package org.apache.wss4j.stax.impl.processor.output;

import java.security.Key;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamException;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.stax.ext.WSSConstants;
import org.apache.wss4j.stax.ext.WSSSecurityProperties;
import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
import org.apache.wss4j.stax.utils.WSSUtils;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.stax.ext.AbstractOutputProcessor;
import org.apache.xml.security.stax.ext.OutputProcessorChain;
import org.apache.xml.security.stax.ext.XMLSecurityConstants;
import org.apache.xml.security.stax.ext.stax.XMLSecAttribute;
import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
import org.apache.xml.security.stax.impl.securityToken.GenericOutboundSecurityToken;
import org.apache.xml.security.stax.impl.util.IDGenerator;
import org.apache.xml.security.stax.securityToken.OutboundSecurityToken;
import org.apache.xml.security.stax.securityToken.SecurityTokenProvider;

/* loaded from: input_file:org/apache/wss4j/stax/impl/processor/output/SecurityContextTokenOutputProcessor.class */
public class SecurityContextTokenOutputProcessor extends AbstractOutputProcessor {

    /* loaded from: input_file:org/apache/wss4j/stax/impl/processor/output/SecurityContextTokenOutputProcessor$FinalSecurityContextTokenOutputProcessor.class */
    static class FinalSecurityContextTokenOutputProcessor extends AbstractOutputProcessor {
        private final OutboundSecurityToken securityToken;
        private final String identifier;
        private final boolean use200512Namespace;

        FinalSecurityContextTokenOutputProcessor(OutboundSecurityToken outboundSecurityToken, String str, boolean z) throws XMLSecurityException {
            this.securityToken = outboundSecurityToken;
            this.identifier = str;
            this.use200512Namespace = z;
        }

        @Override // org.apache.xml.security.stax.ext.OutputProcessor
        public void processEvent(XMLSecEvent xMLSecEvent, OutputProcessorChain outputProcessorChain) throws XMLStreamException, XMLSecurityException {
            outputProcessorChain.processEvent(xMLSecEvent);
            if (WSSUtils.isSecurityHeaderElement(xMLSecEvent, ((WSSSecurityProperties) getSecurityProperties()).getActor())) {
                QName headerElementName = getHeaderElementName();
                OutputProcessorUtils.updateSecurityHeaderOrder(outputProcessorChain, headerElementName, getAction(), false);
                OutputProcessorChain createSubChain = outputProcessorChain.createSubChain(this);
                ArrayList arrayList = new ArrayList(1);
                arrayList.add(createAttribute(WSSConstants.ATT_WSU_ID, this.securityToken.getId()));
                QName identifierName = getIdentifierName();
                createStartElementAndOutputAsEvent(createSubChain, headerElementName, true, (List<XMLSecAttribute>) arrayList);
                createStartElementAndOutputAsEvent(createSubChain, identifierName, false, (List<XMLSecAttribute>) null);
                createCharactersAndOutputAsEvent(createSubChain, this.identifier);
                createEndElementAndOutputAsEvent(createSubChain, identifierName);
                createEndElementAndOutputAsEvent(createSubChain, headerElementName);
                outputProcessorChain.removeProcessor(this);
            }
        }

        private QName getHeaderElementName() {
            return this.use200512Namespace ? WSSConstants.TAG_WSC0512_SCT : WSSConstants.TAG_WSC0502_SCT;
        }

        private QName getIdentifierName() {
            return this.use200512Namespace ? WSSConstants.TAG_WSC0512_IDENTIFIER : WSSConstants.TAG_WSC0502_IDENTIFIER;
        }
    }

    @Override // org.apache.xml.security.stax.ext.OutputProcessor
    public void processEvent(XMLSecEvent xMLSecEvent, OutputProcessorChain outputProcessorChain) throws XMLStreamException, XMLSecurityException {
        try {
            String str = (String) outputProcessorChain.getSecurityContext().get(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_SECURITYCONTEXTTOKEN);
            if (str == null) {
                throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE);
            }
            SecurityTokenProvider<OutboundSecurityToken> securityTokenProvider = outputProcessorChain.getSecurityContext().getSecurityTokenProvider(str);
            if (securityTokenProvider == null) {
                throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE);
            }
            final OutboundSecurityToken securityToken = securityTokenProvider.getSecurityToken();
            if (securityToken == null) {
                throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE);
            }
            final String generateID = IDGenerator.generateID(null);
            String generateID2 = IDGenerator.generateID(null);
            final GenericOutboundSecurityToken genericOutboundSecurityToken = new GenericOutboundSecurityToken(generateID, WSSecurityTokenConstants.SECURITY_CONTEXT_TOKEN) { // from class: org.apache.wss4j.stax.impl.processor.output.SecurityContextTokenOutputProcessor.1
                @Override // org.apache.xml.security.stax.impl.securityToken.GenericOutboundSecurityToken, org.apache.xml.security.stax.securityToken.OutboundSecurityToken
                public Key getSecretKey(String str2) throws XMLSecurityException {
                    return securityToken.getSecretKey(str2);
                }

                @Override // org.apache.xml.security.stax.impl.securityToken.AbstractSecurityToken, org.apache.xml.security.stax.securityToken.SecurityToken
                public PublicKey getPublicKey() throws XMLSecurityException {
                    return securityToken.getPublicKey();
                }

                @Override // org.apache.xml.security.stax.impl.securityToken.AbstractSecurityToken, org.apache.xml.security.stax.securityToken.SecurityToken
                public X509Certificate[] getX509Certificates() throws XMLSecurityException {
                    return securityToken.getX509Certificates();
                }
            };
            securityToken.addWrappedToken(genericOutboundSecurityToken);
            SecurityTokenProvider<OutboundSecurityToken> securityTokenProvider2 = new SecurityTokenProvider<OutboundSecurityToken>() { // from class: org.apache.wss4j.stax.impl.processor.output.SecurityContextTokenOutputProcessor.2
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // org.apache.xml.security.stax.securityToken.SecurityTokenProvider
                public OutboundSecurityToken getSecurityToken() throws WSSecurityException {
                    return genericOutboundSecurityToken;
                }

                @Override // org.apache.xml.security.stax.securityToken.SecurityTokenProvider
                public String getId() {
                    return generateID;
                }
            };
            FinalSecurityContextTokenOutputProcessor finalSecurityContextTokenOutputProcessor = new FinalSecurityContextTokenOutputProcessor(genericOutboundSecurityToken, generateID2, ((WSSSecurityProperties) getSecurityProperties()).isUse200512Namespace());
            finalSecurityContextTokenOutputProcessor.setXMLSecurityProperties(getSecurityProperties());
            finalSecurityContextTokenOutputProcessor.setAction(getAction());
            XMLSecurityConstants.Action action = getAction();
            if (WSSConstants.SIGNATURE_WITH_DERIVED_KEY.equals(action)) {
                outputProcessorChain.getSecurityContext().put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_DERIVED_KEY, generateID);
                if (securityToken.getProcessor() != null) {
                    finalSecurityContextTokenOutputProcessor.addBeforeProcessor(securityToken.getProcessor());
                } else {
                    finalSecurityContextTokenOutputProcessor.addBeforeProcessor(WSSSignatureOutputProcessor.class.getName());
                }
            } else if (WSSConstants.ENCRYPT_WITH_DERIVED_KEY.equals(action)) {
                outputProcessorChain.getSecurityContext().put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_DERIVED_KEY, generateID);
                if (securityToken.getProcessor() != null) {
                    finalSecurityContextTokenOutputProcessor.addBeforeProcessor(securityToken.getProcessor());
                } else {
                    finalSecurityContextTokenOutputProcessor.addAfterProcessor(ReferenceListOutputProcessor.class.getName());
                    finalSecurityContextTokenOutputProcessor.addAfterProcessor(EncryptEndingOutputProcessor.class.getName());
                }
            }
            finalSecurityContextTokenOutputProcessor.init(outputProcessorChain);
            outputProcessorChain.getSecurityContext().registerSecurityTokenProvider(generateID, securityTokenProvider2);
            genericOutboundSecurityToken.setProcessor(finalSecurityContextTokenOutputProcessor);
            outputProcessorChain.removeProcessor(this);
            outputProcessorChain.processEvent(xMLSecEvent);
        } catch (Throwable th) {
            outputProcessorChain.removeProcessor(this);
            throw th;
        }
    }
}
