package afirmaws.services.ws;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.util.Properties;
import javax.xml.soap.MimeHeaders;
import javax.xml.soap.SOAPMessage;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.apache.axis.AxisFault;
import org.apache.axis.MessageContext;
import org.apache.axis.handlers.BasicHandler;
import org.apache.axis.soap.MessageFactoryImpl;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.ws.security.components.crypto.Crypto;
import org.apache.ws.security.components.crypto.CryptoFactory;
import org.apache.ws.security.message.WSSecHeader;
import org.apache.ws.security.message.WSSecSignature;
import org.apache.ws.security.message.WSSecUsernameToken;
import org.w3c.dom.Document;

/* loaded from: input_file:afirmaws/services/ws/ClientHandler.class */
public class ClientHandler extends BasicHandler {
    private static final long serialVersionUID = -1908344577057425487L;
    private static Log log = LogFactory.getLog(ClientHandler.class);
    public static final String USERNAMEOPTION = "UsernameToken";
    public static final String CERTIFICATEOPTION = "BinarySecurityToken";
    public static final String NONEOPTION = "None";
    private String securityOption;
    private String userTokenUserName;
    private String userTokenUserPassword;
    private String userTokenUserPasswordType;
    private String keystoreLocation;
    private String keystoreType;
    private String keystorePassword;
    private String keystoreCertAlias;
    private String keystoreCertPassword;

    public ClientHandler(Properties properties) {
        this.securityOption = null;
        this.userTokenUserName = null;
        this.userTokenUserPassword = null;
        this.userTokenUserPasswordType = null;
        this.keystoreLocation = null;
        this.keystoreType = null;
        this.keystorePassword = null;
        this.keystoreCertAlias = null;
        this.keystoreCertPassword = null;
        if (properties == null) {
            log.error("Fichero de configuracion de propiedades nulo");
        } else {
            try {
                this.securityOption = properties.getProperty("modo");
                this.userTokenUserName = properties.getProperty("user");
                this.userTokenUserPassword = properties.getProperty("password");
                this.userTokenUserPasswordType = properties.getProperty("passwordType");
                this.keystoreLocation = properties.getProperty("keystore.location");
                this.keystoreType = properties.getProperty("keystore.tipo");
                this.keystorePassword = properties.getProperty("keystore.password");
                this.keystoreCertAlias = properties.getProperty("cert.alias");
                this.keystoreCertPassword = properties.getProperty("cert.password");
            } catch (Exception e) {
                log.error("Error leyendo el fichero de configuración de securización");
            }
        }
        if (this.securityOption.equals(USERNAMEOPTION) || this.securityOption.equals(CERTIFICATEOPTION) || this.securityOption.equals(NONEOPTION)) {
            return;
        }
        log.error("Opcion de seguridad no valida: " + this.securityOption);
    }

    public void invoke(MessageContext messageContext) throws AxisFault {
        try {
            SOAPMessage currentMessage = messageContext.getCurrentMessage();
            Document asDocument = currentMessage.getSOAPPart().getEnvelope().getAsDocument();
            SOAPMessage createUserNameToken = this.securityOption.equals(USERNAMEOPTION) ? createUserNameToken(asDocument) : this.securityOption.equals(CERTIFICATEOPTION) ? createBinarySecurityToken(asDocument) : currentMessage;
            if (createUserNameToken == null) {
                throw new AxisFault("No se ha obtenido correctamente la securización de la petición SOAP a partir de la opción de seguridad configurada");
            }
            messageContext.getRequestMessage().getSOAPPart().setCurrentMessage(createUserNameToken.getSOAPPart().getEnvelope(), 3);
        } catch (Exception e) {
            log.error(e.getMessage());
        }
    }

    private SOAPMessage createUserNameToken(Document document) {
        try {
            WSSecHeader wSSecHeader = new WSSecHeader((String) null, false);
            WSSecUsernameToken wSSecUsernameToken = new WSSecUsernameToken();
            wSSecUsernameToken.setPasswordType(this.userTokenUserPasswordType);
            wSSecUsernameToken.setUserInfo(this.userTokenUserName, this.userTokenUserPassword);
            wSSecHeader.insertSecurityHeader(document);
            wSSecUsernameToken.prepare(document);
            wSSecUsernameToken.addCreated();
            wSSecUsernameToken.addNonce();
            DOMSource dOMSource = new DOMSource(wSSecUsernameToken.build(document, wSSecHeader).getDocumentElement());
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            TransformerFactory.newInstance().newTransformer().transform(dOMSource, new StreamResult(byteArrayOutputStream));
            return new MessageFactoryImpl().createMessage((MimeHeaders) null, new ByteArrayInputStream(new String(byteArrayOutputStream.toByteArray()).getBytes()));
        } catch (Exception e) {
            log.error(e.getMessage());
            return null;
        }
    }

    private SOAPMessage createBinarySecurityToken(Document document) {
        try {
            WSSecHeader wSSecHeader = new WSSecHeader((String) null, false);
            WSSecSignature wSSecSignature = new WSSecSignature();
            Crypto cryptoFactory = CryptoFactory.getInstance(initializateCryptoProperties());
            wSSecSignature.setKeyIdentifierType(1);
            wSSecSignature.setUserInfo(this.keystoreCertAlias, this.keystoreCertPassword);
            wSSecHeader.insertSecurityHeader(document);
            wSSecSignature.prepare(document, cryptoFactory, wSSecHeader);
            DOMSource dOMSource = new DOMSource(wSSecSignature.build(document, cryptoFactory, wSSecHeader).getDocumentElement());
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            TransformerFactory.newInstance().newTransformer().transform(dOMSource, new StreamResult(byteArrayOutputStream));
            return new MessageFactoryImpl().createMessage((MimeHeaders) null, new ByteArrayInputStream(new String(byteArrayOutputStream.toByteArray()).getBytes()));
        } catch (Exception e) {
            log.error(e.getMessage());
            return null;
        }
    }

    private Properties initializateCryptoProperties() {
        Properties properties = new Properties();
        properties.setProperty("org.apache.ws.security.crypto.provider", "org.apache.ws.security.components.crypto.Merlin");
        properties.setProperty("org.apache.ws.security.crypto.merlin.keystore.type", this.keystoreType);
        properties.setProperty("org.apache.ws.security.crypto.merlin.keystore.password", this.keystorePassword);
        properties.setProperty("org.apache.ws.security.crypto.merlin.keystore.alias", this.keystoreCertAlias);
        properties.setProperty("org.apache.ws.security.crypto.merlin.alias.password", this.keystoreCertPassword);
        properties.setProperty("org.apache.ws.security.crypto.merlin.file", this.keystoreLocation);
        return properties;
    }
}
