package com.ibm.rational.ttt.common.cxf.policy.impl;

import com.ibm.rational.test.lt.models.ws.LoggingUtil;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.util.ssl.SSLContextUtil;
import com.ibm.rational.test.lt.models.wscore.utils.util.StringUtil;
import com.ibm.rational.ttt.common.cxf.conduit.ISOACXFConstants;
import com.ibm.rational.ttt.common.cxf.conduit.SOAConduit;
import com.ibm.rational.ttt.common.cxf.context.CXFContextUtils;
import com.ibm.rational.ttt.common.cxf.endpoint.GenericSecurityClientLigth;
import com.ibm.rational.ttt.common.cxf.message.MsgListener;
import com.ibm.rational.ttt.common.cxf.policy.IContextCall;
import com.ibm.rational.ttt.common.cxf.utils.SOALogger;
import java.io.IOException;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Properties;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import org.apache.axis.utils.XMLUtils;
import org.apache.cxf.BusException;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.configuration.jsse.TLSClientParameters;
import org.apache.cxf.databinding.source.SourceDataBinding;
import org.apache.cxf.endpoint.Client;
import org.apache.cxf.endpoint.ClientImpl;
import org.apache.cxf.endpoint.Endpoint;
import org.apache.cxf.endpoint.EndpointException;
import org.apache.cxf.endpoint.EndpointImpl;
import org.apache.cxf.feature.Feature;
import org.apache.cxf.message.Message;
import org.apache.cxf.service.Service;
import org.apache.cxf.transport.http.HTTPConduit;
import org.apache.cxf.ws.addressing.MAPAggregator;
import org.apache.cxf.ws.addressing.impl.MAPAggregatorImpl;
import org.apache.cxf.ws.policy.PolicyConstants;
import org.apache.cxf.ws.security.SecurityConstants;
import org.apache.cxf.ws.security.tokenstore.SOATokenStore;
import org.apache.cxf.ws.security.tokenstore.TokenStore;
import org.apache.cxf.ws.security.trust.AbstractSTSClient;
import org.apache.cxf.ws.security.trust.STSClient;
import org.apache.cxf.ws.security.trust.STSUtils;
import org.apache.cxf.wsdl11.WSDLServiceFactory;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.CryptoFactory;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.w3c.dom.Document;

/* loaded from: input_file:coremdl.jar:com/ibm/rational/ttt/common/cxf/policy/impl/PolicyRunnable.class */
public class PolicyRunnable implements MsgListener.IListener, Runnable {
    private IContextCall call;
    private IContextCall sts;
    private String soapAction;
    private String to;
    private String soapVersion;
    private TokenStore policyStore;
    private GenericSecurityClientLigth clientForTheCall;
    private Document doc;
    private boolean encode;
    private String potentialTransport;
    private String encoded;
    private String decoded;

    public PolicyRunnable(IContextCall iContextCall, IContextCall iContextCall2, String str, String str2, String str3, TokenStore tokenStore, String str4) {
        this.call = iContextCall;
        this.sts = iContextCall2;
        this.soapAction = str;
        this.to = str2;
        this.soapVersion = str3;
        this.policyStore = tokenStore;
        this.potentialTransport = str4;
    }

    private void initializeAll(String str, String str2, String str3) {
        LogUtils.setLoggerClass(SOALogger.class);
        this.clientForTheCall = new GenericSecurityClientLigth(CXFContextUtils.getBus(), str, str2, str3);
        this.clientForTheCall.setPolicy(this.call.getPolicy());
        try {
            this.clientForTheCall.getClient().getRequestContext().put("SOAPAction", ISOACXFConstants.METHOD);
            this.clientForTheCall.getClient().getRequestContext().put(PolicyConstants.POLICY_OVERRIDE, this.call.getPolicy());
            this.clientForTheCall.getClient().getRequestContext().put(SOAConduit.DIRECT_DISPATCH, Boolean.TRUE);
            initializeRequeRespContext(this.clientForTheCall);
            initializeStsContext(this.clientForTheCall);
        } catch (Throwable th) {
            LoggingUtil.INSTANCE.error(getClass(), th);
        }
    }

    private void initializeStsContext(GenericSecurityClientLigth genericSecurityClientLigth) throws Exception {
        STSClient sTSClient = new STSClient(CXFContextUtils.getBus()) { // from class: com.ibm.rational.ttt.common.cxf.policy.impl.PolicyRunnable.1
            private Message cpy = null;

            @Override // org.apache.cxf.ws.security.trust.AbstractSTSClient
            public void setMessage(Message message) {
                new MAPAggregatorImpl().handleMessage(message);
                this.cpy = message;
                super.setMessage(message);
            }

            private TLSClientParameters getParameters() throws Exception {
                TLSClientParameters tLSClientParameters = new TLSClientParameters();
                tLSClientParameters.setUseHttpsURLConnectionDefaultSslSocketFactory(true);
                tLSClientParameters.setDisableCNCheck(true);
                tLSClientParameters.setTrustManagers(SSLContextUtil.SSLCreationUtil.getAlwaysTrueTrustManagers());
                tLSClientParameters.setUseHttpsURLConnectionDefaultHostnameVerifier(false);
                tLSClientParameters.setUseHttpsURLConnectionDefaultSslSocketFactory(false);
                tLSClientParameters.setHostnameVerifier(new HostnameVerifier() { // from class: com.ibm.rational.ttt.common.cxf.policy.impl.PolicyRunnable.1.1
                    @Override // javax.net.ssl.HostnameVerifier
                    public boolean verify(String str, SSLSession sSLSession) {
                        return true;
                    }
                });
                SSLSocketFactory sSLCxf = StsHttpConfigurationStore.getSSLCxf(PolicyRunnable.this.potentialTransport);
                if (sSLCxf != null) {
                    tLSClientParameters.setSSLSocketFactory(sSLCxf);
                } else {
                    tLSClientParameters.setSSLSocketFactory(SSLContextUtil.SSLCreationUtil.getSSLContext(null).getSocketFactory());
                }
                return tLSClientParameters;
            }

            @Override // org.apache.cxf.ws.security.trust.AbstractSTSClient
            protected AbstractSTSClient.STSResponse issue(String str, String str2, String str3, String str4) throws Exception {
                try {
                    HTTPConduit hTTPConduit = (HTTPConduit) getClient().getConduit();
                    try {
                        TLSClientParameters parameters = getParameters();
                        hTTPConduit.setTlsClientParameters(parameters);
                        getClient().getConduitSelector().getEndpoint().getEndpointInfo().addExtensor(parameters);
                    } catch (Exception e) {
                        LoggingUtil.INSTANCE.error(getClass(), e);
                    }
                    if (!StringUtil.emptyString(StsHttpConfigurationStore.getProxy(PolicyRunnable.this.potentialTransport))) {
                        String proxy = StsHttpConfigurationStore.getProxy(PolicyRunnable.this.potentialTransport);
                        Integer proxyPort = StsHttpConfigurationStore.getProxyPort(PolicyRunnable.this.potentialTransport);
                        hTTPConduit.getClient().setProxyServer(proxy);
                        hTTPConduit.getClient().setProxyServerType(StsHttpConfigurationStore.getProxyType());
                        if (proxyPort != null) {
                            hTTPConduit.getClient().setProxyServerPort(proxyPort);
                        }
                        if (StsHttpConfigurationStore.hasProxyAuth(PolicyRunnable.this.potentialTransport)) {
                            hTTPConduit.setProxyAuthorization(StsHttpConfigurationStore.getProxyAuth(PolicyRunnable.this.potentialTransport));
                        }
                        if (StsHttpConfigurationStore.hasProxyAuthSupplier(PolicyRunnable.this.potentialTransport)) {
                            hTTPConduit.setProxyAuthSupplier(StsHttpConfigurationStore.getProxyAuthSupplier(PolicyRunnable.this.potentialTransport));
                        }
                    }
                    hTTPConduit.getClient().setAllowChunking(false);
                    hTTPConduit.getClient().setAutoRedirect(true);
                    hTTPConduit.getClient().setConnectionTimeout(10000L);
                    hTTPConduit.getClient().setMaxRetransmits(0);
                    hTTPConduit.getClient().setReceiveTimeout(20000L);
                    if (StsHttpConfigurationStore.hasAuth(PolicyRunnable.this.potentialTransport)) {
                        hTTPConduit.setAuthorization(StsHttpConfigurationStore.getAuth(PolicyRunnable.this.potentialTransport));
                    }
                    if (StsHttpConfigurationStore.hasAuthSupplier(PolicyRunnable.this.potentialTransport)) {
                        hTTPConduit.setAuthSupplier(StsHttpConfigurationStore.getAuthSupplier(PolicyRunnable.this.potentialTransport));
                    }
                } catch (Exception e2) {
                    LoggingUtil.INSTANCE.error(getClass(), e2);
                }
                AbstractSTSClient.STSResponse issue = super.issue(str, str2, str3, str4);
                this.client.getRequestContext().clear();
                this.client.getResponseContext().clear();
                this.client.destroy();
                if (this.cpy != null && this.cpy.getExchange() != null && this.cpy.getExchange().get(Endpoint.class) != null) {
                    ((Endpoint) this.cpy.getExchange().get(Endpoint.class)).remove(SecurityConstants.TOKEN);
                    ((Endpoint) this.cpy.getExchange().get(Endpoint.class)).remove(SecurityConstants.TOKEN_ID);
                    ((Endpoint) this.cpy.getExchange().get(Endpoint.class)).clear();
                    this.cpy.getExchange().remove(SecurityConstants.TOKEN_ID);
                    this.cpy.getExchange().remove(SecurityConstants.TOKEN);
                }
                return issue;
            }

            @Override // org.apache.cxf.ws.security.trust.AbstractSTSClient
            protected void createClient() throws BusException, EndpointException {
                if (this.client != null) {
                    return;
                }
                if (this.wsdlLocation != null) {
                    WSDLServiceFactory wSDLServiceFactory = new WSDLServiceFactory(this.bus, this.wsdlLocation, this.serviceName);
                    SourceDataBinding sourceDataBinding = new SourceDataBinding();
                    wSDLServiceFactory.setDataBinding(sourceDataBinding);
                    Service create = wSDLServiceFactory.create();
                    create.setDataBinding(sourceDataBinding);
                    this.client = new ClientImpl(this.bus, new EndpointImpl(this.bus, create, create.getEndpointInfo(this.endpointName)));
                } else {
                    if (this.location == null) {
                        throw new UnsupportedOperationException();
                    }
                    Endpoint createSTSEndpoint = STSUtils.createSTSEndpoint(this.bus, this.namespace, null, this.location, this.soapVersion, this.policy, this.endpointName);
                    createSTSEndpoint.getEndpointInfo().setProperty(SecurityConstants.TOKEN_STORE_CACHE_INSTANCE, PolicyRunnable.this.policyStore);
                    createSTSEndpoint.getEndpointInfo().setProperty(MAPAggregator.ADDRESSING_DISABLED, Boolean.FALSE);
                    createSTSEndpoint.getEndpointInfo().setProperty(MAPAggregator.USING_ADDRESSING, Boolean.TRUE);
                    createSTSEndpoint.getEndpointInfo().setProperty(Message.REQUESTOR_ROLE, Boolean.TRUE);
                    this.client = new ClientImpl(this.bus, createSTSEndpoint);
                }
                this.client.getInFaultInterceptors().addAll(this.inFault);
                this.client.getInInterceptors().addAll(this.in);
                this.client.getOutInterceptors().addAll(this.out);
                this.client.getOutFaultInterceptors().addAll(this.outFault);
                this.in = null;
                this.out = null;
                this.inFault = null;
                this.outFault = null;
                if (this.features != null) {
                    Iterator<Feature> it = this.features.iterator();
                    while (it.hasNext()) {
                        it.next().initialize(this.client, this.bus);
                    }
                }
            }

            @Override // org.apache.cxf.ws.security.trust.AbstractSTSClient
            protected Crypto createCrypto(boolean z) throws IOException, WSSecurityException {
                Crypto crypto = (Crypto) getProperty(SecurityConstants.STS_TOKEN_CRYPTO + (z ? ".decrypt" : ""));
                if (crypto != null) {
                    return crypto;
                }
                Object property = getProperty("ws-security.sts.token.properties" + (z ? ".decrypt" : ""));
                Properties properties = null;
                if (property instanceof Properties) {
                    properties = (Properties) property;
                }
                return properties != null ? CryptoFactory.getInstance(properties) : super.createCrypto(z);
            }
        };
        sTSClient.setProperties(this.sts.getContextCall());
        sTSClient.getRequestContext().putAll(this.sts.getContextCall());
        sTSClient.setPolicy(this.sts.getPolicy());
        sTSClient.setLocation((String) this.sts.getContextCall().get(ISOACXFConstants.STS_URL));
        genericSecurityClientLigth.getClient().getRequestContext().put(SecurityConstants.STS_CLIENT, sTSClient);
        genericSecurityClientLigth.getClient().getRequestContext().put("sct", sTSClient);
    }

    private void initializeRequeRespContext(GenericSecurityClientLigth genericSecurityClientLigth) throws BusException, EndpointException {
        genericSecurityClientLigth.getClient().getRequestContext().putAll(this.call.getContextCall());
        genericSecurityClientLigth.getClient().getResponseContext().putAll(this.call.getAnswerContext());
    }

    public String encode() throws Exception {
        try {
            ((SOATokenStore) this.policyStore).clean();
            if (this.clientForTheCall == null) {
                initializeAll(this.soapAction, this.to, this.soapVersion);
                initializeRequeRespContext(this.clientForTheCall);
            }
            initializeRequeRespContext(this.clientForTheCall);
            this.clientForTheCall.getSOAVClient().setOwnerDocument(this.doc);
            this.clientForTheCall.getSOAVClient().setTokenStore(this.policyStore);
            this.clientForTheCall.issue(this.doc, this);
            this.clientForTheCall.getClient().destroy();
            this.clientForTheCall = null;
            return this.encoded;
        } catch (Exception e) {
            if (this.doc != null) {
                LoggingUtil.INSTANCE.error(getClass(), new Exception(XMLUtils.DocumentToString(this.doc)));
            } else {
                LoggingUtil.INSTANCE.error(getClass(), new Exception("null"));
            }
            throw e;
        }
    }

    public String decode() throws Exception {
        try {
            HashMap hashMap = new HashMap();
            hashMap.put(Client.REQUEST_CONTEXT, this.call.getAnswerContext());
            hashMap.put(Client.RESPONSE_CONTEXT, this.call.getAnswerContext());
            hashMap.put("ws-security.encryption.properties", this.call.getAnswerContext());
            if (this.clientForTheCall == null) {
                initializeAll(this.soapAction, this.to, this.soapVersion);
                initializeRequeRespContext(this.clientForTheCall);
            }
            this.clientForTheCall.getProperties().clear();
            this.clientForTheCall.setProperties(hashMap);
            this.clientForTheCall.getClient().getRequestContext().clear();
            this.clientForTheCall.getClient().getResponseContext().clear();
            this.clientForTheCall.getClient().getRequestContext().putAll(this.call.getAnswerContext());
            this.clientForTheCall.getSOAVClient().getRequestContext().putAll(this.call.getAnswerContext());
            this.clientForTheCall.getSOAVClient().setTokenStore(this.policyStore);
            this.clientForTheCall.setAnswerDocument(this.doc);
            this.clientForTheCall.issueAnswer(this.doc, this);
            ((SOATokenStore) this.policyStore).clean();
            this.clientForTheCall.getClient().destroy();
            this.clientForTheCall = null;
            return this.decoded;
        } catch (Exception e) {
            if (this.doc != null) {
                LoggingUtil.INSTANCE.error(getClass(), new Exception(XMLUtils.DocumentToString(this.doc)));
            } else {
                LoggingUtil.INSTANCE.error(getClass(), new Exception("null"));
            }
            throw e;
        }
    }

    public String getEncoded() {
        return this.encoded;
    }

    @Override // com.ibm.rational.ttt.common.cxf.message.MsgListener.IListener
    public void EncodedValue(String str) {
        this.encoded = str;
    }

    public String getDecoded() {
        return this.decoded;
    }

    @Override // com.ibm.rational.ttt.common.cxf.message.MsgListener.IListener
    public void DecodedValue(String str) {
        this.decoded = str;
    }

    public Document getDoc() {
        return this.doc;
    }

    public void setDoc(Document document) {
        this.doc = document;
    }

    public boolean isEncode() {
        return this.encode;
    }

    public void setEncode(boolean z) {
        this.encode = z;
    }

    @Override // java.lang.Runnable
    public void run() {
        if (this.encode) {
            try {
                encode();
                return;
            } catch (Exception e) {
                LoggingUtil.INSTANCE.error(getClass(), e);
                return;
            }
        }
        try {
            decode();
        } catch (Exception e2) {
            LoggingUtil.INSTANCE.error(getClass(), e2);
        }
    }
}
