package oracle.wsm.enforcer.security;

import java.io.IOException;
import java.util.Map;
import oracle.wsm.pep.EnforcementContext;
import oracle.wsm.pep.EnforcerContext;
import oracle.wsm.pep.ISOAPClientRequestContext;
import oracle.wsm.resource.MessageProtocol;
import oracle.wsm.wspolicy.PolicyAssertionChildParameters;
import oracle.wsm.xml.namespace.QualifiedName;

/* loaded from: input_file:jvmlibs.zip:user/wsm-agent-common.jar:oracle/wsm/enforcer/security/WSSUsernameTokenEnforcer.class */
public class WSSUsernameTokenEnforcer extends SecurityAssertionEnforcer {
    public static final String LOCAL_PART = "wss-username-token";
    public static final QualifiedName QNAME = new QualifiedName(SecurityAssertionEnforcer.NAMESPACE, LOCAL_PART, SecurityAssertionEnforcer.PREFIX);

    private UsernameToken createUsernameToken(Map<String, Object> map, EnforcerContext enforcerContext, String str, String str2, String str3) throws CredentialNotFoundException {
        String str4 = (String) map.get("javax.xml.ws.security.auth.username");
        String str5 = (String) map.get("javax.xml.ws.security.auth.password");
        if (null == str4 || null == str5) {
            throw CredentialNotFoundException.createCredentialNotFound(enforcerContext, str4, str5);
        }
        return new UsernameToken(str4, str5, str, Boolean.parseBoolean(str2), Boolean.parseBoolean(str3));
    }

    @Override // oracle.wsm.pep.Enforcer
    public void enforceMessage(EnforcerContext enforcerContext, boolean z) throws IOException {
        if (!z || null == enforcerContext.assertion.parameters) {
            return;
        }
        Map<String, Object> credentialMap = getCredentialMap(enforcerContext, SecurityAssertionEnforcer.CREDENTIALS);
        enforcerContext.customHeaders = getCustomHeaderMap(credentialMap);
        for (PolicyAssertionChildParameters policyAssertionChildParameters : enforcerContext.assertion.parameters.children) {
            if (USERNAME_TOKEN.equals(policyAssertionChildParameters.qName) && (enforcerContext.enforcementContext instanceof ISOAPClientRequestContext) && null != policyAssertionChildParameters.attributes) {
                ((ISOAPClientRequestContext) enforcerContext.enforcementContext).addMessageHeader(createUsernameToken(credentialMap, enforcerContext, policyAssertionChildParameters.attributes.get(PASSWORD_TYPE), policyAssertionChildParameters.attributes.get(ADD_NONCE), policyAssertionChildParameters.attributes.get(ADD_CREATED)));
                return;
            }
        }
    }

    @Override // oracle.wsm.enforcer.security.SecurityAssertionEnforcer, oracle.wsm.pep.Enforcer
    public void enforceTransport(EnforcerContext enforcerContext, boolean z) throws IOException {
        super.enforceTransport(enforcerContext, z);
    }

    @Override // oracle.wsm.pep.Enforcer
    public QualifiedName getQualifiedName() {
        return QNAME;
    }

    @Override // oracle.wsm.pep.Enforcer
    public boolean isCompatible(EnforcementContext enforcementContext) {
        return MessageProtocol.SOAP == enforcementContext.identifier.type.protocol;
    }
}
