package org.eclipse.stardust.engine.extensions.jaxws.wssecurity;

import java.io.UnsupportedEncodingException;
import java.security.NoSuchAlgorithmException;
import java.util.Random;
import java.util.concurrent.atomic.AtomicLong;
import javax.xml.bind.JAXBElement;
import javax.xml.bind.JAXBException;
import javax.xml.datatype.DatatypeConfigurationException;
import javax.xml.namespace.QName;
import javax.xml.soap.SOAPElement;
import javax.xml.soap.SOAPException;
import javax.xml.soap.SOAPHeader;
import org.eclipse.stardust.common.error.PublicException;
import org.eclipse.stardust.common.utils.xml.jaxb.Jaxb;
import org.eclipse.stardust.engine.api.runtime.BpmRuntimeError;
import org.eclipse.stardust.engine.extensions.jaxws.app.AuthenticationParameters;
import org.eclipse.stardust.engine.extensions.jaxws.wssecurity.Password;

/* loaded from: input_file:lib/carnot-engine.jar:org/eclipse/stardust/engine/extensions/jaxws/wssecurity/WSSecurity.class */
public final class WSSecurity {
    static final String WS_SECURITY_UTILITY_NAMESPACE = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
    private static final String WS_SECURITY_UTILITY_PREFIX = "wsu";
    public static final WSSecurity INSTANCE = new WSSecurity();
    static final String WS_SECURITY_NAMESPACE = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
    private static final String WS_SECURITY_PREFIX = "wsse";
    private static final QName Security_QNAME = new QName(WS_SECURITY_NAMESPACE, "Security", WS_SECURITY_PREFIX);
    private Random rnd = new Random();
    private AtomicLong counter = new AtomicLong(1);

    private WSSecurity() {
    }

    public void setWSSHeaders(SOAPHeader sOAPHeader, AuthenticationParameters authenticationParameters) throws SOAPException, JAXBException, UnsupportedEncodingException, NoSuchAlgorithmException, DatatypeConfigurationException {
        if (authenticationParameters == null || !"ws-security".equals(authenticationParameters.getMechanism())) {
            return;
        }
        if (authenticationParameters.getUsername() == null) {
            throw new PublicException(BpmRuntimeError.IPPWS_WS_SECURITY_AUTHENTICATION_REQUIRES_USERNAME.raise());
        }
        registerPrefix(sOAPHeader, WS_SECURITY_NAMESPACE, WS_SECURITY_PREFIX);
        registerPrefix(sOAPHeader, WS_SECURITY_UTILITY_NAMESPACE, WS_SECURITY_UTILITY_PREFIX);
        String createNonce = createNonce();
        Security newInstance = Security.newInstance("http://www.w3.org/2003/05/soap-envelope".equals(sOAPHeader.getNamespaceURI()));
        newInstance.timestamp = new Timestamp();
        newInstance.usernameToken = new UsernameToken();
        newInstance.usernameToken.username = authenticationParameters.getUsername();
        newInstance.usernameToken.password = "passwordDigest".equals(authenticationParameters.getVariant()) ? new Password.Digest(createNonce, newInstance.timestamp, authenticationParameters.getPassword()) : new Password.Text(authenticationParameters.getPassword());
        newInstance.usernameToken.nonce = new Nonce(createNonce);
        newInstance.usernameToken.created = newInstance.timestamp.created;
        Jaxb.marshall(sOAPHeader, new JAXBElement(Security_QNAME, newInstance.getClass(), (Class) null, newInstance));
    }

    private String createNonce() {
        int nextInt = this.rnd.nextInt(8) + 12;
        StringBuilder sb = new StringBuilder(nextInt);
        for (int i = 0; i < nextInt; i++) {
            sb.append((char) (this.rnd.nextInt(95) + 33));
        }
        sb.append(this.counter.getAndIncrement());
        return sb.toString();
    }

    private void registerPrefix(SOAPElement sOAPElement, String str, String str2) throws SOAPException {
        if (sOAPElement.lookupPrefix(str) == null) {
            sOAPElement.addNamespaceDeclaration(str2, str);
        }
    }
}
