package oracle.wsm.enforcer.security;

import java.io.IOException;
import java.util.Map;
import oracle.wsm.pep.ClientEnforcementContext;
import oracle.wsm.pep.Enforcer;
import oracle.wsm.pep.EnforcerContext;
import oracle.wsm.pep.IHTTPClientRequestContext;
import oracle.wsm.xml.namespace.QualifiedName;

/* loaded from: input_file:jvmlibs.zip:user/wsm-agent-common.jar:oracle/wsm/enforcer/security/SecurityAssertionEnforcer.class */
public abstract class SecurityAssertionEnforcer extends Enforcer {
    public static final String NAMESPACE = "http://schemas.oracle.com/ws/2006/01/securitypolicy";
    public static final String PREFIX = "orasp";
    public static final QualifiedName AUTH_HEADER = new QualifiedName(NAMESPACE, "auth-header", PREFIX);
    public static final QualifiedName MECHANISM = new QualifiedName(NAMESPACE, "mechanism", PREFIX);
    public static final QualifiedName INCLUDE_TIMESTAMP = new QualifiedName(NAMESPACE, "include-timestamp", PREFIX);
    public static final QualifiedName REQUIRE_TLS = new QualifiedName(NAMESPACE, "require-tls", PREFIX);
    public static final QualifiedName USERNAME_TOKEN = new QualifiedName(NAMESPACE, "username-token", PREFIX);
    public static final QualifiedName PASSWORD_TYPE = new QualifiedName(NAMESPACE, "password-type", PREFIX);
    public static final QualifiedName ADD_NONCE = new QualifiedName(NAMESPACE, "add-nonce", PREFIX);
    public static final QualifiedName ADD_CREATED = new QualifiedName(NAMESPACE, "add-created", PREFIX);
    public static final String USERNAME_PROPERTY = "javax.xml.ws.security.auth.username";
    public static final String PASSWORD_PROPERTY = "javax.xml.ws.security.auth.password";
    public static final String TLS_PROTOCOL = "https";
    public static final String CREDENTIALS = "credentials";
    private static final String HEADERS = "headers";

    /* JADX INFO: Access modifiers changed from: protected */
    public Timestamp createTimeStamp(EnforcerContext enforcerContext) {
        return new Timestamp(enforcerContext.getConfiguration(Timestamp.EXPIRE_TIME_PROPERTY, Integer.valueOf(Timestamp.EXPIRE_TIME_PROPERTY_DEFAULT)).intValue());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void validateTLSClientRequirement(EnforcerContext enforcerContext, ClientEnforcementContext clientEnforcementContext) throws IOException {
        if (!TLS_PROTOCOL.equalsIgnoreCase(clientEnforcementContext.url.getProtocol())) {
            throw SecurityException.createInvalidTLSAccessProtocol(enforcerContext, clientEnforcementContext.url);
        }
    }

    @Override // oracle.wsm.pep.Enforcer
    public void enforceTransport(EnforcerContext enforcerContext, boolean z) throws IOException {
        if (!z || null == enforcerContext.assertion.parameters) {
            return;
        }
        addCustomHeaders(enforcerContext);
    }

    protected void addCustomHeaders(EnforcerContext enforcerContext) throws IOException {
        Map<String, String> map = enforcerContext.customHeaders;
        if (map != null) {
            for (Map.Entry<String, String> entry : map.entrySet()) {
                ((IHTTPClientRequestContext) enforcerContext.enforcementContext).setTransportHeader(entry.getKey(), entry.getValue());
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Map<String, String> getCustomHeaderMap(Map<String, Object> map) {
        Map<String, String> map2 = null;
        Object obj = map.get("headers");
        if (obj instanceof Map) {
            map2 = (Map) obj;
        }
        return map2;
    }

    public Map<String, Object> getCredentialMap(EnforcerContext enforcerContext, String str) {
        return ((ClientEnforcementContext) enforcerContext.enforcementContext).wsClientFactory.getCredentialHandler().getCredentialInformation(new String[]{str});
    }
}
