package org.globus.ogsa.impl.security.authentication;

import javax.xml.rpc.handler.MessageContext;
import javax.xml.soap.SOAPEnvelope;
import javax.xml.soap.SOAPMessage;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.xml.security.signature.XMLSignature;
import org.globus.gsi.GlobusCredential;
import org.globus.gsi.gssapi.GlobusGSSCredentialImpl;
import org.globus.ogsa.impl.security.authentication.wssec.PKIPathSecurityToken;
import org.globus.ogsa.impl.security.authentication.wssec.Reference;
import org.globus.ogsa.impl.security.authentication.wssec.SecurityTokenReference;
import org.ietf.jgss.GSSCredential;
import org.w3c.dom.Document;

/* loaded from: input_file:org/globus/ogsa/impl/security/authentication/X509WSSignedSOAPEnvelopeBuilder.class */
public class X509WSSignedSOAPEnvelopeBuilder extends WSSecuritySOAPEnvelopeBuilder {
    private static Log logger;
    protected GSSCredential credential;
    static Class class$org$globus$ogsa$impl$security$authentication$X509WSSignedSOAPEnvelopeBuilder;

    public X509WSSignedSOAPEnvelopeBuilder(MessageContext messageContext, GSSCredential gSSCredential) {
        super(messageContext);
        this.credential = gSSCredential;
    }

    private GlobusCredential getCredential() throws Exception {
        if (this.credential == null) {
            return GlobusCredential.getDefaultCredential();
        }
        if (this.credential instanceof GlobusGSSCredentialImpl) {
            return this.credential.getGlobusCredential();
        }
        return null;
    }

    @Override // org.globus.ogsa.impl.security.authentication.WSSecuritySOAPEnvelopeBuilder
    public SOAPMessage buildMessage(SOAPEnvelope sOAPEnvelope) throws Exception {
        logger.debug("Beginning signing...");
        GlobusCredential credential = getCredential();
        if (credential == null) {
            throw new Exception("no credentials");
        }
        addSecurityHeader(sOAPEnvelope);
        Document asDocument = getAsDocument(sOAPEnvelope);
        String addBodyID = addBodyID(asDocument);
        XMLSignature xMLSignature = new XMLSignature(asDocument, this.baseURI, "http://www.w3.org/2000/09/xmldsig#rsa-sha1", "http://www.w3.org/2001/10/xml-exc-c14n#");
        xMLSignature.addResourceResolver(SOAPBodyIdResolver.getInstance());
        xMLSignature.addDocument(new StringBuffer().append("#").append(addBodyID).toString());
        String stringBuffer = new StringBuffer().append("token").append(System.currentTimeMillis()).toString();
        Reference reference = new Reference(asDocument);
        reference.setURI(new StringBuffer().append("#").append(stringBuffer).toString());
        SecurityTokenReference securityTokenReference = new SecurityTokenReference(asDocument);
        securityTokenReference.setReference(reference);
        xMLSignature.getKeyInfo().addUnknownElement(securityTokenReference.getElement());
        PKIPathSecurityToken pKIPathSecurityToken = new PKIPathSecurityToken(asDocument);
        pKIPathSecurityToken.setX509Certificates(credential.getCertificateChain(), true);
        pKIPathSecurityToken.setID(stringBuffer);
        insertIntoSecurityHeader(asDocument, xMLSignature.getElement());
        xMLSignature.sign(credential.getPrivateKey());
        insertIntoSecurityHeader(asDocument, pKIPathSecurityToken.getElement());
        logger.debug("Signing complete.");
        return toSOAPMessage(asDocument);
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$globus$ogsa$impl$security$authentication$X509WSSignedSOAPEnvelopeBuilder == null) {
            cls = class$("org.globus.ogsa.impl.security.authentication.X509WSSignedSOAPEnvelopeBuilder");
            class$org$globus$ogsa$impl$security$authentication$X509WSSignedSOAPEnvelopeBuilder = cls;
        } else {
            cls = class$org$globus$ogsa$impl$security$authentication$X509WSSignedSOAPEnvelopeBuilder;
        }
        logger = LogFactory.getLog(cls.getName());
    }
}
