package org.wso2.wsas.security;

import java.io.File;
import java.io.IOException;
import java.util.Iterator;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.ws.security.WSPasswordCallback;
import org.wso2.utils.ServerConfiguration;
import org.wso2.utils.security.CryptoException;
import org.wso2.utils.security.CryptoUtil;
import org.wso2.wsas.feed.rss.ServiceElement;
import org.wso2.wsas.persistence.PersistenceManager;
import org.wso2.wsas.persistence.dataobject.KeyStoreDO;
import org.wso2.wsas.persistence.dataobject.ServiceDO;
import org.wso2.wsas.persistence.dataobject.ServiceIdentifierDO;
import org.wso2.wsas.persistence.dataobject.ServiceUserDO;
import org.wso2.wsas.persistence.dataobject.ServiceUserRoleDO;

/* loaded from: input_file:org/wso2/wsas/security/ServicePasswordCallbackHandler.class */
public class ServicePasswordCallbackHandler implements CallbackHandler {
    private static final Log log;
    private String serviceId;
    private String serviceVersion;
    static Class class$org$wso2$wsas$security$ServicePasswordCallbackHandler;

    public ServicePasswordCallbackHandler(String str, String str2) {
        this.serviceVersion = ServiceIdentifierDO.EMPTY_SERVICE_VERSION;
        this.serviceId = str;
        this.serviceVersion = str2;
    }

    public ServicePasswordCallbackHandler(String str) {
        this.serviceVersion = ServiceIdentifierDO.EMPTY_SERVICE_VERSION;
        this.serviceId = str;
    }

    @Override // javax.security.auth.callback.CallbackHandler
    public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
        for (int i = 0; i < callbackArr.length; i++) {
            if (!(callbackArr[i] instanceof WSPasswordCallback)) {
                throw new UnsupportedCallbackException(callbackArr[i], "Unrecognized Callback");
            }
            WSPasswordCallback wSPasswordCallback = (WSPasswordCallback) callbackArr[i];
            String identifer = wSPasswordCallback.getIdentifer();
            String password = getPassword(identifer, this.serviceId, this.serviceVersion);
            switch (wSPasswordCallback.getUsage()) {
                case 1:
                case ServiceElement.SERVICE_STOP /* 3 */:
                    wSPasswordCallback.setPassword(getPrivateKeyPassword(identifer));
                    break;
                case 2:
                case ServiceElement.SERVICE_START /* 4 */:
                default:
                    if (password == null) {
                        password = "";
                    }
                    wSPasswordCallback.setPassword(password);
                    break;
                case 5:
                    String password2 = wSPasswordCallback.getPassword();
                    if (!(password2 != null && password2.equals(password))) {
                        throw new UnsupportedCallbackException(callbackArr[i], "check failed");
                    }
                    break;
                    break;
            }
        }
    }

    private String getPrivateKeyPassword(String str) throws IOException {
        KeyStoreDO privateKeyStore = new PersistenceManager().getService(this.serviceId, this.serviceVersion).getPrivateKeyStore();
        if (!str.equals(privateKeyStore.getPrivateKeyAlias())) {
            return null;
        }
        try {
            ServerConfiguration serverConfiguration = ServerConfiguration.getInstance();
            return new String(new CryptoUtil(new File(serverConfiguration.getFirstProperty("Security.KeyStore.Location")).getAbsolutePath(), serverConfiguration.getFirstProperty("Security.KeyStore.Password"), serverConfiguration.getFirstProperty("Security.KeyStore.KeyAlias"), serverConfiguration.getFirstProperty("Security.KeyStore.KeyPassword"), serverConfiguration.getFirstProperty("Security.KeyStore.Type")).base64DecodeAndDecrypt(privateKeyStore.getPrivateKeyPassword()));
        } catch (CryptoException e) {
            throw new IOException(e.getMessage());
        }
    }

    private String getPassword(String str, String str2, String str3) {
        PersistenceManager persistenceManager = new PersistenceManager();
        if (str3 == null || str3.trim().length() == 0) {
            str3 = ServiceIdentifierDO.EMPTY_SERVICE_VERSION;
        }
        ServiceUserDO user = persistenceManager.getUser(str);
        if (user == null) {
            return null;
        }
        ServiceDO service = persistenceManager.getService(str2, str3);
        boolean z = false;
        Iterator it = service.getRoles().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            if (persistenceManager.userHasRole(str, (ServiceUserRoleDO) it.next())) {
                z = true;
                break;
            }
        }
        if (!z && !service.getUsers().contains(user)) {
            return null;
        }
        String str4 = null;
        try {
            ServerConfiguration serverConfiguration = ServerConfiguration.getInstance();
            str4 = new String(new CryptoUtil(new File(serverConfiguration.getFirstProperty("Security.KeyStore.Location")).getAbsolutePath(), serverConfiguration.getFirstProperty("Security.KeyStore.Password"), serverConfiguration.getFirstProperty("Security.KeyStore.KeyAlias"), serverConfiguration.getFirstProperty("Security.KeyStore.KeyPassword"), serverConfiguration.getFirstProperty("Security.KeyStore.Type")).base64DecodeAndDecrypt(user.getPassword()));
        } catch (CryptoException e) {
            log.error("Exception occurred while decrypting password", e);
        }
        return str4;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$wso2$wsas$security$ServicePasswordCallbackHandler == null) {
            cls = class$("org.wso2.wsas.security.ServicePasswordCallbackHandler");
            class$org$wso2$wsas$security$ServicePasswordCallbackHandler = cls;
        } else {
            cls = class$org$wso2$wsas$security$ServicePasswordCallbackHandler;
        }
        log = LogFactory.getLog(cls);
    }
}
