package com.ibm.xml.soapsec.token;

import com.ibm.ws.wssecurity.xss4j.dsig.util.Base64;
import com.ibm.wsspi.wssecurity.SoapSecurityException;
import com.ibm.xml.soapsec.Constants;
import com.ibm.xml.soapsec.Request;
import com.ibm.xml.soapsec.RequestPool;
import com.ibm.xml.soapsec.SenderConfig;
import com.ibm.xml.soapsec.SoapSecurityComponent;
import com.ibm.xml.soapsec.dsig.SignatureRequest;
import com.ibm.xml.soapsec.enc.EncryptionRequest;
import com.ibm.xml.soapsec.token.TokenRequest;
import com.ibm.xml.soapsec.util.DOMUtil;
import com.ibm.xml.soapsec.util.Hex;
import com.ibm.xml.soapsec.util.IdUtil;
import com.ibm.xml.soapsec.util.NamespaceUtil;
import com.ibm.xml.soapsec.util.Tr;
import com.ibm.xml.soapsec.util.TraceComponent;
import java.util.Date;
import java.util.Map;
import javax.faces.validator.BeanValidator;
import javax.xml.namespace.QName;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:lib/com.ibm.ws.webservices.thinclient_8.5.0.jar:com/ibm/xml/soapsec/token/UsernameTokenSender.class */
public class UsernameTokenSender implements SoapSecurityComponent {
    private static final TraceComponent tc = Tr.register(UsernameTokenSender.class, Constants.TR_GROUP, "com.ibm.ws.webservices.wssecurity.resources.was-wssecurity");
    private static final String comp = "security.wssecurity";
    SenderConfig gconfig = null;
    TokenSenderConfig conf = null;

    @Override // com.ibm.xml.soapsec.SoapSecurityComponent
    public void init(Map map) throws Exception {
        this.gconfig = (SenderConfig) map.get(SenderConfig.class);
        this.conf = (TokenSenderConfig) map.get(TokenSenderConfig.class);
    }

    @Override // com.ibm.xml.soapsec.SoapSecurityComponent
    public void invoke(Document document, Element element, Map map) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "invoke(" + document + BeanValidator.VALIDATION_GROUPS_DELIMITER + element + BeanValidator.VALIDATION_GROUPS_DELIMITER + map + ")");
        }
        Request[] requestArr = RequestPool.get(map, TokenRequest.Username.class);
        for (int i = 0; i < requestArr.length; i++) {
            insertToken(document, element, map, (TokenRequest.Username) requestArr[i]);
            RequestPool.remove(map, requestArr[i]);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "invoke(Document doc, Element target,Map context)");
        }
    }

    private void insertToken(Document document, Element element, Map map, TokenRequest.Username username) throws SoapSecurityException {
        Element createElementNS;
        String encode;
        String prefix = element.getPrefix();
        String str = (prefix == null || prefix.length() == 0) ? "" : prefix + ":";
        String wssens = Constants.getWSSENS(map);
        String wsuns = Constants.getWSUNS(map);
        Element createElementNS2 = document.createElementNS(wssens, str + "UsernameToken");
        if (username.getSignature() || this.conf.isConfidential()) {
            String makeUniqueId = IdUtil.getInstance().makeUniqueId(document, "usernametoken_");
            BinaryTokenSender.addIdAttribute(createElementNS2, makeUniqueId, wssens, wsuns);
            if (username.getSignature()) {
                RequestPool.add(map, new SignatureRequest(makeUniqueId));
            }
            if (this.conf.isConfidential()) {
                RequestPool.add(map, new EncryptionRequest(makeUniqueId, false, this.conf.getEncryptionSettings()));
            }
        }
        Element createElementNS3 = document.createElementNS(wssens, str + Constants.STR_USER);
        if (username.getName() == null) {
            Tr.error(tc, "security.wssecurity.WSEC5199E");
            throw SoapSecurityException.format("security.wssecurity.WSEC5199E");
        }
        createElementNS3.appendChild(document.createTextNode(username.getName()));
        createElementNS2.appendChild(createElementNS3);
        if (username.getPassword() != null) {
            Element createElementNS4 = document.createElementNS(wssens, str + "Password");
            createElementNS4.appendChild(document.createTextNode(username.getPassword()));
            createElementNS2.appendChild(createElementNS4);
        }
        if (username.isNonceAdded()) {
            NonceManager nonceManager = this.conf.getNonceManager();
            if (nonceManager == null) {
                Tr.error(tc, "security.wssecurity.UsernameToken.token56");
                throw SoapSecurityException.format("security.wssecurity.UsernameToken.token56");
            }
            byte[] generate = nonceManager.generate();
            Element createElementNS5 = document.createElementNS(wssens, str + "Nonce");
            QName encodingType = username.getEncodingType();
            if (encodingType == null || NamespaceUtil.equals(encodingType, Constants.getQName(wssens, Constants.BASE64_BINARY_SENT_QNAME))) {
                encode = Base64.encode(generate);
            } else {
                if (!NamespaceUtil.equals(encodingType, Constants.getQName(wssens, Constants.HEX_BINARY_SENT_QNAME))) {
                    Tr.error(tc, "security.wssecurity.UsernameToken.token55", encodingType.toString());
                    throw SoapSecurityException.format("security.wssecurity.UsernameToken.token55", encodingType.toString());
                }
                DOMUtil.setQNameAttr(createElementNS5, null, "EncodingType", encodingType);
                encode = Hex.encode(generate);
            }
            createElementNS5.appendChild(document.createTextNode(encode));
            createElementNS2.appendChild(createElementNS5);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Nonce is enabled and added");
            }
        } else if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Nonce is disabled and not added");
        }
        if (username.isTimestampAdded()) {
            Date date = new Date();
            if (DOMUtil.hasNamespaceDeclaration(createElementNS2, wsuns)) {
                createElementNS = document.createElementNS(wsuns, DOMUtil.getNamespacePrefix(createElementNS2, wsuns) + ":Created");
            } else {
                createElementNS = document.createElementNS(wsuns, "Created");
                createElementNS.setAttributeNS(Constants.NS_XMLNS, "xmlns", wsuns);
            }
            String format = UTC.format(date);
            createElementNS.appendChild(document.createTextNode(format));
            createElementNS2.appendChild(createElementNS);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Nonce timestamp is enabled, timestamp = " + format + " is added");
            }
        } else if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Nonce timestamp is disabled and not added");
        }
        element.insertBefore(createElementNS2, element.getFirstChild());
        if (this.gconfig.doIndentation()) {
            DOMUtil.indent(createElementNS2, 6, 2);
            element.insertBefore(document.createTextNode("\n      "), createElementNS2);
        }
    }
}
