package org.globus.wsrf.impl.security.authentication.signature;

import java.util.HashMap;
import java.util.Iterator;
import javax.xml.namespace.QName;
import javax.xml.rpc.handler.MessageContext;
import javax.xml.soap.SOAPEnvelope;
import javax.xml.soap.SOAPHeader;
import javax.xml.soap.SOAPHeaderElement;
import javax.xml.soap.SOAPMessage;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.ws.security.SOAPConstants;
import org.apache.ws.security.WSSConfig;
import org.apache.ws.security.conversation.message.token.SecurityContextToken;
import org.apache.ws.security.message.EnvelopeIdResolver;
import org.apache.ws.security.message.WSSignEnvelope;
import org.apache.ws.security.message.token.Reference;
import org.apache.ws.security.message.token.SecurityTokenReference;
import org.apache.ws.security.util.WSSecurityUtil;
import org.apache.xml.security.algorithms.SignatureAlgorithm;
import org.apache.xml.security.keys.KeyInfo;
import org.apache.xml.security.signature.XMLSignature;
import org.apache.xml.security.transforms.Transforms;
import org.apache.xml.security.transforms.params.InclusiveNamespaces;
import org.apache.xml.security.utils.XMLUtils;
import org.globus.wsrf.impl.security.authentication.Constants;
import org.globus.wsrf.impl.security.authentication.secureconv.SecureConversationMessage;
import org.globus.wsrf.impl.security.authentication.wssec.GSSConfig;
import org.globus.wsrf.impl.security.util.EnvelopeConverter;
import org.globus.wsrf.providers.GSSPrivateKey;
import org.ietf.jgss.GSSContext;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:org/globus/wsrf/impl/security/authentication/signature/GssSignedSOAPEnvelopeBuilder.class */
public class GssSignedSOAPEnvelopeBuilder extends WSSignEnvelope {
    private static Log logger;
    protected GSSContext context;
    protected MessageContext msgContext;
    protected String contextId;
    protected String canonicalizationAlgorithm;
    static Class class$org$globus$wsrf$impl$security$authentication$signature$GssSignedSOAPEnvelopeBuilder;

    public GssSignedSOAPEnvelopeBuilder(MessageContext messageContext, GSSContext gSSContext) {
        this(messageContext, gSSContext, null);
    }

    public GssSignedSOAPEnvelopeBuilder(MessageContext messageContext, GSSContext gSSContext, String str) {
        this.canonicalizationAlgorithm = "http://www.w3.org/2001/10/xml-exc-c14n#";
        this.msgContext = messageContext;
        this.context = gSSContext;
        this.contextId = str;
    }

    private String getContextId() {
        return this.contextId == null ? String.valueOf(this.context.hashCode()) : this.contextId;
    }

    public String getCanonicalizationAlgorithm() {
        return this.canonicalizationAlgorithm;
    }

    public void setCanonicalizationAlgorithm(String str) {
        this.canonicalizationAlgorithm = str;
    }

    public SOAPEnvelope build(SOAPEnvelope sOAPEnvelope) throws Exception {
        return buildMessage(sOAPEnvelope).getSOAPPart().getEnvelope();
    }

    public SOAPMessage buildMessage(SOAPEnvelope sOAPEnvelope) throws Exception {
        SOAPHeader header;
        logger.debug("Beginning signing...");
        WSSConfig defaultWSConfig = WSSConfig.getDefaultWSConfig();
        Document document = EnvelopeConverter.getInstance().toDocument(sOAPEnvelope);
        SOAPConstants sOAPConstants = WSSecurityUtil.getSOAPConstants(document.getDocumentElement());
        Element insertSecurityHeader = insertSecurityHeader(document);
        Element createElementInSignatureSpace = XMLUtils.createElementInSignatureSpace(document, "CanonicalizationMethod");
        createElementInSignatureSpace.setAttributeNS(null, "Algorithm", this.canonicalizationAlgorithm);
        createElementInSignatureSpace.appendChild(new InclusiveNamespaces(document, getInclusivePrefixes(insertSecurityHeader, false)).getElement());
        XMLSignature xMLSignature = new XMLSignature(document, (String) null, new SignatureAlgorithm(document, SignatureGSS.URI).getElement(), createElementInSignatureSpace);
        Element findBodyElement = WSSecurityUtil.findBodyElement(document, sOAPConstants);
        String wsuId = setWsuId(findBodyElement);
        Transforms transforms = new Transforms(document);
        transforms.addTransform("http://www.w3.org/2001/10/xml-exc-c14n#");
        transforms.item(0).getElement().appendChild(new InclusiveNamespaces(document, getInclusivePrefixes(findBodyElement)).getElement());
        xMLSignature.addResourceResolver(EnvelopeIdResolver.getInstance(defaultWSConfig));
        xMLSignature.addDocument(new StringBuffer().append("#").append(wsuId).toString(), transforms);
        HashMap hashMap = (HashMap) this.msgContext.getProperty(Constants.SECURE_HEADERS);
        if (hashMap != null && (header = sOAPEnvelope.getHeader()) != null) {
            Iterator examineHeaderElements = header.examineHeaderElements(this.actor);
            while (examineHeaderElements.hasNext()) {
                SOAPHeaderElement sOAPHeaderElement = (SOAPHeaderElement) examineHeaderElements.next();
                String namespaceURI = sOAPHeaderElement.getNamespaceURI();
                String localName = sOAPHeaderElement.getElementName().getLocalName();
                QName qName = new QName(namespaceURI, localName);
                if (hashMap.containsKey(qName)) {
                    logger.debug(new StringBuffer().append("Sign header ").append(qName).toString());
                    Element element = (Element) document.getElementsByTagNameNS(namespaceURI, localName).item(0);
                    String wsuId2 = setWsuId(element);
                    Transforms transforms2 = new Transforms(document);
                    transforms2.addTransform("http://www.w3.org/2001/10/xml-exc-c14n#");
                    transforms2.item(0).getElement().appendChild(new InclusiveNamespaces(document, getInclusivePrefixes(element)).getElement());
                    xMLSignature.addDocument(new StringBuffer().append("#").append(wsuId2).toString(), transforms2);
                }
            }
        }
        xMLSignature.sign(new GSSPrivateKey(getContextId(), this.context));
        KeyInfo keyInfo = xMLSignature.getKeyInfo();
        SecurityTokenReference securityTokenReference = new SecurityTokenReference(defaultWSConfig, document);
        Reference reference = new Reference(defaultWSConfig, document);
        reference.setValueType(SecureConversationMessage.CONTEXT_TOKEN_VALUE_TYPE.toString());
        reference.setURI(new StringBuffer().append("#SecurityContextToken-").append(sOAPEnvelope.hashCode()).toString());
        securityTokenReference.setReference(reference);
        keyInfo.addUnknownElement(securityTokenReference.getElement());
        SecurityContextToken securityContextToken = new SecurityContextToken(document, getContextId());
        securityContextToken.setID(new StringBuffer().append("SecurityContextToken-").append(sOAPEnvelope.hashCode()).toString());
        WSSecurityUtil.prependChildElement(document, insertSecurityHeader, securityContextToken.getElement(), false);
        WSSecurityUtil.prependChildElement(document, insertSecurityHeader, xMLSignature.getElement(), false);
        logger.debug("Signing complete.");
        return EnvelopeConverter.getInstance().toSOAPMessage(document);
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$globus$wsrf$impl$security$authentication$signature$GssSignedSOAPEnvelopeBuilder == null) {
            cls = class$("org.globus.wsrf.impl.security.authentication.signature.GssSignedSOAPEnvelopeBuilder");
            class$org$globus$wsrf$impl$security$authentication$signature$GssSignedSOAPEnvelopeBuilder = cls;
        } else {
            cls = class$org$globus$wsrf$impl$security$authentication$signature$GssSignedSOAPEnvelopeBuilder;
        }
        logger = LogFactory.getLog(cls.getName());
        GSSConfig.init();
    }
}
