package oracle.wsm.enforcer.security;

import java.io.IOException;
import java.util.Iterator;
import oracle.wsm.pep.ClientEnforcementContext;
import oracle.wsm.pep.EnforcerContext;
import oracle.wsm.pep.ISOAPClientRequestContext;
import oracle.wsm.wspolicy.PolicyAssertionChildParameters;
import oracle.wsm.xml.namespace.QualifiedName;

/* loaded from: input_file:jvmlibs.zip:user/wsm-agent-common.jar:oracle/wsm/enforcer/security/WSSUsernameTokenOverSSLEnforcer.class */
public class WSSUsernameTokenOverSSLEnforcer extends WSSUsernameTokenEnforcer {
    public static final String LOCAL_PART = "wss-username-token-over-ssl";
    public static final QualifiedName QNAME = new QualifiedName(SecurityAssertionEnforcer.NAMESPACE, LOCAL_PART, SecurityAssertionEnforcer.PREFIX);

    @Override // oracle.wsm.enforcer.security.WSSUsernameTokenEnforcer, oracle.wsm.pep.Enforcer
    public void enforceMessage(EnforcerContext enforcerContext, boolean z) throws IOException {
        if (z && null != enforcerContext.assertion.parameters) {
            Iterator<PolicyAssertionChildParameters> it = enforcerContext.assertion.parameters.children.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                PolicyAssertionChildParameters next = it.next();
                if (REQUIRE_TLS.equals(next.qName) && null != next.attributes) {
                    if (Boolean.TRUE.equals(Boolean.valueOf(Boolean.parseBoolean(next.attributes.get(INCLUDE_TIMESTAMP))))) {
                        ((ISOAPClientRequestContext) enforcerContext.enforcementContext).addMessageHeader(createTimeStamp(enforcerContext));
                        break;
                    }
                }
            }
        }
        super.enforceMessage(enforcerContext, z);
    }

    @Override // oracle.wsm.enforcer.security.WSSUsernameTokenEnforcer, oracle.wsm.enforcer.security.SecurityAssertionEnforcer, oracle.wsm.pep.Enforcer
    public void enforceTransport(EnforcerContext enforcerContext, boolean z) throws IOException {
        if (z && null != enforcerContext.assertion.parameters) {
            Iterator<PolicyAssertionChildParameters> it = enforcerContext.assertion.parameters.children.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                if (REQUIRE_TLS.equals(it.next().qName) && (enforcerContext.enforcementContext instanceof ClientEnforcementContext)) {
                    validateTLSClientRequirement(enforcerContext, (ClientEnforcementContext) enforcerContext.enforcementContext);
                    break;
                }
            }
        }
        super.enforceTransport(enforcerContext, z);
    }

    @Override // oracle.wsm.enforcer.security.WSSUsernameTokenEnforcer, oracle.wsm.pep.Enforcer
    public QualifiedName getQualifiedName() {
        return QNAME;
    }
}
