package org.talend.esb.sam.agent.serviceclient;

import java.io.FileInputStream;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
import javax.annotation.PostConstruct;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.xml.namespace.QName;
import org.apache.cxf.Bus;
import org.apache.cxf.configuration.security.AuthorizationPolicy;
import org.apache.cxf.endpoint.Client;
import org.apache.cxf.ws.policy.PolicyBuilder;
import org.apache.cxf.ws.policy.WSPolicyFeature;
import org.apache.cxf.ws.security.trust.STSClient;
import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
import org.apache.neethi.Policy;
import org.apache.wss4j.common.ext.WSPasswordCallback;

/* loaded from: input_file:org/talend/esb/sam/agent/serviceclient/SAMClientSecurityProvider.class */
public class SAMClientSecurityProvider {
    private Client client;
    private String authenticationType;
    private String policyUsernameToken;
    private String policySaml;
    private Object signatureProperties;
    private String signatureUsername;
    private String signaturePassword;
    private String username;
    private String password;
    private String stsWsdlLocation;
    private String stsNamespace;
    private String stsServiceName;
    private String stsEndpointName;
    private String stsTokenUsecert;
    private String encryptionUsername;
    private String isBspCompliant;

    public Client getClient() {
        return this.client;
    }

    public void setClient(Client client) {
        this.client = client;
    }

    public String getAuthenticationType() {
        return this.authenticationType;
    }

    public void setAuthenticationType(String str) {
        this.authenticationType = str;
    }

    public String getPolicyUsernameToken() {
        return this.policyUsernameToken;
    }

    public void setPolicyUsernameToken(String str) {
        this.policyUsernameToken = str;
    }

    public String getPolicySaml() {
        return this.policySaml;
    }

    public void setPolicySaml(String str) {
        this.policySaml = str;
    }

    public Object getSignatureProperties() {
        return this.signatureProperties;
    }

    public void setSignatureProperties(Object obj) {
        this.signatureProperties = obj;
    }

    public String getSignatureUsername() {
        return this.signatureUsername;
    }

    public void setSignatureUsername(String str) {
        this.signatureUsername = str;
    }

    public String getSignaturePassword() {
        return this.signaturePassword;
    }

    public void setSignaturePassword(String str) {
        this.signaturePassword = str;
    }

    public String getUsername() {
        return this.username;
    }

    public void setUsername(String str) {
        this.username = str;
    }

    public String getPassword() {
        return this.password;
    }

    public void setPassword(String str) {
        this.password = str;
    }

    public String getStsWsdlLocation() {
        return this.stsWsdlLocation;
    }

    public void setStsWsdlLocation(String str) {
        this.stsWsdlLocation = str;
    }

    public String getStsNamespace() {
        return this.stsNamespace;
    }

    public void setStsNamespace(String str) {
        this.stsNamespace = str;
    }

    public String getStsServiceName() {
        return this.stsServiceName;
    }

    public void setStsServiceName(String str) {
        this.stsServiceName = str;
    }

    public String getStsEndpointName() {
        return this.stsEndpointName;
    }

    public void setStsEndpointName(String str) {
        this.stsEndpointName = str;
    }

    public String getStsTokenUsecert() {
        return this.stsTokenUsecert;
    }

    public void setStsTokenUsecert(String str) {
        this.stsTokenUsecert = str;
    }

    public String getEncryptionUsername() {
        return this.encryptionUsername;
    }

    public void setEncryptionUsername(String str) {
        this.encryptionUsername = str;
    }

    public String getIsBspCompliant() {
        return this.isBspCompliant;
    }

    public void setIsBspCompliant(String str) {
        this.isBspCompliant = str;
    }

    @PostConstruct
    public void init() {
        EsbSecurityConstants fromString = EsbSecurityConstants.fromString(this.authenticationType);
        if (EsbSecurityConstants.NO == fromString) {
            return;
        }
        Bus bus = this.client.getBus();
        ArrayList arrayList = new ArrayList();
        WSPolicyFeature wSPolicyFeature = new WSPolicyFeature();
        wSPolicyFeature.setPolicies(arrayList);
        Map requestContext = this.client.getRequestContext();
        if (null == requestContext) {
            requestContext = new HashMap();
        }
        if (EsbSecurityConstants.BASIC == fromString) {
            AuthorizationPolicy authorizationPolicy = new AuthorizationPolicy();
            authorizationPolicy.setUserName(this.username);
            authorizationPolicy.setPassword(this.password);
            authorizationPolicy.setAuthorizationType("Basic");
            this.client.getConduit().setAuthorization(authorizationPolicy);
        } else if (EsbSecurityConstants.USERNAMETOKEN == fromString) {
            arrayList.add(loadPolicy(this.policyUsernameToken, bus));
            HashMap hashMap = new HashMap();
            hashMap.put("action", "UsernameToken");
            hashMap.put("user", this.username);
            hashMap.put("passwordType", "PasswordText");
            hashMap.put("passwordCallbackRef", new CallbackHandler() { // from class: org.talend.esb.sam.agent.serviceclient.SAMClientSecurityProvider.1
                @Override // javax.security.auth.callback.CallbackHandler
                public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
                    ((WSPasswordCallback) callbackArr[0]).setPassword(SAMClientSecurityProvider.this.password);
                }
            });
            this.client.getEndpoint().getOutInterceptors().add(new WSS4JOutInterceptor(hashMap));
            this.client.getRequestContext().put("security.username", this.username);
            this.client.getRequestContext().put("security.password", this.password);
        } else if (EsbSecurityConstants.SAML == fromString) {
            arrayList.add(loadPolicy(this.policySaml, bus));
            requestContext.put("security.signature.properties", processFileURI(getSignatureProperties()));
            requestContext.put("security.signature.username", getSignatureUsername());
            requestContext.put("security.signature.password", getSignaturePassword());
            requestContext.put("security.callback-handler", new WSPasswordCallbackHandler(getSignatureUsername(), getSignaturePassword()));
            STSClient sTSClient = new STSClient(bus);
            sTSClient.setWsdlLocation(this.stsWsdlLocation);
            sTSClient.setServiceQName(new QName(this.stsNamespace, this.stsServiceName));
            sTSClient.setEndpointQName(new QName(this.stsNamespace, this.stsEndpointName));
            HashMap hashMap2 = new HashMap();
            hashMap2.put("security.username", this.username);
            hashMap2.put("security.password", this.password);
            hashMap2.put("security.callback-handler", new WSPasswordCallbackHandler(this.username, this.password));
            hashMap2.put("security.sts.token.properties", processFileURI(getSignatureProperties()));
            hashMap2.put("security.sts.token.username", this.signatureUsername);
            hashMap2.put("security.sts.token.usecert", this.stsTokenUsecert);
            hashMap2.put("security.encryption.properties", processFileURI(getSignatureProperties()));
            hashMap2.put("security.encryption.username", this.encryptionUsername);
            hashMap2.put("ws-security.is-bsp-compliant", this.isBspCompliant);
            sTSClient.setProperties(hashMap2);
            requestContext.put("security.sts.client", sTSClient);
        }
        this.client.getEndpoint().getActiveFeatures().add(wSPolicyFeature);
        wSPolicyFeature.initialize(this.client, bus);
    }

    private Policy loadPolicy(String str, Bus bus) {
        FileInputStream fileInputStream = null;
        try {
            try {
                fileInputStream = new FileInputStream(str);
                Policy policy = ((PolicyBuilder) bus.getExtension(PolicyBuilder.class)).getPolicy(fileInputStream);
                if (null != fileInputStream) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e) {
                    }
                }
                return policy;
            } catch (Exception e2) {
                throw new RuntimeException("Cannot load policy", e2);
            }
        } catch (Throwable th) {
            if (null != fileInputStream) {
                try {
                    fileInputStream.close();
                } catch (IOException e3) {
                }
            }
            throw th;
        }
    }

    private static Object processFileURI(Object obj) {
        if (obj instanceof String) {
            String str = (String) obj;
            if (str.startsWith("file:")) {
                try {
                    return new URL(str);
                } catch (MalformedURLException e) {
                }
            }
        }
        return obj;
    }
}
