package WsSecurity.server;

import java.io.StringReader;
import java.util.Date;
import java.util.Enumeration;
import java.util.Hashtable;
import javax.servlet.http.HttpServletRequest;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import org.apache.axis.message.SOAPBodyElement;
import org.apache.axis.message.SOAPEnvelope;
import org.apache.xpath.compiler.PsuedoNames;
import org.exolab.castor.xml.MarshalException;
import org.exolab.castor.xml.ValidationException;
import org.gateway.samla.Assertion;
import org.gateway.samla.AssertionSpecifier;
import org.gateway.samla.AuthorizationDecisionStatement;
import org.gateway.samla.Conditions;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.InputSource;

/* loaded from: input_file:WEB-INF/lib/gw-security.jar:WsSecurity/server/samlNosecurityProcess.class */
public class samlNosecurityProcess extends checkSecurity {
    DocumentBuilder _documentBuilder;

    public samlNosecurityProcess(String str, String str2, HttpServletRequest httpServletRequest) {
        super(str, str2, httpServletRequest);
    }

    @Override // WsSecurity.server.checkSecurity
    public String unwrapHeaderMessage() {
        Element documentElement = getDocument(this.signedAssertion).getDocumentElement();
        System.out.println(new StringBuffer().append("unwrapHeaderMessage::Tag: ").append(documentElement.getTagName()).toString());
        NodeList childNodes = documentElement.getChildNodes();
        Node node = null;
        for (int i = 0; i < childNodes.getLength(); i++) {
            node = childNodes.item(i);
            String nodeName = node.getNodeName();
            int indexOf = nodeName.indexOf(":");
            if (indexOf != -1) {
                nodeName = nodeName.substring(indexOf + 1);
            }
            if (nodeName != PsuedoNames.PSEUDONAME_TEXT && nodeName.equals("SignedAssertion")) {
                break;
            }
        }
        Element element = (Element) node;
        System.out.println(new StringBuffer().append("unwrapHeaderMessage::First Child: ").append(element.getTagName()).toString());
        String nodeValue = element.getChildNodes().item(0).getNodeValue();
        System.out.println(new StringBuffer().append("unwrapHeaderMessage::Test print: ").append(nodeValue).toString());
        return nodeValue;
    }

    @Override // WsSecurity.server.checkSecurity
    public String unwrapBodyMessage() {
        Element documentElement = getDocument(this.signedBody).getDocumentElement();
        System.out.println(new StringBuffer().append("unwrapBodyMessage::Tag: ").append(documentElement.getTagName()).toString());
        String nodeValue = documentElement.getChildNodes().item(0).getNodeValue();
        System.out.println(new StringBuffer().append("unwrapBodyMessage::Test print: ").append(nodeValue).toString());
        return nodeValue;
    }

    @Override // WsSecurity.server.checkSecurity
    public String buildSOAPEnvelope(String str) {
        SOAPEnvelope sOAPEnvelope = new SOAPEnvelope();
        Element documentElement = getDocument(str).getDocumentElement();
        System.out.println(new StringBuffer().append("buildSOAPEnvelope::Tag: ").append(documentElement.getTagName()).toString());
        sOAPEnvelope.addBodyElement(new SOAPBodyElement(documentElement));
        String sOAPEnvelope2 = sOAPEnvelope.toString();
        System.out.println(new StringBuffer().append("buildSOAPEnvelope::soapMessage: ").append(sOAPEnvelope2).toString());
        return sOAPEnvelope2;
    }

    @Override // WsSecurity.server.checkSecurity
    public boolean testValidity(String str) {
        boolean z = true;
        AssertionSpecifier assertionSpecifier = null;
        new AssertionSpecifier();
        new SAMLUtils();
        try {
            assertionSpecifier = AssertionSpecifier.unmarshal(new StringReader(str));
        } catch (MarshalException e) {
            System.out.println(new StringBuffer().append("testValidity::org.exolab.castor.xml.MarshalException.....").append(e).toString());
        } catch (ValidationException e2) {
            System.out.println(new StringBuffer().append("testValidity::org.exolab.castor.xml.ValidationException.....").append(e2).toString());
        }
        if (assertionSpecifier == null) {
            System.out.println("testValidity::Your assertion is not existed.......");
            return false;
        }
        Assertion assertion = assertionSpecifier.getAssertion();
        String issuer = assertion.getIssuer();
        if (!"Gateway Web Portal".equals(issuer)) {
            System.out.println(new StringBuffer().append("testValidity::Issuer Error: ").append(issuer).toString());
            return false;
        }
        Conditions conditions = assertion.getConditions();
        Date notBefore = conditions.getNotBefore();
        Date notOnOrAfter = conditions.getNotOnOrAfter();
        Date date = new Date();
        System.out.println(new StringBuffer().append("testValidity::notbefore: ").append(notBefore.toString()).toString());
        System.out.println(new StringBuffer().append("testValidity::notonorafter: ").append(notOnOrAfter.toString()).toString());
        System.out.println(new StringBuffer().append("testValidity::now: ").append(date.toString()).toString());
        System.out.println(new StringBuffer().append("testValidity::notbefore: ").append(notBefore.before(date)).toString());
        System.out.println(new StringBuffer().append("testValidity::notonorafter: ").append(notOnOrAfter.after(date)).toString());
        if (!notBefore.before(date) || !notOnOrAfter.after(date)) {
            System.out.println("testValidity::Date:....");
            return false;
        }
        if ("http://www.gatewayportal.org/agreement.xml".compareTo("") != 0) {
            String[] audience = conditions.getConditionsTypeItem()[0].getAudienceRestrictionCondition().getAudience();
            if (!audience[0].equals("http://www.gatewayportal.org/agreement.xml")) {
                System.out.println(new StringBuffer().append("testValidity::Audience Error: ").append(audience[0]).toString());
                return false;
            }
        }
        if (getAccessLevel(assertionSpecifier) < 4) {
            System.out.println("You are not authorized for this resources.");
            z = false;
        }
        return z;
    }

    private Document getDocument(String str) {
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setNamespaceAware(true);
        Document document = null;
        try {
            this._documentBuilder = newInstance.newDocumentBuilder();
            document = this._documentBuilder.parse(new InputSource(new StringReader(str)));
        } catch (ParserConfigurationException e) {
            System.out.println(new StringBuffer().append("getSignedAssertion::Error during the _documentBuilder init").append(e).toString());
        } catch (Exception e2) {
            System.out.println(new StringBuffer().append("getSignedAssertion::Error: ").append(e2).toString());
        }
        return document;
    }

    private int getAccessLevel(AssertionSpecifier assertionSpecifier) {
        int i = 0;
        Hashtable assertionList = new SAMLUtils().getAssertionList(assertionSpecifier);
        Enumeration keys = assertionList.keys();
        AuthorizationDecisionStatement authorizationDecisionStatement = null;
        while (true) {
            if (!keys.hasMoreElements()) {
                break;
            }
            Integer num = (Integer) keys.nextElement();
            if (num.intValue() == 1) {
                authorizationDecisionStatement = (AuthorizationDecisionStatement) assertionList.get(num);
                break;
            }
        }
        if (authorizationDecisionStatement.getResource().compareTo("AccessLevel") == 0) {
            i = Integer.parseInt(authorizationDecisionStatement.getActions().getAction()[0]);
        }
        return i;
    }
}
