package org.apache.wss4j.dom.processor;

import java.io.IOException;
import java.util.Collections;
import java.util.List;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.xml.namespace.QName;
import org.apache.wss4j.common.ext.WSPasswordCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.engine.WSSecurityEngineResult;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.message.token.SecurityContextToken;
import org.apache.wss4j.dom.validate.Credential;
import org.apache.wss4j.dom.validate.Validator;
import org.w3c.dom.Element;

/* loaded from: input_file:WEB-INF/lib/wss4j-ws-security-dom-2.3.2.jar:org/apache/wss4j/dom/processor/SecurityContextTokenProcessor.class */
public class SecurityContextTokenProcessor implements Processor {
    @Override // org.apache.wss4j.dom.processor.Processor
    public List<WSSecurityEngineResult> handleToken(Element element, RequestData requestData) throws WSSecurityException {
        byte[] secret;
        SecurityContextToken securityContextToken = new SecurityContextToken(element);
        Validator validator = requestData.getValidator(new QName(element.getNamespaceURI(), element.getLocalName()));
        WSSecurityEngineResult wSSecurityEngineResult = new WSSecurityEngineResult(1024, securityContextToken);
        if (validator != null) {
            Credential credential = new Credential();
            credential.setSecurityContextToken(securityContextToken);
            Credential validate = validator.validate(credential, requestData);
            wSSecurityEngineResult.put(WSSecurityEngineResult.TAG_VALIDATED_TOKEN, Boolean.TRUE);
            String id = securityContextToken.getID();
            if (!"".equals(id)) {
                wSSecurityEngineResult.put("id", id);
            }
            wSSecurityEngineResult.put(WSSecurityEngineResult.TAG_SECRET, validate.getSecretKey());
        } else {
            String iDFromReference = XMLUtils.getIDFromReference(securityContextToken.getID());
            try {
                secret = getSecret(requestData.getCallbackHandler(), securityContextToken.getIdentifier());
            } catch (WSSecurityException e) {
                secret = getSecret(requestData.getCallbackHandler(), iDFromReference);
            }
            if (secret == null || secret.length == 0) {
                secret = getSecret(requestData.getCallbackHandler(), iDFromReference);
            }
            wSSecurityEngineResult.put("id", securityContextToken.getID());
            wSSecurityEngineResult.put(WSSecurityEngineResult.TAG_SECRET, secret);
        }
        requestData.getWsDocInfo().addTokenElement(element);
        requestData.getWsDocInfo().addResult(wSSecurityEngineResult);
        return Collections.singletonList(wSSecurityEngineResult);
    }

    private byte[] getSecret(CallbackHandler callbackHandler, String str) throws WSSecurityException {
        if (callbackHandler == null) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noCallback");
        }
        WSPasswordCallback wSPasswordCallback = new WSPasswordCallback(str, 6);
        try {
            callbackHandler.handle(new Callback[]{wSPasswordCallback});
            return wSPasswordCallback.getKey();
        } catch (IOException | UnsupportedCallbackException e) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e, "noKey", new Object[]{str});
        }
    }
}
