
                if (!new String().equals(trim2)) {
                    if (PolicyConfiguration.ENCRYPTION_USER_LN.equals(trim)) {
                        properties.put("ws-security.encryption.username", trim2);
                        if (properties.get("ws-security.encryption.properties") == null && properties.get("ws-security.signature.properties") != null) {
                            properties.put("ws-security.encryption.properties", properties.get("ws-security.signature.properties"));
                        }
                    } else if (PolicyConfiguration.USER_LN.equals(trim)) {
                        properties.put("ws-security.username", trim2);
                    } else if (PolicyConfiguration.NAME_PASSWORD_CALLBACK.equals(trim)) {
                        ClientCallbackHandler.addPassword(getName(trim2), getPassword(trim2));
                        properties.put("ws-security.username", getName(trim2));
                    } else if ("ws-security.sts.applies-to".equals(trim)) {
                        properties.put("ws-security.sts.applies-to", trim2);
                    } else {
                        properties.put(trim, trim2);
                    }
                }
            }
        }
        return properties;
    }

    private static String getName(String str) {
        int indexOf = str.indexOf("$$");
        if (indexOf > 0) {
            return str.substring(0, indexOf);
        }
        throw new IllegalArgumentException();
    }

    private static String getPassword(String str) {
        if (str.indexOf("$$") > 0) {
            return str.substring(str.indexOf("$$") + "$$".length());
        }
        throw new IllegalArgumentException();
    }

    private static void registerKey(X509Key x509Key) {
        if (x509Key != null && validPassword(x509Key)) {
            ClientCallbackHandler.addPassword(x509Key.getName().getValue(), x509Key.getPassWord().getValue());
        }
    }

    private static boolean validPassword(X509Key x509Key) {
        return (x509Key.getPassWord() == null || StringUtil.emptyString(x509Key.getPassWord().getValue())) ? false : true;
    }

    private static boolean validName(X509Key x509Key) {
        return (x509Key.getName() == null || StringUtil.emptyString(x509Key.getName().getValue())) ? false : true;
    }

    private static Properties createEncryptionProperties(X509Key x509Key, KeystoreManager keystoreManager, boolean z) {
        Properties properties = new Properties();
        Properties createCryptoProperties = createCryptoProperties(x509Key, keystoreManager);
        if (validName(x509Key)) {
            properties.put("ws-security.encryption.username", x509Key.getName().getValue());
        }
        properties.put("ws-security.encryption.properties", createCryptoProperties);
        if (z) {
            properties.put("ws-security.sts.token.properties", createCryptoProperties);
        }
        return properties;
    }

    private static Properties createSignatureProperties(X509Key x509Key, KeystoreManager keystoreManager, boolean z) {
        Properties properties = new Properties();
        Properties createCryptoProperties = createCryptoProperties(x509Key, keystoreManager);
        if (validName(x509Key)) {
            properties.put("ws-security.signature.username", x509Key.getName().getValue());
        }
        properties.put("ws-security.signature.properties", createCryptoProperties);
        if (z) {
            properties.put("ws-security.sts.token.properties", createCryptoProperties);
        }
        return properties;
    }

    private static Properties createCryptoProperties(X509Key x509Key, KeystoreManager keystoreManager) {
        if (x509Key == null) {
            LoggingUtil.INSTANCE.error(CxfUtils.class, new NullPointerException("keyInf"));
            return null;
        }
        String keyStoreAliasName = x509Key.getKeyStoreAliasName();
        KeyStoreConfiguration keyStoreConfiguration = keystoreManager.getKeyStoreConfiguration(keyStoreAliasName);
        if (keyStoreConfiguration == null) {
            LoggingUtil.INSTANCE.error(CxfUtils.class, new NullPointerException("ksCfg " + (keyStoreAliasName != null ? keyStoreAliasName : "null")));
            return null;
        }
        KeyConfiguration keyConfiguration = keyStoreConfiguration.getKeyConfiguration();
        ResourceProxy resourceProxy = keyConfiguration.getResourceProxy();
        if (keyConfiguration == null || resourceProxy == null) {
            LoggingUtil.INSTANCE.error(CxfUtils.class, new NullPointerException("mix"));
            return null;
        }
        try {
            String typeKeyStoreOrNull = KeyStoreTypeUtil.getTypeKeyStoreOrNull(resourceProxy);
            if (typeKeyStoreOrNull == null) {
                typeKeyStoreOrNull = "JKS";
            }
            File file = ResourceProxyResolverAccess.getResourceResolver().getFile(resourceProxy);
            Properties properties = new Properties();
            properties.put(CXFTags.PROVIDER, RampartConstants.MERLIN_CRYPTO_IMPL);
            properties.put("org.apache.ws.security.crypto.merlin.keystore.type", typeKeyStoreOrNull);
            properties.put("org.apache.ws.security.crypto.merlin.keystore.file", file.getAbsolutePath());
            properties.put("org.apache.ws.security.crypto.merlin.keystore.password", keyConfiguration.getPassWord());
            properties.put("org.apache.ws.security.crypto.merlin.keystore.alias", x509Key.getName().getValue());
            return properties;
        } catch (Exception e) {
            LoggingUtil.INSTANCE.error(CxfUtils.class, e);
            return null;
        }
    }

    private static boolean isValid(X509Key x509Key) {
        return (x509Key == null || x509Key.getKeyStoreAliasName() == null || new String().equals(x509Key.getKeyStoreAliasName()) || x509Key.getPassWord() == null || x509Key.getPassWord().getValue() == null || new String().equals(x509Key.getPassWord().getValue())) ? false : true;
    }

    private static boolean isValidInTermsOfPublicCert(X509Key x509Key) {
        return (x509Key == null || x509Key.getKeyStoreAliasName() == null || new String().equals(x509Key.getKeyStoreAliasName())) ? false : true;
    }
}
