package oracle.wsm.enforcer.security;

import java.io.IOException;
import java.util.Map;
import oracle.wsm.agent.httpconn.HTTPConnectionAgent;
import oracle.wsm.pep.ClientEnforcementContext;
import oracle.wsm.pep.EnforcementContext;
import oracle.wsm.pep.EnforcerContext;
import oracle.wsm.pep.IHTTPClientRequestContext;
import oracle.wsm.resource.MessageProtocol;
import oracle.wsm.util.logging.DebugLogger;
import oracle.wsm.util.logging.LogLevel;
import oracle.wsm.util.logging.LoggerFactory;
import oracle.wsm.wspolicy.PolicyAssertionChildParameters;
import oracle.wsm.xml.namespace.QualifiedName;

/* loaded from: input_file:jvmlibs.zip:user/wsm-agent-common.jar:oracle/wsm/enforcer/security/HTTPCookieEnforcer.class */
public class HTTPCookieEnforcer extends SecurityAssertionEnforcer {
    private static final DebugLogger LOGGER = LoggerFactory.getDebugLogger((Class<?>) HTTPCookieEnforcer.class);
    public static final String LOCAL_PART = "http-security-cookie";
    public static final QualifiedName QNAME = new QualifiedName(SecurityAssertionEnforcer.NAMESPACE, LOCAL_PART, SecurityAssertionEnforcer.PREFIX);
    private static final String COOKIES = "cookies";

    private String[] createHeader(EnforcerContext enforcerContext, Map<String, Object> map) throws IOException {
        if (LOGGER.isLoggable(LogLevel.FINEST)) {
            LOGGER.finest("Cookies being injected: " + ((Object) map));
        }
        if (map == null || !map.containsKey("cookies")) {
            return null;
        }
        return new String[]{"Cookie", (String) map.get("cookies")};
    }

    @Override // oracle.wsm.enforcer.security.SecurityAssertionEnforcer, oracle.wsm.pep.Enforcer
    public void enforceTransport(EnforcerContext enforcerContext, boolean z) throws IOException {
        if (z && null != enforcerContext.assertion.parameters) {
            ClientEnforcementContext clientEnforcementContext = (ClientEnforcementContext) enforcerContext.enforcementContext;
            Map<String, Object> requestParams = clientEnforcementContext.wsClientFactory.getCredentialHandler().getRequestParams(clientEnforcementContext.url.toString(), clientEnforcementContext.includeCustomHeader);
            enforcerContext.customHeaders = getCustomHeaderMap(requestParams);
            for (PolicyAssertionChildParameters policyAssertionChildParameters : enforcerContext.assertion.parameters.children) {
                if (AUTH_HEADER.equals(policyAssertionChildParameters.qName) && (enforcerContext.enforcementContext instanceof IHTTPClientRequestContext)) {
                    String[] createHeader = createHeader(enforcerContext, requestParams);
                    if (createHeader != null) {
                        ((IHTTPClientRequestContext) enforcerContext.enforcementContext).setTransportHeader(createHeader[0], createHeader[1]);
                    }
                } else if (REQUIRE_TLS.equals(policyAssertionChildParameters.qName) && (enforcerContext.enforcementContext instanceof ClientEnforcementContext)) {
                    validateTLSClientRequirement(enforcerContext, (ClientEnforcementContext) enforcerContext.enforcementContext);
                }
            }
        } else if (!z && null != enforcerContext.assertion.parameters) {
            ((HTTPConnectionAgent.HTTPEnforcementContext) enforcerContext.enforcementContext).processResponseCookies();
        }
        super.enforceTransport(enforcerContext, z);
    }

    @Override // oracle.wsm.pep.Enforcer
    public QualifiedName getQualifiedName() {
        return QNAME;
    }

    @Override // oracle.wsm.pep.Enforcer
    public boolean isCompatible(EnforcementContext enforcementContext) {
        return MessageProtocol.SOAP == enforcementContext.identifier.type.protocol || MessageProtocol.REST == enforcementContext.identifier.type.protocol;
    }
}
