package org.wso2.carbon.identity.sts.mgt.admin;

import javax.security.auth.callback.CallbackHandler;
import org.apache.axis2.AxisFault;
import org.apache.axis2.description.AxisService;
import org.apache.axis2.description.Parameter;
import org.apache.axis2.engine.AxisConfiguration;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.rahas.impl.SAMLTokenIssuerConfig;
import org.wso2.carbon.base.ServerConfiguration;
import org.wso2.carbon.identity.provider.AttributeCallbackHandler;
import org.wso2.carbon.identity.provider.IdentityProviderException;
import org.wso2.carbon.identity.provider.IdentityProviderUtil;
import org.wso2.carbon.identity.sts.mgt.IPPasswordCallbackHandler;
import org.wso2.carbon.identity.sts.mgt.internal.IdentitySTSMgtServiceComponent;
import org.wso2.carbon.registry.core.Registry;
import org.wso2.carbon.security.config.SecurityConfigAdmin;
import org.wso2.carbon.security.config.SecurityServiceAdmin;
import org.wso2.carbon.utils.ServerException;

/* loaded from: input_file:org/wso2/carbon/identity/sts/mgt/admin/STSConfigAdmin.class */
public class STSConfigAdmin {
    private static final Log log = LogFactory.getLog(STSConfigAdmin.class);

    public static void configureService(String str) throws IdentityProviderException {
        try {
            AxisConfiguration axisConfiguration = IdentitySTSMgtServiceComponent.getConfigurationContext().getAxisConfiguration();
            SecurityConfigAdmin securityConfigAdmin = new SecurityConfigAdmin(axisConfiguration, IdentitySTSMgtServiceComponent.getRegistryService().getConfigSystemRegistry(), new IPPasswordCallbackHandler());
            String firstProperty = ServerConfiguration.getInstance().getFirstProperty("Security.KeyStore.Location");
            String substring = firstProperty.substring(firstProperty.lastIndexOf("/") + 1);
            if (log.isDebugEnabled()) {
                log.debug("Applying identity security policy for service " + str);
            }
            if (IdentityProviderUtil.isIntial()) {
                if ("sts-ut".equals(str)) {
                    securityConfigAdmin.applySecurity("sts-ut", "scenario19", (String) null, (String[]) null, (String) null, (String[]) null);
                } else if ("sts-openid-ut".equals(str)) {
                    securityConfigAdmin.applySecurity("sts-openid-ut", "scenario19", (String) null, (String[]) null, (String) null, (String[]) null);
                } else if ("sts-ic".equals(str)) {
                    securityConfigAdmin.applySecurity("sts-ic", "scenario18", (String) null, new String[]{substring}, substring, (String[]) null);
                } else if ("sts-openid-ic".equals(str)) {
                    securityConfigAdmin.applySecurity("sts-openid-ic", "scenario18", (String) null, new String[]{substring}, substring, (String[]) null);
                } else if ("sts-ut-symm".equals(str)) {
                    securityConfigAdmin.applySecurity("sts-ut-symm", "scenario18", (String) null, new String[]{substring}, substring, (String[]) null);
                } else if ("sts-ic-symm".equals(str)) {
                    securityConfigAdmin.applySecurity("sts-ic-symm", "scenario18", (String) null, new String[]{substring}, substring, (String[]) null);
                }
            }
            if ("sts-ut".equals(str)) {
                overrideCallbackHandler(axisConfiguration, "sts-ut");
            } else if ("sts-ut-symm".equals(str)) {
                overrideCallbackHandler(axisConfiguration, "sts-ut-symm");
            } else if ("sts-openid-ut".equals(str)) {
                overrideCallbackHandler(axisConfiguration, "sts-openid-ut");
            } else if ("sts-ic".equals(str)) {
                overrideCallbackHandler(axisConfiguration, "sts-ic");
            }
        } catch (RuntimeException e) {
            throw e;
        } catch (Exception e2) {
            log.error("errorInChangingSecurityConfiguration", e2);
            throw new IdentityProviderException("errorInChangingSecurityConfiguration", e2);
        }
    }

    public static void configureGenericSTS() throws IdentityProviderException {
        try {
            AxisService service = IdentitySTSMgtServiceComponent.getConfigurationContext().getAxisConfiguration().getService("wso2carbon-sts");
            if (service == null) {
                return;
            }
            Parameter parameter = service.getParameter(SAMLTokenIssuerConfig.SAML_ISSUER_CONFIG.getLocalPart());
            if (parameter != null) {
                SAMLTokenIssuerConfig sAMLTokenIssuerConfig = new SAMLTokenIssuerConfig(parameter.getParameterElement().getFirstChildWithName(SAMLTokenIssuerConfig.SAML_ISSUER_CONFIG));
                sAMLTokenIssuerConfig.setCallbackHandlerName(AttributeCallbackHandler.class.getName());
                String firstProperty = ServerConfiguration.getInstance().getFirstProperty("STSTimeToLive");
                if (firstProperty != null && firstProperty.length() > 0) {
                    try {
                        sAMLTokenIssuerConfig.setTtl(Long.parseLong(firstProperty));
                        if (log.isDebugEnabled()) {
                            log.debug("STSTimeToLive read from carbon.xml " + firstProperty);
                        }
                    } catch (NumberFormatException e) {
                        log.error("Error while reading STSTimeToLive from carbon.xml", e);
                    }
                }
                setSTSParameter(sAMLTokenIssuerConfig);
            }
        } catch (Exception e2) {
            log.error("Error while setting password callback to the STS", e2);
            throw new IdentityProviderException(e2.getMessage(), e2);
        }
    }

    public static void configureService(AxisConfiguration axisConfiguration, Registry registry) throws IdentityProviderException {
        AxisConfiguration axisConfiguration2 = IdentitySTSMgtServiceComponent.getConfigurationContext().getAxisConfiguration();
        try {
            String firstProperty = ServerConfiguration.getInstance().getFirstProperty("Security.KeyStore.Location");
            String substring = firstProperty.substring(firstProperty.lastIndexOf("/") + 1);
            SecurityConfigAdmin securityConfigAdmin = new SecurityConfigAdmin(axisConfiguration, registry, new IPPasswordCallbackHandler());
            if (log.isDebugEnabled()) {
                log.debug("Applying identity security policy for Identity STS services");
            }
            if (IdentityProviderUtil.isIntial()) {
                if (axisConfiguration2.getService("sts-ut") != null) {
                    securityConfigAdmin.applySecurity("sts-ut", "scenario19", (String) null, (String[]) null, (String) null, (String[]) null);
                }
                if (axisConfiguration2.getService("sts-openid-ut") != null) {
                    securityConfigAdmin.applySecurity("sts-openid-ut", "scenario19", (String) null, (String[]) null, (String) null, (String[]) null);
                }
                if (axisConfiguration2.getService("sts-ic") != null) {
                    securityConfigAdmin.applySecurity("sts-ic", "scenario18", (String) null, new String[]{substring}, substring, (String[]) null);
                }
                if (axisConfiguration2.getService("sts-openid-ic") != null) {
                    securityConfigAdmin.applySecurity("sts-openid-ic", "scenario18", (String) null, new String[]{substring}, substring, (String[]) null);
                }
                if (axisConfiguration2.getService("sts-ut-symm") != null) {
                    securityConfigAdmin.applySecurity("sts-ut-symm", "scenario18", (String) null, new String[]{substring}, substring, (String[]) null);
                }
                if (axisConfiguration2.getService("sts-ic-symm") != null) {
                    securityConfigAdmin.applySecurity("sts-ic-symm", "scenario18", (String) null, new String[]{substring}, substring, (String[]) null);
                }
            }
            if (axisConfiguration2.getService("sts-ut") != null) {
                overrideCallbackHandler(axisConfiguration2, "sts-ut");
            }
            if (axisConfiguration2.getService("sts-ut-symm") != null) {
                overrideCallbackHandler(axisConfiguration2, "sts-ut-symm");
            }
            if (axisConfiguration2.getService("sts-openid-ut") != null) {
                overrideCallbackHandler(axisConfiguration2, "sts-openid-ut");
            }
            if (axisConfiguration2.getService("sts-ic") != null) {
                overrideCallbackHandler(axisConfiguration2, "sts-ic");
            }
        } catch (Exception e) {
            log.error("errorInChangingSecurityConfiguration", e);
            throw new IdentityProviderException("errorInChangingSecurityConfiguration", e);
        }
    }

    public static void overrideCallbackHandler(AxisConfiguration axisConfiguration, String str) throws AxisFault {
        AxisService service = axisConfiguration.getService(str);
        Parameter parameter = service.getParameter("passwordCallbackRef");
        if (parameter != null) {
            service.removeParameter(parameter);
            if (log.isDebugEnabled()) {
                log.debug("removedParameter");
            }
        }
        service.addParameter(getPasswordCallBackRefParameter(str));
        if (log.isDebugEnabled()) {
            log.debug("addedParameter");
        }
    }

    public static void overrideCallbackHandler(AxisService axisService) throws AxisFault {
        Parameter parameter = axisService.getParameter("passwordCallbackRef");
        Object obj = null;
        if (parameter != null) {
            obj = (CallbackHandler) parameter;
            axisService.removeParameter(parameter);
            if (log.isDebugEnabled()) {
                log.debug("removedParameter");
            }
        }
        Object iPPasswordCallbackHandler = obj != null ? obj : new IPPasswordCallbackHandler();
        Parameter parameter2 = new Parameter();
        parameter2.setName("passwordCallbackRef");
        parameter2.setValue(iPPasswordCallbackHandler);
        axisService.addParameter(parameter2);
        if (log.isDebugEnabled()) {
            log.debug("addedParameter");
        }
    }

    public static Parameter getPasswordCallBackRefParameter(String str) throws AxisFault {
        Parameter parameter = new Parameter();
        parameter.setName("passwordCallbackRef");
        try {
            parameter.setValue(new IPPasswordCallbackHandler());
            return parameter;
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            throw new AxisFault(e.getMessage(), e);
        }
    }

    private static void setSTSParameter(SAMLTokenIssuerConfig sAMLTokenIssuerConfig) throws AxisFault, ServerException {
        try {
            new SecurityServiceAdmin(IdentitySTSMgtServiceComponent.getConfigurationContext().getAxisConfiguration()).setServiceParameterElement("wso2carbon-sts", sAMLTokenIssuerConfig.getParameter());
        } catch (ServerException e) {
            throw new AxisFault("Error configuring STS parameters.");
        }
    }
}
