package WsSecurity.client;

import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.StringWriter;
import java.net.InetAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import java.util.Calendar;
import java.util.Date;
import java.util.Properties;
import javax.security.auth.login.Configuration;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import org.exolab.castor.xml.MarshalException;
import org.exolab.castor.xml.ValidationException;
import org.gateway.samla.Actions;
import org.gateway.samla.Assertion;
import org.gateway.samla.AssertionSpecifier;
import org.gateway.samla.AssertionTypeChoice;
import org.gateway.samla.AssertionTypeChoiceItem;
import org.gateway.samla.AudienceRestrictionCondition;
import org.gateway.samla.AuthenticationLocality;
import org.gateway.samla.AuthenticationStatement;
import org.gateway.samla.AuthorizationDecisionStatement;
import org.gateway.samla.Conditions;
import org.gateway.samla.ConditionsTypeItem;
import org.gateway.samla.NameIdentifier;
import org.gateway.samla.Subject;
import org.gateway.samla.SubjectConfirmation;
import org.gateway.samla.SubjectTypeSequence;
import org.gateway.samla.types.DecisionType;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.MessageProp;
import org.ietf.jgss.Oid;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:WEB-INF/lib/gw-security.jar:WsSecurity/client/KrbProcess.class */
public class KrbProcess extends secureSession {
    GSSContext gsscontext;
    Properties properties;
    DocumentBuilder _documentBuilder;

    public KrbProcess(String str) {
        super(str);
        this.gsscontext = null;
        this.properties = new Properties();
        InputStream resourceAsStream = getClass().getResourceAsStream("client.properties");
        if (null == resourceAsStream) {
            System.out.println(new StringBuffer().append("Can't locate file:").append("client.properties").toString());
        }
        try {
            this.properties.load(resourceAsStream);
        } catch (IOException e) {
            System.err.println("Properties loading failed in AppConfig");
        }
    }

    @Override // WsSecurity.client.secureSession
    public void initContext() throws Exception {
        String str = this.ticket;
        System.setProperty("KRB5CCNAME", str);
        String property = this.properties.getProperty("java.security.krb5.realm");
        String property2 = this.properties.getProperty("java.security.krb5.kdc");
        String property3 = this.properties.getProperty("javax.security.auth.useSubjectCredsOnly");
        String property4 = this.properties.getProperty("java.security.auth.login.config");
        Properties properties = System.getProperties();
        properties.put("java.security.krb5.realm", property);
        properties.put("java.security.krb5.kdc", property2);
        properties.put("javax.security.auth.useSubjectCredsOnly", property3);
        properties.put("java.security.auth.login.config", property4);
        System.setProperties(properties);
        String property5 = this.properties.getProperty("server.name");
        String property6 = this.properties.getProperty("server.hostname");
        String property7 = this.properties.getProperty("server.port");
        System.out.println(new StringBuffer().append("Port number: ").append(property7).toString());
        try {
            Socket socket = new Socket(property6, Integer.parseInt(property7.trim()));
            DataInputStream dataInputStream = new DataInputStream(socket.getInputStream());
            DataOutputStream dataOutputStream = new DataOutputStream(socket.getOutputStream());
            System.out.println(new StringBuffer().append("Connected to server ").append(socket.getInetAddress()).toString());
            Configuration.getConfiguration().refresh();
            Oid oid = new Oid("1.2.840.113554.1.2.2");
            Oid oid2 = new Oid("1.2.840.113554.1.2.2.1");
            GSSManager gSSManager = GSSManager.getInstance();
            GSSName createName = gSSManager.createName(property5, (Oid) null);
            String substring = str.substring(str.lastIndexOf("_") + 1);
            System.out.println(new StringBuffer().append("Kerberos User: ").append(substring).toString());
            this.gsscontext = gSSManager.createContext(createName, oid, gSSManager.createCredential(gSSManager.createName(substring, oid2), 0, oid, 1), 0);
            this.gsscontext.requestMutualAuth(true);
            this.gsscontext.requestConf(true);
            this.gsscontext.requestInteg(true);
            byte[] bArr = new byte[0];
            System.out.println(new StringBuffer().append("GSS Status: ").append(this.gsscontext.isEstablished()).toString());
            while (!this.gsscontext.isEstablished()) {
                bArr = this.gsscontext.initSecContext(bArr, 0, bArr.length);
                if (bArr != null) {
                    dataOutputStream.writeInt(bArr.length);
                    dataOutputStream.write(bArr);
                    dataOutputStream.flush();
                }
                if (!this.gsscontext.isEstablished()) {
                    bArr = new byte[dataInputStream.readInt()];
                    dataInputStream.readFully(bArr);
                }
            }
            System.out.println("Context Established! ");
            System.out.println(new StringBuffer().append("Client is ").append(this.gsscontext.getSrcName()).toString());
            System.out.println(new StringBuffer().append("Server is ").append(this.gsscontext.getTargName()).toString());
            if (this.gsscontext.getMutualAuthState()) {
                System.out.println("Mutual authentication(Client) took place!");
            }
            socket.close();
        } catch (IOException e) {
            System.out.println(new StringBuffer().append("IO Exception Error(Client)......: ").append(e).toString());
        } catch (GSSException e2) {
            System.out.println(new StringBuffer().append("GSS Exception error(Client)......: ").append(e2).toString());
        }
    }

    @Override // WsSecurity.client.secureSession
    public String assertionGenerator(String str) {
        System.out.println(new StringBuffer().append("Authenticated user: ").append(str).toString());
        if (str == null) {
            str = "gateway";
        }
        String[] strArr = {"5"};
        AssertionSpecifier assertionSpecifier = new AssertionSpecifier();
        Assertion assertion = new Assertion();
        assertion.setMajorVersion(1);
        assertion.setMinorVersion(0);
        try {
            assertion.setAssertionID(new StringBuffer().append(InetAddress.getLocalHost().getHostAddress()).append(".").append(String.valueOf(new Date().getTime())).toString());
        } catch (UnknownHostException e) {
        }
        assertion.setIssuer("Gateway Web Portal");
        assertion.setIssueInstant(Calendar.getInstance().getTime());
        Conditions conditions = new Conditions();
        Calendar calendar = Calendar.getInstance();
        calendar.add(12, (-1) * 5);
        Date time = calendar.getTime();
        calendar.add(12, 15);
        Date time2 = calendar.getTime();
        conditions.setNotBefore(time);
        conditions.setNotOnOrAfter(time2);
        AudienceRestrictionCondition audienceRestrictionCondition = new AudienceRestrictionCondition();
        audienceRestrictionCondition.setAudience(new String[]{"http://www.gatewayportal.org/agreement.xml"});
        ConditionsTypeItem conditionsTypeItem = new ConditionsTypeItem();
        conditionsTypeItem.setAudienceRestrictionCondition(audienceRestrictionCondition);
        conditions.setConditionsTypeItem(new ConditionsTypeItem[]{conditionsTypeItem});
        assertion.setConditions(conditions);
        AuthenticationStatement authenticationStatement = new AuthenticationStatement();
        authenticationStatement.setAuthenticationMethod("urn:ietf:rfc:1510");
        authenticationStatement.setAuthenticationInstant(Calendar.getInstance().getTime());
        AuthenticationLocality authenticationLocality = new AuthenticationLocality();
        try {
            String hostAddress = InetAddress.getLocalHost().getHostAddress();
            authenticationLocality.setDNSAddress(InetAddress.getLocalHost().getHostName());
            authenticationLocality.setIPAddress(hostAddress);
        } catch (UnknownHostException e2) {
        }
        authenticationStatement.setAuthenticationLocality(authenticationLocality);
        Subject subject = new Subject();
        SubjectTypeSequence subjectTypeSequence = new SubjectTypeSequence();
        NameIdentifier nameIdentifier = new NameIdentifier();
        nameIdentifier.setSecurityDomain("www.gatewayportal.org");
        nameIdentifier.setName(str);
        subjectTypeSequence.setNameIdentifier(nameIdentifier);
        SubjectConfirmation subjectConfirmation = new SubjectConfirmation();
        subjectConfirmation.setConfirmationMethod(new String[]{"urn:ietf:rfc:1510"});
        subjectConfirmation.setSubjectConfirmationData("A Kerberos Ticket");
        subjectTypeSequence.setSubjectConfirmation(subjectConfirmation);
        subject.setSubjectTypeSequence(subjectTypeSequence);
        authenticationStatement.setSubject(subject);
        AuthorizationDecisionStatement authorizationDecisionStatement = new AuthorizationDecisionStatement();
        authorizationDecisionStatement.setResource("AccessLevel");
        authorizationDecisionStatement.setDecision(DecisionType.PERMIT);
        authorizationDecisionStatement.setSubject(subject);
        Actions actions = new Actions();
        actions.setAction(strArr);
        authorizationDecisionStatement.setActions(actions);
        AssertionTypeChoice assertionTypeChoice = new AssertionTypeChoice();
        AssertionTypeChoiceItem assertionTypeChoiceItem = new AssertionTypeChoiceItem();
        assertionTypeChoiceItem.setAuthenticationStatement(authenticationStatement);
        assertionTypeChoice.setAssertionTypeChoiceItem(assertionTypeChoiceItem);
        assertion.addAssertionTypeChoice(assertionTypeChoice);
        AssertionTypeChoice assertionTypeChoice2 = new AssertionTypeChoice();
        AssertionTypeChoiceItem assertionTypeChoiceItem2 = new AssertionTypeChoiceItem();
        assertionTypeChoiceItem2.setAuthorizationDecisionStatement(authorizationDecisionStatement);
        assertionTypeChoice2.setAssertionTypeChoiceItem(assertionTypeChoiceItem2);
        assertion.addAssertionTypeChoice(assertionTypeChoice2);
        assertionSpecifier.setAssertion(assertion);
        StringWriter stringWriter = new StringWriter();
        try {
            assertionSpecifier.marshal(stringWriter);
        } catch (MarshalException e3) {
        } catch (ValidationException e4) {
        }
        return stringWriter.toString();
    }

    @Override // WsSecurity.client.secureSession
    public String wrapMessage(String str) {
        byte[] bytes = str.getBytes();
        byte[] bArr = null;
        try {
            bArr = this.gsscontext.wrap(bytes, 0, bytes.length, new MessageProp(0, true));
        } catch (GSSException e) {
            System.out.println(new StringBuffer().append("GSS Exception error(wrap:Client:) ").append(e).toString());
        }
        int[] iArr = new int[bArr.length];
        String[] strArr = new String[bArr.length];
        String str2 = "";
        for (int i = 0; i < bArr.length; i++) {
            iArr[i] = new Byte(bArr[i]).intValue();
            strArr[i] = String.valueOf(iArr[i]);
            str2 = new StringBuffer().append(str2).append(strArr[i]).append("+").toString();
        }
        return str2;
    }

    @Override // WsSecurity.client.secureSession
    public Element getSignHeaderElement(String str) {
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setNamespaceAware(true);
        try {
            this._documentBuilder = newInstance.newDocumentBuilder();
        } catch (ParserConfigurationException e) {
            System.out.println(new StringBuffer().append("Error during the _documentBuilder init").append(e).toString());
        }
        Document createDocument = this._documentBuilder.getDOMImplementation().createDocument("http://www.gatewayportal.org/sign.xsd", "DocName", null);
        Element createElementNS = createDocument.createElementNS("http://www.gatewayportal.org/sign.xsd", "Saml");
        Element createElementNS2 = createDocument.createElementNS("http://www.gatewayportal.org/sign.xsd", "SignedAssertion");
        Element createElementNS3 = createDocument.createElementNS("http://www.gatewayportal.org/sign.xsd", "SecurityMechanism");
        createElementNS3.appendChild(createDocument.createTextNode("Kerberos"));
        createElementNS2.appendChild(createDocument.createTextNode(str));
        createElementNS.appendChild(createElementNS2);
        createElementNS.appendChild(createElementNS3);
        return createElementNS;
    }

    @Override // WsSecurity.client.secureSession
    public Element getSignBodyElement(String str) {
        DocumentBuilder documentBuilder = null;
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setNamespaceAware(true);
        try {
            documentBuilder = newInstance.newDocumentBuilder();
        } catch (ParserConfigurationException e) {
            System.out.println(new StringBuffer().append("KrbProcess::Error during the _documentBuilder init").append(e).toString());
        }
        Document createDocument = documentBuilder.getDOMImplementation().createDocument("http://www.gatewayportal.org/signbody.xsd", "DocName", null);
        Element createElementNS = createDocument.createElementNS("http://www.gatewayportal.org/signbody.xsd", "SignedBody");
        createElementNS.appendChild(createDocument.createTextNode(str));
        return createElementNS;
    }
}
