package org.codehaus.xfire.security.wss4j;

import java.security.cert.X509Certificate;
import java.util.List;
import java.util.Properties;
import java.util.Vector;
import javax.security.auth.callback.CallbackHandler;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.handler.RequestData;
import org.apache.ws.security.handler.WSHandlerResult;
import org.apache.ws.security.message.token.Timestamp;
import org.apache.ws.security.util.WSSecurityUtil;
import org.codehaus.xfire.MessageContext;
import org.codehaus.xfire.XFireRuntimeException;
import org.codehaus.xfire.exchange.AbstractMessage;
import org.codehaus.xfire.fault.XFireFault;
import org.codehaus.xfire.handler.Handler;
import org.codehaus.xfire.handler.Phase;
import org.w3c.dom.Document;

/* loaded from: classes.dex */
public class WSS4JInHandler extends AbstractWSS4JHandler implements Handler {
    static Class class$org$codehaus$xfire$security$wss4j$WSS4JInHandler;
    static Class class$org$codehaus$xfire$soap$handler$ReadHeadersHandler;
    static Class class$org$codehaus$xfire$util$dom$DOMInHandler;
    protected static final Log log;
    private static Log tlog;

    static {
        Class cls;
        if (class$org$codehaus$xfire$security$wss4j$WSS4JInHandler == null) {
            cls = class$("org.codehaus.xfire.security.wss4j.WSS4JInHandler");
            class$org$codehaus$xfire$security$wss4j$WSS4JInHandler = cls;
        } else {
            cls = class$org$codehaus$xfire$security$wss4j$WSS4JInHandler;
        }
        log = LogFactory.getLog(cls.getName());
        tlog = LogFactory.getLog("org.apache.ws.security.TIME");
    }

    public WSS4JInHandler() {
        Class cls;
        Class cls2;
        setPhase(Phase.PARSE);
        List before = getBefore();
        if (class$org$codehaus$xfire$soap$handler$ReadHeadersHandler == null) {
            cls = class$("org.codehaus.xfire.soap.handler.ReadHeadersHandler");
            class$org$codehaus$xfire$soap$handler$ReadHeadersHandler = cls;
        } else {
            cls = class$org$codehaus$xfire$soap$handler$ReadHeadersHandler;
        }
        before.add(cls.getName());
        List after = getAfter();
        if (class$org$codehaus$xfire$util$dom$DOMInHandler == null) {
            cls2 = class$("org.codehaus.xfire.util.dom.DOMInHandler");
            class$org$codehaus$xfire$util$dom$DOMInHandler = cls2;
        } else {
            cls2 = class$org$codehaus$xfire$util$dom$DOMInHandler;
        }
        after.add(cls2.getName());
    }

    public WSS4JInHandler(Properties properties) {
        this();
        setProperties(properties);
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    @Override // org.codehaus.xfire.handler.Handler
    public void invoke(MessageContext messageContext) throws XFireFault {
        Timestamp timestamp;
        X509Certificate certificate;
        boolean isDebugEnabled = log.isDebugEnabled();
        if (isDebugEnabled) {
            log.debug("WSS4JInSecurityHandler: enter invoke()");
        }
        long currentTimeMillis = tlog.isDebugEnabled() ? System.currentTimeMillis() : 0L;
        RequestData requestData = new RequestData();
        try {
            requestData.setMsgContext(messageContext);
            Vector vector = new Vector();
            String str = (String) getOption("action");
            if (str == null) {
                str = (String) messageContext.getProperty("action");
            }
            if (str == null) {
                log.error("WSS4JInHandler: No action defined");
                throw new XFireRuntimeException("WSS4JInHandler: No action defined");
            }
            int decodeAction = WSSecurityUtil.decodeAction(str, vector);
            String str2 = (String) getOption("actor");
            AbstractMessage currentMessage = messageContext.getCurrentMessage();
            Document document = (Document) currentMessage.getProperty("dom.message");
            if (document == null) {
                log.error("DOMInHandler must be enabled for WS-Security!");
                throw new XFireRuntimeException("DOMInHandler must be enabled for WS-Security!");
            }
            if (currentMessage.getBody() instanceof XFireFault) {
                return;
            }
            CallbackHandler passwordCB = (decodeAction & 5) != 0 ? getPasswordCB(requestData) : null;
            doReceiverAction(decodeAction, requestData);
            long currentTimeMillis2 = tlog.isDebugEnabled() ? System.currentTimeMillis() : 0L;
            try {
                Vector processSecurityHeader = secEngine.processSecurityHeader(document, str2, passwordCB, requestData.getSigCrypto(), requestData.getDecCrypto());
                long currentTimeMillis3 = tlog.isDebugEnabled() ? System.currentTimeMillis() : 0L;
                if (processSecurityHeader == null) {
                    if (decodeAction == 0) {
                        return;
                    }
                    log.error("WSS4JInHandler: Request does not contain required Security header");
                    throw new XFireFault("WSS4JInHandler: Request does not contain required Security header", XFireFault.SENDER);
                }
                if (requestData.getWssConfig().isEnableSignatureConfirmation()) {
                    checkSignatureConfirmation(requestData, processSecurityHeader);
                }
                WSSecurityEngineResult fetchActionResult = WSSecurityUtil.fetchActionResult(processSecurityHeader, 2);
                if (fetchActionResult != null && (certificate = fetchActionResult.getCertificate()) != null && !verifyTrust(certificate, requestData)) {
                    log.error("WSS4JInHandler: The certificate used for the signature is not trusted");
                    throw new XFireFault("WSS4JInHandler: The certificate used for the signature is not trusted", XFireFault.SENDER);
                }
                WSSecurityEngineResult fetchActionResult2 = WSSecurityUtil.fetchActionResult(processSecurityHeader, 32);
                if (fetchActionResult2 != null && (timestamp = fetchActionResult2.getTimestamp()) != null && !verifyTimestamp(timestamp, decodeTimeToLive(requestData))) {
                    log.error("WSS4JInHandler: The timestamp could not be validated");
                    throw new XFireFault("WSS4JInHandler: The timestamp could not be validated", XFireFault.SENDER);
                }
                if (!checkReceiverResults(processSecurityHeader, vector)) {
                    log.error("WSS4JInHandler: security processing failed (actions mismatch)");
                    throw new XFireFault("WSS4JInHandler: security processing failed (actions mismatch)", XFireFault.SENDER);
                }
                Vector vector2 = (Vector) messageContext.getProperty("RECV_RESULTS");
                if (vector2 == null) {
                    vector2 = new Vector();
                    messageContext.setProperty("RECV_RESULTS", vector2);
                }
                vector2.add(0, new WSHandlerResult(str2, processSecurityHeader));
                if (tlog.isDebugEnabled()) {
                    long currentTimeMillis4 = System.currentTimeMillis();
                    tlog.debug(new StringBuffer().append("Receive request: total= ").append(currentTimeMillis4 - currentTimeMillis).append(" request preparation= ").append(currentTimeMillis2 - currentTimeMillis).append(" request processing= ").append(currentTimeMillis3 - currentTimeMillis2).append(" request to Axis= ").append(0 - currentTimeMillis3).append(" header, cert verify, timestamp= ").append(currentTimeMillis4 - 0).append("\n").toString());
                }
                if (isDebugEnabled) {
                    log.debug("WSS4JInHandler: exit invoke()");
                }
            } catch (WSSecurityException e) {
                log.error(e);
                throw new XFireFault("WSS4JInHandler: security processing failed", e, XFireFault.SENDER);
            }
        } catch (WSSecurityException e2) {
            log.error(e2);
        } finally {
            requestData.clear();
        }
    }
}
