package org.talend.esb.security.saml;

import java.io.IOException;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.wss4j.common.ext.WSPasswordCallback;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.jasypt.encryption.pbe.StandardPBEStringEncryptor;
import org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig;
import org.jasypt.properties.PropertyValueEncryptionUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/talend/esb/security/saml/WSPasswordCallbackHandler.class */
public class WSPasswordCallbackHandler implements CallbackHandler {
    private static final transient Logger LOG = LoggerFactory.getLogger(WSPasswordCallbackHandler.class);
    private static final String ALGORITHM = "PBEWITHSHA256AND256BITAES-CBC-BC";
    private static final String ALGORITH_ENV_NAME = "TESB_ENV_ALGORITHM";
    private static final String PASSWORD_ENV_NAME = "TESB_ENV_PASSWORD";
    private static final String PROVIDER_NAME = "BC";
    private final String user;
    private final String pass;

    public WSPasswordCallbackHandler(String str, String str2) {
        if (PropertyValueEncryptionUtils.isEncryptedValue(str2)) {
            StandardPBEStringEncryptor standardPBEStringEncryptor = new StandardPBEStringEncryptor();
            EnvironmentStringPBEConfig environmentStringPBEConfig = new EnvironmentStringPBEConfig();
            environmentStringPBEConfig.setProvider(new BouncyCastleProvider());
            environmentStringPBEConfig.setProviderName(PROVIDER_NAME);
            environmentStringPBEConfig.setAlgorithmEnvName(ALGORITH_ENV_NAME);
            if (environmentStringPBEConfig.getAlgorithm() == null) {
                environmentStringPBEConfig.setAlgorithm(ALGORITHM);
            }
            environmentStringPBEConfig.setPasswordEnvName(PASSWORD_ENV_NAME);
            standardPBEStringEncryptor.setConfig(environmentStringPBEConfig);
            this.pass = PropertyValueEncryptionUtils.decrypt(str2, standardPBEStringEncryptor);
        } else {
            this.pass = str2;
        }
        this.user = str;
    }

    @Override // javax.security.auth.callback.CallbackHandler
    public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
        if (this.user == null) {
            LOG.debug("No user was specified in the WSPasswordCallbackHandler");
            return;
        }
        for (Callback callback : callbackArr) {
            if (callback instanceof WSPasswordCallback) {
                WSPasswordCallback wSPasswordCallback = (WSPasswordCallback) callback;
                if (this.user.equals(wSPasswordCallback.getIdentifier())) {
                    wSPasswordCallback.setPassword(this.pass);
                    return;
                }
            }
        }
    }
}
