package org.apache.wss4j.stax.impl.processor.output;

import java.util.ArrayList;
import java.util.GregorianCalendar;
import java.util.List;
import javax.security.auth.callback.CallbackHandler;
import javax.xml.datatype.XMLGregorianCalendar;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamException;
import org.apache.commons.codec.binary.Base64;
import org.apache.wss4j.common.ext.WSPasswordCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.util.UsernameTokenUtil;
import org.apache.wss4j.stax.ext.WSSConstants;
import org.apache.wss4j.stax.ext.WSSSecurityProperties;
import org.apache.wss4j.stax.ext.WSSUtils;
import org.apache.wss4j.stax.impl.securityToken.OutboundUsernameSecurityToken;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.stax.ext.AbstractOutputProcessor;
import org.apache.xml.security.stax.ext.OutputProcessorChain;
import org.apache.xml.security.stax.ext.XMLSecurityConstants;
import org.apache.xml.security.stax.ext.stax.XMLSecAttribute;
import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
import org.apache.xml.security.stax.impl.util.IDGenerator;
import org.apache.xml.security.stax.securityToken.OutboundSecurityToken;
import org.apache.xml.security.stax.securityToken.SecurityTokenProvider;

/* loaded from: input_file:org/apache/wss4j/stax/impl/processor/output/UsernameTokenOutputProcessor.class */
public class UsernameTokenOutputProcessor extends AbstractOutputProcessor {

    /* loaded from: input_file:org/apache/wss4j/stax/impl/processor/output/UsernameTokenOutputProcessor$FinalUsernameTokenOutputProcessor.class */
    class FinalUsernameTokenOutputProcessor extends AbstractOutputProcessor {
        private String wsuId;
        private byte[] nonceValue;
        private String password;
        private XMLGregorianCalendar created;
        private byte[] salt;
        private int iterations;
        private XMLSecurityConstants.Action action;

        FinalUsernameTokenOutputProcessor(String str, byte[] bArr, String str2, XMLGregorianCalendar xMLGregorianCalendar, byte[] bArr2, int i, XMLSecurityConstants.Action action) throws XMLSecurityException {
            this.wsuId = null;
            this.nonceValue = null;
            this.password = null;
            this.created = null;
            addAfterProcessor(UsernameTokenOutputProcessor.class.getName());
            addAfterProcessor(UsernameTokenOutputProcessor.class.getName());
            this.wsuId = str;
            this.nonceValue = bArr;
            this.password = str2;
            this.created = xMLGregorianCalendar;
            this.salt = bArr2;
            this.iterations = i;
            this.action = action;
        }

        @Override // org.apache.xml.security.stax.ext.AbstractOutputProcessor
        public void processEvent(XMLSecEvent xMLSecEvent, OutputProcessorChain outputProcessorChain) throws XMLStreamException, XMLSecurityException {
            outputProcessorChain.processEvent(xMLSecEvent);
            if (WSSUtils.isSecurityHeaderElement(xMLSecEvent, ((WSSSecurityProperties) getSecurityProperties()).getActor())) {
                QName qName = WSSConstants.TAG_wsse_UsernameToken;
                WSSUtils.updateSecurityHeaderOrder(outputProcessorChain, qName, getAction(), false);
                OutputProcessorChain createSubChain = outputProcessorChain.createSubChain(this);
                ArrayList arrayList = new ArrayList(1);
                arrayList.add(createAttribute(WSSConstants.ATT_wsu_Id, this.wsuId));
                createStartElementAndOutputAsEvent(createSubChain, qName, false, (List<XMLSecAttribute>) arrayList);
                createStartElementAndOutputAsEvent(createSubChain, WSSConstants.TAG_wsse_Username, false, (List<XMLSecAttribute>) null);
                createCharactersAndOutputAsEvent(createSubChain, ((WSSSecurityProperties) getSecurityProperties()).getTokenUser());
                createEndElementAndOutputAsEvent(createSubChain, WSSConstants.TAG_wsse_Username);
                if (((WSSSecurityProperties) getSecurityProperties()).getUsernameTokenPasswordType() != WSSConstants.UsernameTokenPasswordType.PASSWORD_NONE && !WSSConstants.USERNAMETOKEN_SIGNED.equals(this.action)) {
                    ArrayList arrayList2 = new ArrayList(1);
                    arrayList2.add(createAttribute(WSSConstants.ATT_NULL_Type, ((WSSSecurityProperties) getSecurityProperties()).getUsernameTokenPasswordType() == WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST ? WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST.getNamespace() : WSSConstants.UsernameTokenPasswordType.PASSWORD_TEXT.getNamespace()));
                    createStartElementAndOutputAsEvent(createSubChain, WSSConstants.TAG_wsse_Password, false, (List<XMLSecAttribute>) arrayList2);
                    createCharactersAndOutputAsEvent(createSubChain, ((WSSSecurityProperties) getSecurityProperties()).getUsernameTokenPasswordType() == WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST ? WSSUtils.doPasswordDigest(this.nonceValue, this.created.toXMLFormat(), this.password) : this.password);
                    createEndElementAndOutputAsEvent(createSubChain, WSSConstants.TAG_wsse_Password);
                }
                if (this.salt != null) {
                    createStartElementAndOutputAsEvent(createSubChain, WSSConstants.TAG_wsse11_Salt, true, (List<XMLSecAttribute>) null);
                    createCharactersAndOutputAsEvent(createSubChain, new Base64(76, new byte[]{10}).encodeToString(this.salt));
                    createEndElementAndOutputAsEvent(createSubChain, WSSConstants.TAG_wsse11_Salt);
                    if (this.iterations > 0) {
                        createStartElementAndOutputAsEvent(createSubChain, WSSConstants.TAG_wsse11_Iteration, true, (List<XMLSecAttribute>) null);
                        createCharactersAndOutputAsEvent(createSubChain, "" + this.iterations);
                        createEndElementAndOutputAsEvent(createSubChain, WSSConstants.TAG_wsse11_Iteration);
                    }
                }
                if (this.nonceValue != null && !WSSConstants.USERNAMETOKEN_SIGNED.equals(this.action)) {
                    ArrayList arrayList3 = new ArrayList(1);
                    arrayList3.add(createAttribute(WSSConstants.ATT_NULL_EncodingType, "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"));
                    createStartElementAndOutputAsEvent(createSubChain, WSSConstants.TAG_wsse_Nonce, false, (List<XMLSecAttribute>) arrayList3);
                    createCharactersAndOutputAsEvent(createSubChain, new Base64(76, new byte[]{10}).encodeToString(this.nonceValue));
                    createEndElementAndOutputAsEvent(createSubChain, WSSConstants.TAG_wsse_Nonce);
                }
                if (this.created != null && !WSSConstants.USERNAMETOKEN_SIGNED.equals(this.action)) {
                    createStartElementAndOutputAsEvent(createSubChain, WSSConstants.TAG_wsu_Created, false, (List<XMLSecAttribute>) null);
                    createCharactersAndOutputAsEvent(createSubChain, this.created.toXMLFormat());
                    createEndElementAndOutputAsEvent(createSubChain, WSSConstants.TAG_wsu_Created);
                }
                createEndElementAndOutputAsEvent(createSubChain, qName);
                outputProcessorChain.removeProcessor(this);
            }
        }
    }

    public UsernameTokenOutputProcessor() throws XMLSecurityException {
        addAfterProcessor(TimestampOutputProcessor.class.getName());
        addBeforeProcessor(WSSSignatureOutputProcessor.class.getName());
        addBeforeProcessor(EncryptOutputProcessor.class.getName());
    }

    @Override // org.apache.xml.security.stax.ext.AbstractOutputProcessor
    public void processEvent(XMLSecEvent xMLSecEvent, OutputProcessorChain outputProcessorChain) throws XMLStreamException, XMLSecurityException {
        try {
            CallbackHandler callbackHandler = ((WSSSecurityProperties) getSecurityProperties()).getCallbackHandler();
            WSSConstants.UsernameTokenPasswordType usernameTokenPasswordType = ((WSSSecurityProperties) getSecurityProperties()).getUsernameTokenPasswordType();
            if (callbackHandler == null && WSSConstants.UsernameTokenPasswordType.PASSWORD_NONE != usernameTokenPasswordType) {
                throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noCallback", new Object[0]);
            }
            String str = null;
            if (callbackHandler != null) {
                WSPasswordCallback wSPasswordCallback = new WSPasswordCallback(((WSSSecurityProperties) getSecurityProperties()).getTokenUser(), 2);
                WSSUtils.doPasswordCallback(callbackHandler, wSPasswordCallback);
                str = wSPasswordCallback.getPassword();
            }
            if (str == null && WSSConstants.UsernameTokenPasswordType.PASSWORD_NONE != usernameTokenPasswordType) {
                throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE);
            }
            final String generateID = IDGenerator.generateID(null);
            boolean isUseDerivedKeyForMAC = ((WSSSecurityProperties) getSecurityProperties()).isUseDerivedKeyForMAC();
            int intValue = ((WSSSecurityProperties) getSecurityProperties()).getDerivedKeyIterations().intValue();
            byte[] bArr = null;
            if (WSSConstants.USERNAMETOKEN_SIGNED.equals(getAction())) {
                bArr = UsernameTokenUtil.generateSalt(isUseDerivedKeyForMAC);
            }
            byte[] bArr2 = null;
            if (usernameTokenPasswordType == WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST || ((WSSSecurityProperties) getSecurityProperties()).isAddUsernameTokenNonce()) {
                bArr2 = WSSConstants.generateBytes(16);
            }
            XMLGregorianCalendar xMLGregorianCalendar = null;
            String str2 = "";
            if (usernameTokenPasswordType == WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST || ((WSSSecurityProperties) getSecurityProperties()).isAddUsernameTokenCreated()) {
                xMLGregorianCalendar = WSSConstants.datatypeFactory.newXMLGregorianCalendar(new GregorianCalendar());
                str2 = xMLGregorianCalendar.toXMLFormat();
            }
            final OutboundUsernameSecurityToken outboundUsernameSecurityToken = new OutboundUsernameSecurityToken(((WSSSecurityProperties) getSecurityProperties()).getTokenUser(), str, str2, bArr2, generateID, bArr, intValue);
            outboundUsernameSecurityToken.setProcessor(this);
            SecurityTokenProvider<OutboundSecurityToken> securityTokenProvider = new SecurityTokenProvider<OutboundSecurityToken>() { // from class: org.apache.wss4j.stax.impl.processor.output.UsernameTokenOutputProcessor.1
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // org.apache.xml.security.stax.securityToken.SecurityTokenProvider
                public OutboundSecurityToken getSecurityToken() throws WSSecurityException {
                    return outboundUsernameSecurityToken;
                }

                @Override // org.apache.xml.security.stax.securityToken.SecurityTokenProvider
                public String getId() {
                    return generateID;
                }
            };
            if (WSSConstants.USERNAMETOKEN_SIGNED.equals(getAction())) {
                outputProcessorChain.getSecurityContext().registerSecurityTokenProvider(generateID, securityTokenProvider);
                outputProcessorChain.getSecurityContext().put(XMLSecurityConstants.PROP_USE_THIS_TOKEN_ID_FOR_SIGNATURE, generateID);
            }
            FinalUsernameTokenOutputProcessor finalUsernameTokenOutputProcessor = new FinalUsernameTokenOutputProcessor(generateID, bArr2, str, xMLGregorianCalendar, bArr, intValue, getAction());
            finalUsernameTokenOutputProcessor.setXMLSecurityProperties(getSecurityProperties());
            finalUsernameTokenOutputProcessor.setAction(getAction());
            finalUsernameTokenOutputProcessor.init(outputProcessorChain);
            outputProcessorChain.removeProcessor(this);
            outputProcessorChain.processEvent(xMLSecEvent);
        } catch (Throwable th) {
            outputProcessorChain.removeProcessor(this);
            throw th;
        }
    }
}
