package oracle.j2ee.ws.security.server;

import com.evermind.security.User;
import com.evermind.server.ThreadState;
import java.util.Iterator;
import java.util.List;
import javax.xml.namespace.QName;
import javax.xml.rpc.JAXRPCException;
import javax.xml.rpc.handler.GenericHandler;
import javax.xml.rpc.handler.MessageContext;
import javax.xml.rpc.handler.soap.SOAPMessageContext;
import javax.xml.rpc.soap.SOAPFaultException;
import javax.xml.soap.Detail;
import javax.xml.soap.MessageFactory;
import javax.xml.soap.SOAPException;
import javax.xml.soap.SOAPFault;
import javax.xml.soap.SOAPHeader;
import javax.xml.soap.SOAPHeaderElement;
import javax.xml.soap.SOAPMessage;
import oracle.j2ee.ws.common.util.QNameAdapter;
import oracle.j2ee.ws.security.elements.Password;
import oracle.j2ee.ws.security.elements.SecurityHeader;
import oracle.j2ee.ws.security.elements.Username;
import oracle.j2ee.ws.security.elements.UsernameToken;
import oracle.j2ee.ws.security.faults.FailedAuthenticationException;
import oracle.j2ee.ws.security.faults.InvalidSecurityException;
import oracle.j2ee.ws.security.util.SecurityConstants;

/* loaded from: input_file:oracle/j2ee/ws/security/server/Handler.class */
public class Handler extends GenericHandler implements SecurityConstants {
    private static final QName[] headers = {SecurityHeader.QNAME};
    private static final String SOAP_FAULT_EXCEPTION_PROPERTY = "oracle.j2ee.ws.security.server.SOAPFaultException";
    private MessageFactory messageFactory;

    public Handler() {
        try {
            this.messageFactory = MessageFactory.newInstance();
        } catch (SOAPException e) {
            throw new JAXRPCException(e);
        }
    }

    public QName[] getHeaders() {
        return headers;
    }

    public boolean handleRequest(MessageContext messageContext) {
        if (!(messageContext instanceof SOAPMessageContext)) {
            return true;
        }
        try {
            SOAPMessageContext sOAPMessageContext = (SOAPMessageContext) messageContext;
            SOAPHeader sOAPHeader = sOAPMessageContext.getMessage().getSOAPHeader();
            if (sOAPHeader != null) {
                Iterator examineAllHeaderElements = sOAPHeader.examineAllHeaderElements();
                while (examineAllHeaderElements.hasNext()) {
                    SOAPHeaderElement sOAPHeaderElement = (SOAPHeaderElement) examineAllHeaderElements.next();
                    if (QNameAdapter.getQNameAdapter(sOAPHeaderElement.getElementName()).equals(SecurityHeader.QNAME)) {
                        return validate(new SecurityHeader(sOAPHeaderElement), sOAPMessageContext);
                    }
                }
            }
            return true;
        } catch (Exception e) {
            if (e instanceof SOAPFaultException) {
                throw e;
            }
            e.printStackTrace();
            throw new JAXRPCException(e);
        }
    }

    private boolean validate(SecurityHeader securityHeader, SOAPMessageContext sOAPMessageContext) throws Exception {
        List usernameTokens = securityHeader.getUsernameTokens();
        if (usernameTokens.size() <= 0) {
            return true;
        }
        UsernameToken usernameToken = (UsernameToken) usernameTokens.iterator().next();
        Username username = usernameToken.getUsername();
        if (username == null) {
            SOAPFaultException invalidSecurityException = new InvalidSecurityException(InvalidSecurityException.getFailureMessage(new StringBuffer().append("missing ").append(UsernameToken.QNAME.toString()).toString()));
            sOAPMessageContext.setProperty(SOAP_FAULT_EXCEPTION_PROPERTY, invalidSecurityException);
            throw invalidSecurityException;
        }
        String username2 = username.getUsername();
        Password password = usernameToken.getPassword();
        String password2 = password != null ? password.getPassword() : "";
        if (username2 == null) {
            return true;
        }
        User user = ThreadState.getCurrentState().getContextContainer().getApplication().getUserManager().getUser(username2);
        if (user == null) {
            SOAPFaultException failedAuthenticationException = new FailedAuthenticationException(FailedAuthenticationException.getFailureMessage(username2));
            sOAPMessageContext.setProperty(SOAP_FAULT_EXCEPTION_PROPERTY, failedAuthenticationException);
            throw failedAuthenticationException;
        }
        if (user.authenticate(password2)) {
            sOAPMessageContext.setProperty(SecurityConstants.USER_PROPERTY, user);
            return true;
        }
        SOAPFaultException failedAuthenticationException2 = new FailedAuthenticationException(FailedAuthenticationException.getFailureMessage(username2));
        sOAPMessageContext.setProperty(SOAP_FAULT_EXCEPTION_PROPERTY, failedAuthenticationException2);
        throw failedAuthenticationException2;
    }

    public boolean handleFault(MessageContext messageContext) {
        try {
            if (messageContext instanceof SOAPMessageContext) {
                SOAPMessageContext sOAPMessageContext = (SOAPMessageContext) messageContext;
                SOAPFaultException sOAPFaultException = (SOAPFaultException) sOAPMessageContext.getProperty(SOAP_FAULT_EXCEPTION_PROPERTY);
                if (sOAPFaultException == null) {
                    return true;
                }
                sOAPMessageContext.setMessage(createFaultMessage(sOAPFaultException));
            }
            return true;
        } catch (Exception e) {
            e.printStackTrace();
            return true;
        }
    }

    private SOAPMessage createFaultMessage(SOAPFaultException sOAPFaultException) throws SOAPException {
        SOAPMessage createMessage = this.messageFactory.createMessage();
        createMessage.getMimeHeaders().addHeader("Content-type", "text-xml");
        SOAPFault addFault = createMessage.getSOAPBody().addFault();
        addFault.setFaultCode(QNameAdapter.getQNameAdapter(sOAPFaultException.getFaultCode()));
        addFault.setFaultString(sOAPFaultException.getFaultString());
        addFault.setFaultActor(sOAPFaultException.getFaultActor());
        if (sOAPFaultException.getDetail() != null) {
            Detail addDetail = addFault.addDetail();
            addDetail.detachNode();
            addDetail.setParentElement(addFault);
            addFault.addChildElement(addDetail);
        }
        createMessage.saveChanges();
        return createMessage;
    }
}
