package org.apache.cxf.ws.security.wss4j;

import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.logging.Logger;
import javax.xml.namespace.QName;
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.MessageUtils;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.apache.cxf.ws.policy.AssertionInfo;
import org.apache.cxf.ws.policy.AssertionInfoMap;
import org.apache.wss4j.policy.SP11Constants;
import org.apache.wss4j.policy.SP12Constants;
import org.apache.wss4j.policy.SP13Constants;
import org.apache.wss4j.policy.SPConstants;
import org.apache.wss4j.policy.model.AlgorithmSuite;
import org.apache.wss4j.stax.securityEvent.OperationSecurityEvent;
import org.apache.wss4j.stax.securityEvent.WSSecurityEventConstants;
import org.apache.xml.security.stax.securityEvent.SecurityEvent;
import org.apache.xml.security.stax.securityEvent.SecurityEventConstants;

/* loaded from: input_file:org/apache/cxf/ws/security/wss4j/PolicyStaxActionInInterceptor.class */
public class PolicyStaxActionInInterceptor extends AbstractPhaseInterceptor<SoapMessage> {
    private static final Logger LOG = LogUtils.getL7dLogger(PolicyStaxActionInInterceptor.class);

    public PolicyStaxActionInInterceptor() {
        super(Phase.PRE_PROTOCOL);
        getBefore().add(StaxSecurityContextInInterceptor.class.getName());
    }

    @Override // org.apache.cxf.interceptor.Interceptor
    public void handleMessage(SoapMessage soapMessage) throws Fault {
        OperationSecurityEvent operationSecurityEvent;
        AssertionInfoMap assertionInfoMap = (AssertionInfoMap) soapMessage.get(AssertionInfoMap.class);
        List<SecurityEvent> list = (List) soapMessage.get(SecurityEvent.class.getName() + ".in");
        if (assertionInfoMap == null || list == null) {
            return;
        }
        if (MessageUtils.isRequestor(soapMessage) && isEventInResults(WSSecurityEventConstants.NoSecurity, list) && (operationSecurityEvent = (OperationSecurityEvent) findEvent(WSSecurityEventConstants.Operation, list)) != null && soapMessage.getVersion().getFault().equals(operationSecurityEvent.getOperation())) {
            LOG.warning("Request does not contain Security header, but it's a fault.");
            return;
        }
        assertAllSecurityAssertions(assertionInfoMap);
        assertAllAlgorithmSuites(SP11Constants.SP_NS, assertionInfoMap);
        assertAllAlgorithmSuites(SP12Constants.SP_NS, assertionInfoMap);
    }

    private boolean isEventInResults(SecurityEventConstants.Event event, List<SecurityEvent> list) {
        Iterator<SecurityEvent> it = list.iterator();
        while (it.hasNext()) {
            if (event == it.next().getSecurityEventType()) {
                return true;
            }
        }
        return false;
    }

    private SecurityEvent findEvent(SecurityEventConstants.Event event, List<SecurityEvent> list) {
        for (SecurityEvent securityEvent : list) {
            if (event == securityEvent.getSecurityEventType()) {
                return securityEvent;
            }
        }
        return null;
    }

    private void assertAllSecurityAssertions(AssertionInfoMap assertionInfoMap) {
        for (QName qName : assertionInfoMap.keySet()) {
            if (SP11Constants.SP_NS.equals(qName.getNamespaceURI()) || SP12Constants.SP_NS.equals(qName.getNamespaceURI()) || SP13Constants.SP_NS.equals(qName.getNamespaceURI())) {
                Collection collection = (Collection) assertionInfoMap.get(qName);
                if (collection != null && !collection.isEmpty()) {
                    Iterator it = collection.iterator();
                    while (it.hasNext()) {
                        ((AssertionInfo) it.next()).setAsserted(true);
                    }
                }
            }
        }
    }

    private void assertAllAlgorithmSuites(String str, AssertionInfoMap assertionInfoMap) {
        Collection<AssertionInfo> collection = assertionInfoMap.get(new QName(str, SPConstants.ALGORITHM_SUITE));
        if (collection != null) {
            for (AssertionInfo assertionInfo : collection) {
                assertionInfo.setAsserted(true);
                AlgorithmSuite.AlgorithmSuiteType algorithmSuiteType = ((AlgorithmSuite) assertionInfo.getAssertion()).getAlgorithmSuiteType();
                String namespace = algorithmSuiteType.getNamespace();
                if (namespace == null) {
                    namespace = str;
                }
                Collection<AssertionInfo> collection2 = assertionInfoMap.get(new QName(namespace, algorithmSuiteType.getName()));
                if (collection2 != null) {
                    Iterator<AssertionInfo> it = collection2.iterator();
                    while (it.hasNext()) {
                        it.next().setAsserted(true);
                    }
                }
            }
        }
    }
}
