package org.talend.esb.job.controller.internal;

import java.net.MalformedURLException;
import java.net.URL;
import java.util.HashMap;
import java.util.Map;
import org.apache.cxf.Bus;
import org.apache.cxf.configuration.security.AuthorizationPolicy;
import org.apache.cxf.ws.security.SecurityConstants;
import org.apache.cxf.ws.security.trust.STSClient;
import org.apache.neethi.Policy;
import org.apache.wss4j.common.crypto.Crypto;
import org.talend.esb.job.controller.ESBEndpointConstants;
import org.talend.esb.security.saml.STSClientCreator;
import org.talend.esb.security.saml.STSClientUtils;
import org.talend.esb.security.saml.WSPasswordCallbackHandler;

/* loaded from: input_file:org/talend/esb/job/controller/internal/SecurityArguments.class */
public class SecurityArguments {
    private final ESBEndpointConstants.EsbSecurity esbSecurity;
    private final Policy policy;
    private final String username;
    private final String password;
    private final String alias;
    private final Map<String, Object> clientProperties;
    private final String roleName;
    private final Object securityToken;
    private final Crypto cryptoProvider;
    private final STSClientCreator stsClientCreator;

    public SecurityArguments(ESBEndpointConstants.EsbSecurity esbSecurity, Policy policy, String str, String str2, String str3, Map<String, Object> map, String str4, Object obj, Crypto crypto, STSClientCreator sTSClientCreator) {
        this.esbSecurity = esbSecurity;
        this.policy = policy;
        this.username = str;
        this.password = str2;
        this.alias = str3;
        this.clientProperties = map;
        this.roleName = str4;
        this.securityToken = obj;
        this.cryptoProvider = crypto;
        this.stsClientCreator = sTSClientCreator;
    }

    public ESBEndpointConstants.EsbSecurity getEsbSecurity() {
        return this.esbSecurity;
    }

    public Policy getPolicy() {
        return this.policy;
    }

    public String getUsername() {
        return this.username;
    }

    public String getPassword() {
        return this.password;
    }

    public String getAlias() {
        return this.alias;
    }

    public Map<String, Object> getClientProperties() {
        return this.clientProperties;
    }

    public String getRoleName() {
        return this.roleName;
    }

    public Object getSecurityToken() {
        return this.securityToken;
    }

    public Crypto getCryptoProvider() {
        return this.cryptoProvider;
    }

    public STSClientCreator getStsClientCreator() {
        return this.stsClientCreator;
    }

    public AuthorizationPolicy buildAuthorizationPolicy() {
        AuthorizationPolicy authorizationPolicy = null;
        if (ESBEndpointConstants.EsbSecurity.BASIC == this.esbSecurity) {
            authorizationPolicy = new AuthorizationPolicy();
            authorizationPolicy.setUserName(this.username);
            authorizationPolicy.setPassword(this.password);
            authorizationPolicy.setAuthorizationType("Basic");
        } else if (ESBEndpointConstants.EsbSecurity.DIGEST == this.esbSecurity) {
            authorizationPolicy = new AuthorizationPolicy();
            authorizationPolicy.setUserName(this.username);
            authorizationPolicy.setPassword(this.password);
            authorizationPolicy.setAuthorizationType("Digest");
        }
        return authorizationPolicy;
    }

    public Map<String, Object> buildClientConfig(Bus bus, boolean z, String str) {
        HashMap hashMap = new HashMap();
        if (ESBEndpointConstants.EsbSecurity.TOKEN == this.esbSecurity || z) {
            hashMap.put("security.username", this.username);
            hashMap.put("security.password", this.password);
        }
        if (ESBEndpointConstants.EsbSecurity.SAML == this.esbSecurity || z) {
            hashMap.put("security.sts.client", configureSTSClient(bus));
            for (Map.Entry<String, Object> entry : this.clientProperties.entrySet()) {
                if (SecurityConstants.ALL_PROPERTIES.contains(entry.getKey())) {
                    hashMap.put(entry.getKey(), processFileURI(entry.getValue()));
                }
            }
            if (null == this.alias) {
                String str2 = (String) this.clientProperties.get("security.signature.username");
                if (str2 == null) {
                    str2 = (String) this.clientProperties.get("ws-security.signature.username");
                }
                hashMap.put("security.callback-handler", new WSPasswordCallbackHandler(str2, (String) this.clientProperties.get("security.signature.password")));
            } else {
                hashMap.put("security.signature.username", this.alias);
                hashMap.put("security.callback-handler", new WSPasswordCallbackHandler(this.alias, this.password));
            }
            if (null != this.cryptoProvider) {
                hashMap.put("security.encryption.crypto", this.cryptoProvider);
                Object obj = hashMap.get("security.encryption.username");
                if (obj == null) {
                    obj = this.clientProperties.get("ws-security.encryption.username");
                }
                if (obj == null || obj.toString().isEmpty()) {
                    hashMap.put("security.encryption.username", str);
                }
            }
        }
        return hashMap;
    }

    private STSClient configureSTSClient(Bus bus) {
        STSClient newSTSClient = null == this.alias ? this.stsClientCreator.newSTSClient(bus, this.username, this.password) : this.stsClientCreator.newSTSX509Client(bus, this.alias);
        if (null != this.roleName && this.roleName.length() != 0) {
            STSClientUtils.applyAuthorization(newSTSClient, this.roleName);
        }
        if (null != this.securityToken) {
            newSTSClient.setOnBehalfOf(this.securityToken);
        }
        return newSTSClient;
    }

    private static Object processFileURI(Object obj) {
        if (obj instanceof String) {
            String str = (String) obj;
            if (str.startsWith("file:")) {
                try {
                    return new URL(str);
                } catch (MalformedURLException e) {
                }
            }
        }
        return obj;
    }
}
