package com.tibco.bw.sharedresource.xrm;

import com.microsoft.aad.adal4j.ClientDataHttpHeaders;
import com.tibco.bw.sharedresource.xrm.assertors.AuthPolicy2011AssertionBuilder;
import com.tibco.bw.sharedresource.xrm.assertors.AuthPolicy2012AssertionBuilder;
import com.tibco.bw.sharedresource.xrm.assertors.AuthPolicyNegotiateAssertionBuilder;
import com.tibco.bw.sharedresource.xrm.assertors.AuthPolicyRsaTokenAssertionBuilder;
import com.tibco.bw.sharedresource.xrm.assertors.DiscovertyServiceAssertionBuilder;
import com.tibco.bw.sharedresource.xrm.assertors.FailPolicyAssertionBuilder;
import com.tibco.bw.sharedresource.xrm.assertors.ProcessCreateAssertionBuilder;
import com.tibco.bw.sharedresource.xrm.federation.HardcodedPassword;
import com.tibco.bw.sharedresource.xrm.federation.STSHelper;
import com.tibco.bw.sharedresource.xrm.federation.STSReader;
import com.tibco.bw.sharedresource.xrm.kerberos.FaultInterceptor;
import com.tibco.bw.sharedresource.xrm.kerberos.SPNDiscovery;
import com.tibco.bw.sharedresource.xrm.kerberos.SimpleCallbackHandler;
import com.tibco.bw.sharedresource.xrm.kerberos.XRMSpnegoClientAction;
import com.tibco.bw.sharedresource.xrm.logging.XRMLoggerWriter;
import com.tibco.bw.sharedresource.xrm.ntlm.NTLMAuthFaultInterceptor;
import com.tibco.bw.sharedresource.xrm.online.SecurityTokenCallback;
import com.tibco.bw.sharedresource.xrm.online.SecurityTokenInterceptor;
import com.tibco.bw.sharedresource.xrm.policy.QNamesCollection;
import com.tibco.bw.sharedresource.xrm.policy.XRMAuthPolicyProvider;
import com.tibco.bw.sharedresource.xrm.utils.JCEUtils;
import com.tibco.bw.sharedresource.xrm.utils.StringUtility;
import java.io.PrintWriter;
import java.io.Writer;
import java.net.URL;
import java.util.HashMap;
import java.util.Map;
import javax.xml.namespace.QName;
import javax.xml.ws.Service;
import javax.xml.ws.WebServiceFeature;
import javax.xml.ws.soap.AddressingFeature;
import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.common.util.StringUtils;
import org.apache.cxf.endpoint.Client;
import org.apache.cxf.endpoint.EndpointImpl;
import org.apache.cxf.frontend.ClientProxy;
import org.apache.cxf.interceptor.LoggingInInterceptor;
import org.apache.cxf.interceptor.LoggingOutInterceptor;
import org.apache.cxf.transport.http.HTTPConduit;
import org.apache.cxf.transport.http.asyncclient.AsyncHTTPConduit;
import org.apache.cxf.ws.policy.AssertionBuilderRegistry;
import org.apache.cxf.ws.policy.PolicyInterceptorProviderRegistry;
import org.apache.cxf.ws.security.SecurityConstants;
import org.apache.cxf.ws.security.policy.interceptors.SpnegoTokenInterceptorProvider;
import org.apache.cxf.ws.security.trust.STSClient;
import org.apache.http.auth.Credentials;
import org.apache.http.auth.NTCredentials;
import org.apache.wss4j.policy.SP11Constants;
import org.apache.wss4j.policy.SP12Constants;

/* loaded from: input_file:payload/TIB_bwplugindynamicscrm_6.7.0_common.zip:assemblies/assembly_tibco_com_tibco_bw_sharedresource_dynamicscrm_model_feature_6.7.0.001.zip:source/plugins/com.tibco.bw.sharedresource.dynamicscrm.model_6.7.0.001.jar:com/tibco/bw/sharedresource/xrm/AbstractServiceBase.class */
public abstract class AbstractServiceBase implements TokenStoreProvider {
    protected ConnectionConfiguration connection;
    protected Map<String, Object> tokenStore = new HashMap();
    private Boolean debug = null;

    static {
        System.setProperty("javax.xml.ws.spi.Provider", "org.apache.cxf.jaxws22.spi.ProviderImpl");
        JCEUtils.removeCryptographyRestrictions();
    }

    public boolean isDebug() {
        if (this.debug == null) {
            this.debug = Boolean.valueOf(ClientDataHttpHeaders.REQUEST_CORRELATION_ID_IN_RESPONSE_HEADER_VALUE.equalsIgnoreCase(XRMEnv.getProperty(XRMConstant.KEY_SERVICE_SOAP_DEBUG)));
        }
        return this.debug.booleanValue();
    }

    public void setDebug(boolean z) {
        this.debug = Boolean.valueOf(z);
    }

    public AbstractServiceBase(ConnectionConfiguration connectionConfiguration) {
        String str;
        StringBuilder sb = new StringBuilder();
        if (connectionConfiguration == null || !connectionConfiguration.validate(sb)) {
            str = "Connection validation fail! ";
            throw new IllegalArgumentException(sb.length() > 0 ? String.valueOf(str) + "Details: " + sb.toString() : "Connection validation fail! ");
        }
        this.connection = connectionConfiguration;
    }

    protected URL getWSDL_URL() {
        try {
            return new URL(String.valueOf(getEndpoint()) + "?wsdl");
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    protected abstract QName getServiceQName();

    protected abstract QName getPortQName();

    protected abstract String getEndpoint();

    /* JADX INFO: Access modifiers changed from: protected */
    public synchronized <T> T getPort(Class<T> cls) {
        Object port;
        try {
            Bus createBus = BusFactory.newInstance().createBus();
            createBus.setProperty("set-jaxb-validation-event-handler", "false");
            BusFactory.setThreadDefaultBus(createBus);
            if (this.connection.getAuthType() == AuthenticationType.NTLM) {
                if ("DiscoveryService".equals(getServiceQName().getLocalPart())) {
                    throw new UnsupportedOperationException("Doesn't support discovery web service with NTLM authentication");
                }
                Service create = Service.create(getServiceQName());
                create.addPort(getPortQName(), "http://schemas.xmlsoap.org/wsdl/soap/http", String.valueOf(getEndpoint()) + "/web");
                port = create.getPort(getPortQName(), cls);
            } else if (this.connection.getAuthType() == AuthenticationType.OnlineFederation) {
                Service create2 = Service.create(getServiceQName());
                create2.addPort(getPortQName(), "http://www.w3.org/2003/05/soap/bindings/HTTP/", getEndpoint());
                port = create2.getPort(getPortQName(), cls, new WebServiceFeature[]{new AddressingFeature()});
            } else {
                port = Service.create(getWSDL_URL(), getServiceQName()).getPort(cls);
            }
            setupClient(ClientProxy.getClient(port));
            return (T) port;
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    protected void setupClient(Client client) {
        if (isDebug()) {
            client.getInInterceptors().add(new LoggingInInterceptor(new PrintWriter((Writer) new XRMLoggerWriter(), true)));
            client.getOutInterceptors().add(new LoggingOutInterceptor(new PrintWriter((Writer) new XRMLoggerWriter(), true)));
        }
        AuthenticationType authType = this.connection.getAuthType();
        if (ServerType.ONLINE.equals(this.connection.getServerType())) {
            setupClientForOnline(client);
        } else if (AuthenticationType.NTLM.equals(authType)) {
            setupClientForNTLM(client);
        } else if (AuthenticationType.Kerberos.equals(authType)) {
            setupClientForKerberos(client);
        } else if (AuthenticationType.Federation.equals(authType)) {
            setupClientForFederation(client);
        }
        HTTPConduit hTTPConduit = (HTTPConduit) client.getConduit();
        hTTPConduit.getClient().setConnectionTimeout(this.connection.getTimeout() * 1000);
        hTTPConduit.getClient().setReceiveTimeout(0L);
        ProxySetting proxySetting = this.connection.getProxySetting();
        if (proxySetting == null || AuthenticationType.Kerberos.equals(authType)) {
            return;
        }
        hTTPConduit.getClient().setProxyServer(proxySetting.getHost());
        hTTPConduit.getClient().setProxyServerPort(proxySetting.getPort());
        if (StringUtility.isNotNullOrBlank(proxySetting.getUsername())) {
            hTTPConduit.getProxyAuthorization().setUserName(proxySetting.getUsername());
            hTTPConduit.getProxyAuthorization().setPassword(proxySetting.getPassword());
        }
    }

    protected void setupClientForOnline(Client client) {
        Bus bus = ((EndpointImpl) client.getEndpoint()).getBus();
        HashMap hashMap = new HashMap();
        hashMap.put("o", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
        hashMap.put("u", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
        client.getRequestContext().put("soap.env.ns.map", hashMap);
        bus.setProperty(XRMConstant.XRM_TOKEN_CALLBACK, new SecurityTokenCallback(this.connection, getEndpoint(), this));
        bus.getOutInterceptors().add(new SecurityTokenInterceptor());
    }

    protected void setupClientForNTLM(Client client) {
        if (System.getProperties() != null) {
            if (System.getProperty("java.security.auth.login.config") != null) {
                System.clearProperty("java.security.auth.login.config");
            }
            if (System.getProperty("java.security.krb5.conf") != null) {
                System.clearProperty("java.security.krb5.conf");
            }
        }
        String[] splitDomainAndUsername = StringUtility.splitDomainAndUsername(this.connection.getUsername());
        client.getRequestContext().put(Credentials.class.getName(), new NTCredentials(splitDomainAndUsername[1], this.connection.getPassword(), "", splitDomainAndUsername[0]));
        Bus bus = ((EndpointImpl) client.getEndpoint()).getBus();
        bus.getOutInterceptors().add(new NTLMAuthFaultInterceptor());
        bus.setProperty(AsyncHTTPConduit.USE_ASYNC, ClientDataHttpHeaders.REQUEST_CORRELATION_ID_IN_RESPONSE_HEADER_VALUE);
        HTTPConduit hTTPConduit = (HTTPConduit) client.getConduit();
        if (hTTPConduit instanceof AsyncHTTPConduit) {
            AsyncHTTPConduit asyncHTTPConduit = (AsyncHTTPConduit) hTTPConduit;
            asyncHTTPConduit.getClient().setAllowChunking(false);
            asyncHTTPConduit.getClient().setAutoRedirect(true);
            asyncHTTPConduit.getClient().setMaxRetransmits(1);
        }
    }

    protected void setupClientForKerberos(Client client) {
        String loginModuleFilePath = this.connection.getLoginModuleFilePath();
        String krb5FilePath = this.connection.getKrb5FilePath();
        if (!StringUtils.isEmpty(loginModuleFilePath)) {
            System.setProperty("java.security.auth.login.config", loginModuleFilePath);
        }
        if (!StringUtils.isEmpty(krb5FilePath)) {
            System.setProperty("java.security.krb5.conf", krb5FilePath);
        }
        Bus bus = ((EndpointImpl) client.getEndpoint()).getBus();
        bus.getProperties().put("soap.no.validate.parts", true);
        bus.getInInterceptors().add(new FaultInterceptor());
        ((PolicyInterceptorProviderRegistry) bus.getExtension(PolicyInterceptorProviderRegistry.class)).register(new XRMAuthPolicyProvider());
        AssertionBuilderRegistry assertionBuilderRegistry = (AssertionBuilderRegistry) bus.getExtension(AssertionBuilderRegistry.class);
        if (assertionBuilderRegistry != null) {
            assertionBuilderRegistry.registerBuilder(new AuthPolicy2011AssertionBuilder());
            assertionBuilderRegistry.registerBuilder(new AuthPolicy2012AssertionBuilder());
            assertionBuilderRegistry.registerBuilder(new FailPolicyAssertionBuilder());
            assertionBuilderRegistry.registerBuilder(new DiscovertyServiceAssertionBuilder());
            assertionBuilderRegistry.registerBuilder(new ProcessCreateAssertionBuilder());
        }
        SimpleCallbackHandler simpleCallbackHandler = new SimpleCallbackHandler(this.connection.getUsername(), this.connection.getPassword());
        String krb5JaasClient = this.connection.getKrb5JaasClient();
        String krb5SPN = this.connection.getKrb5SPN();
        if (krb5SPN == null || krb5SPN.length() == 0) {
            krb5SPN = (String) this.connection.getContextProperty(XRMConstant.XRM_KERBEROS_SPN);
            if (krb5SPN == null || krb5SPN.length() == 0) {
                krb5SPN = new SPNDiscovery(bus, getWSDL_URL().toString()).discoverySPN();
                if (krb5SPN == null || krb5SPN.length() == 0) {
                    throw new IllegalArgumentException("SPN is empty");
                }
                this.connection.setContextProperty(XRMConstant.XRM_KERBEROS_SPN, krb5SPN);
            }
        }
        client.getRequestContext().put(SecurityConstants.TIMESTAMP_TTL, "600");
        client.getRequestContext().put(SecurityConstants.TIMESTAMP_FUTURE_TTL, "180");
        client.getRequestContext().put(SecurityConstants.KERBEROS_JAAS_CONTEXT_NAME, krb5JaasClient);
        client.getRequestContext().put(SecurityConstants.KERBEROS_SPN, krb5SPN);
        client.getRequestContext().put(SecurityConstants.CALLBACK_HANDLER, simpleCallbackHandler);
        client.getRequestContext().put(SecurityConstants.SPNEGO_CLIENT_ACTION, new XRMSpnegoClientAction());
    }

    /* JADX WARN: Type inference failed for: r0v20, types: [java.lang.Throwable, com.tibco.bw.sharedresource.xrm.ConnectionConfiguration] */
    protected void setupClientForFederation(Client client) {
        Bus bus = ((EndpointImpl) client.getEndpoint()).getBus();
        PolicyInterceptorProviderRegistry policyInterceptorProviderRegistry = (PolicyInterceptorProviderRegistry) bus.getExtension(PolicyInterceptorProviderRegistry.class);
        policyInterceptorProviderRegistry.unregister(SP11Constants.SPNEGO_CONTEXT_TOKEN);
        policyInterceptorProviderRegistry.unregister(SP12Constants.SPNEGO_CONTEXT_TOKEN);
        policyInterceptorProviderRegistry.register(new SpnegoTokenInterceptorProvider());
        policyInterceptorProviderRegistry.register(new XRMAuthPolicyProvider());
        AssertionBuilderRegistry assertionBuilderRegistry = (AssertionBuilderRegistry) bus.getExtension(AssertionBuilderRegistry.class);
        if (assertionBuilderRegistry != null) {
            assertionBuilderRegistry.registerBuilder(new AuthPolicy2011AssertionBuilder());
            assertionBuilderRegistry.registerBuilder(new AuthPolicyNegotiateAssertionBuilder());
            assertionBuilderRegistry.registerBuilder(new AuthPolicyRsaTokenAssertionBuilder());
        }
        String sts_wsdl_url = this.connection.getSTS_WSDL_URL();
        if (sts_wsdl_url == null || sts_wsdl_url.length() == 0) {
            synchronized (this.connection) {
                sts_wsdl_url = (String) this.connection.getContextProperty(XRMConstant.XRM_FEDERATION_STS_WSDL);
                if (sts_wsdl_url == null || sts_wsdl_url.length() == 0) {
                    sts_wsdl_url = new STSReader(bus, getWSDL_URL().toString()).getSTSWSDLLocation();
                    if (sts_wsdl_url == null || sts_wsdl_url.length() == 0) {
                        throw new IllegalArgumentException("STS WSDL URL is empty");
                    }
                    this.connection.setContextProperty(XRMConstant.XRM_FEDERATION_STS_WSDL, sts_wsdl_url);
                }
            }
        }
        QName sTSEndpoint = STSHelper.getSTSEndpoint();
        STSClient sTSClient = new STSClient(bus);
        sTSClient.setSoap12();
        sTSClient.setWsdlLocation(sts_wsdl_url);
        sTSClient.setServiceQName(QNamesCollection.SECURITY_TOKEN_SERVICE);
        sTSClient.setEndpointQName(sTSEndpoint);
        sTSClient.setSendRenewing(false);
        if (isDebug()) {
            sTSClient.getInInterceptors().add(new LoggingInInterceptor());
            sTSClient.getOutInterceptors().add(new LoggingOutInterceptor());
        }
        client.getRequestContext().put(SecurityConstants.STS_CLIENT_SOAP12_BINDING, ClientDataHttpHeaders.REQUEST_CORRELATION_ID_IN_RESPONSE_HEADER_VALUE);
        HashMap hashMap = new HashMap();
        hashMap.put(SecurityConstants.USERNAME, this.connection.getUsername());
        hashMap.put(SecurityConstants.CALLBACK_HANDLER, new HardcodedPassword(this.connection.getPassword()));
        sTSClient.setProperties(hashMap);
        Map<String, Object> requestContext = client.getRequestContext();
        requestContext.put(SecurityConstants.STS_CLIENT, sTSClient);
        requestContext.put(SecurityConstants.TIMESTAMP_TTL, "600");
        requestContext.put(SecurityConstants.TIMESTAMP_FUTURE_TTL, "180");
    }

    @Override // com.tibco.bw.sharedresource.xrm.TokenStoreProvider
    public Object getToken(String str) {
        return this.tokenStore.get(str);
    }

    @Override // com.tibco.bw.sharedresource.xrm.TokenStoreProvider
    public void setToken(String str, Object obj) {
        this.tokenStore.put(str, obj);
    }
}
