package org.wso2.carbon.appfactory.utilities.sts;

import java.io.File;
import javax.xml.namespace.QName;
import org.apache.axiom.om.OMAbstractFactory;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.OMNamespace;
import org.apache.axiom.om.impl.builder.StAXOMBuilder;
import org.apache.axis2.client.Options;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.neethi.Policy;
import org.apache.neethi.PolicyEngine;
import org.apache.rahas.TrustUtil;
import org.apache.rahas.client.STSClient;
import org.apache.rampart.policy.model.RampartConfig;
import org.apache.ws.secpolicy.SP11Constants;
import org.opensaml.saml2.core.Assertion;
import org.wso2.carbon.appfactory.common.AppFactoryException;
import org.wso2.carbon.appfactory.common.util.AppFactoryUtil;
import org.wso2.carbon.appfactory.utilities.internal.ServiceReferenceHolder;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.identity.sso.saml.util.SAMLSSOUtil;
import org.wso2.carbon.utils.CarbonUtils;

/* loaded from: input_file:org/wso2/carbon/appfactory/utilities/sts/STSUtil.class */
public class STSUtil {
    private static Log log = LogFactory.getLog(STSUtil.class);

    public static String getEncodedTokenFromSTS(String str, String str2, String str3) throws AppFactoryException {
        String str4 = null;
        try {
            str4 = SAMLSSOUtil.encode(SAMLSSOUtil.marshall(getSTSToken(str, AppFactoryUtil.getAppfactoryConfiguration().getFirstProperty("SSORelyingParty.AssertionConsumerService").toString(), str2, str3, getPolicyPath(), getSTSUrlForTenant(CarbonContext.getThreadLocalCarbonContext().getTenantDomain(), CarbonContext.getThreadLocalCarbonContext().getTenantId()), AppFactoryUtil.getAppfactoryConfiguration().getFirstProperty("SSORelyingParty.Name").toString())));
        } catch (Exception e) {
            handleException("Error while creating a response over sts token", e);
        }
        return str4;
    }

    public static String getSTSUrlForTenant(String str, int i) throws AppFactoryException {
        String str2 = null;
        try {
            str2 = i != -1234 ? AppFactoryUtil.getAppfactoryConfiguration().getFirstProperty("STS.Epr.serviceslocation") + AppFactoryUtil.getAppfactoryConfiguration().getFirstProperty("STS.Epr.tenantlocationtemplate").replace("{tenantdomain}", str) + AppFactoryUtil.getAppfactoryConfiguration().getFirstProperty("STS.Epr.servicename") : AppFactoryUtil.getAppfactoryConfiguration().getFirstProperty("STS.Epr.serviceslocation") + AppFactoryUtil.getAppfactoryConfiguration().getFirstProperty("STS.Epr.servicename");
        } catch (Exception e) {
            handleException("Building STS epr failed ", e);
        }
        return str2;
    }

    public static Assertion getSTSToken(String str, String str2, String str3, String str4, String str5, String str6, String str7) throws AppFactoryException {
        Assertion assertion = null;
        try {
            STSClient createSTSClient = createSTSClient(str3);
            Policy loadPolicy = loadPolicy(str5);
            Options options = new Options();
            options.setUserName(str3);
            options.setPassword(str4);
            createSTSClient.setOptions(options);
            loadPolicy.addAssertion(new RampartConfig());
            assertion = (Assertion) SAMLSSOUtil.unmarshall(createSTSClient.requestSecurityToken((Policy) null, str6, loadPolicy, str7).getToken().toString());
        } catch (Exception e) {
            handleException("Error in requesting security token ", e);
        }
        return assertion;
    }

    public static STSClient createSTSClient(String str) throws AppFactoryException {
        STSClient sTSClient = null;
        try {
            sTSClient = new STSClient(ServiceReferenceHolder.getInstance().getConfigContextService().getClientConfigContext());
            sTSClient.setRstTemplate(getRSTTemplate());
            sTSClient.setAction(TrustUtil.getActionValue(1, "/RST/Issue"));
        } catch (Exception e) {
            handleException("Failed creating a sts client ", e);
        }
        return sTSClient;
    }

    public static String getPolicyPath() throws AppFactoryException {
        return CarbonUtils.getCarbonConfigDirPath() + File.separator + "appfactory" + File.separator + AppFactoryUtil.getAppfactoryConfiguration().getFirstProperty("STS.PolicyFile");
    }

    public static Policy loadPolicy(String str) throws AppFactoryException {
        Policy policy = null;
        try {
            policy = PolicyEngine.getPolicy(new StAXOMBuilder(str).getDocumentElement());
        } catch (Exception e) {
            handleException("Failed loading policy ", e);
        }
        return policy;
    }

    private static OMElement getRSTTemplate() throws AppFactoryException {
        OMElement createOMElement = OMAbstractFactory.getOMFactory().createOMElement(SP11Constants.REQUEST_SECURITY_TOKEN_TEMPLATE);
        try {
            if ("2.0".equals("2.0")) {
                TrustUtil.createTokenTypeElement(1, createOMElement).setText("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0");
            } else if ("1.1".equals("2.0")) {
                TrustUtil.createTokenTypeElement(1, createOMElement).setText("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1");
            }
        } catch (Exception e) {
            handleException("Failed create token element ", e);
        }
        String firstProperty = AppFactoryUtil.getAppfactoryConfiguration().getFirstProperty("STS.STSSubjectConfirmationMethod");
        String firstProperty2 = AppFactoryUtil.getAppfactoryConfiguration().getFirstProperty("STS.Cliams");
        String[] split = AppFactoryUtil.getAppfactoryConfiguration().getFirstProperty("STS.ClaimUris").split(",");
        try {
            if ("b".equals(firstProperty)) {
                TrustUtil.createKeyTypeElement(1, createOMElement, "/Bearer");
            } else if ("h".equals(firstProperty)) {
                TrustUtil.createKeyTypeElement(1, createOMElement, "/SymmetricKey");
            }
        } catch (Exception e2) {
            handleException("Failed create key element ", e2);
        }
        try {
            addClaimType(TrustUtil.createClaims(1, createOMElement, firstProperty2), split);
        } catch (Exception e3) {
            handleException("Failed addig claims ", e3);
        }
        return createOMElement;
    }

    private static void addClaimType(OMElement oMElement, String[] strArr) throws AppFactoryException {
        for (String str : strArr) {
            oMElement.getOMFactory().createOMElement(new QName(AppFactoryUtil.getAppfactoryConfiguration().getFirstProperty("STS.ClaimNamespace"), "ClaimType", "wsid"), oMElement).addAttribute(oMElement.getOMFactory().createOMAttribute("Uri", (OMNamespace) null, str));
        }
    }

    private static void handleException(String str, Exception exc) throws AppFactoryException {
        log.error(str, exc);
        throw new AppFactoryException(str, exc);
    }
}
