package org.apache.wss4j.dom.action;

import java.util.ArrayList;
import java.util.List;
import javax.security.auth.callback.CallbackHandler;
import org.apache.wss4j.common.SecurityActionToken;
import org.apache.wss4j.common.SignatureActionToken;
import org.apache.wss4j.common.WSEncryptionPart;
import org.apache.wss4j.common.ext.WSPasswordCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.SOAPConstants;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.handler.WSHandler;
import org.apache.wss4j.dom.message.WSSecSignature;
import org.apache.wss4j.dom.message.WSSecUsernameToken;
import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.w3c.dom.Document;

/* loaded from: input_file:org/apache/wss4j/dom/action/UsernameTokenSignedAction.class */
public class UsernameTokenSignedAction implements Action {
    @Override // org.apache.wss4j.dom.action.Action
    public void execute(WSHandler wSHandler, SecurityActionToken securityActionToken, Document document, RequestData requestData) throws WSSecurityException {
        List<WSEncryptionPart> arrayList;
        CallbackHandler callbackHandler = requestData.getCallbackHandler();
        if (callbackHandler == null) {
            callbackHandler = wSHandler.getPasswordCallbackHandler(requestData);
        }
        WSPasswordCallback passwordCB = wSHandler.getPasswordCB(requestData.getUsername(), 64, callbackHandler, requestData);
        WSSecUsernameToken wSSecUsernameToken = new WSSecUsernameToken(requestData.getWssConfig());
        wSSecUsernameToken.addDerivedKey(requestData.isUseDerivedKeyForMAC(), null, requestData.getDerivedKeyIterations());
        wSSecUsernameToken.setUserInfo(requestData.getUsername(), passwordCB.getPassword());
        wSSecUsernameToken.addCreated();
        wSSecUsernameToken.addNonce();
        wSSecUsernameToken.prepare(document);
        SignatureActionToken signatureActionToken = null;
        if (securityActionToken instanceof SignatureActionToken) {
            signatureActionToken = (SignatureActionToken) securityActionToken;
        }
        if (signatureActionToken == null) {
            signatureActionToken = requestData.getSignatureToken();
        }
        WSSecSignature wSSecSignature = new WSSecSignature(requestData.getWssConfig());
        wSSecSignature.setCustomTokenValueType(WSConstants.WSS_USERNAME_TOKEN_VALUE_TYPE);
        wSSecSignature.setCustomTokenId(wSSecUsernameToken.getId());
        wSSecSignature.setSecretKey(wSSecUsernameToken.getDerivedKey());
        wSSecSignature.setKeyIdentifierType(9);
        if (signatureActionToken.getDigestAlgorithm() != null) {
            wSSecSignature.setDigestAlgo(signatureActionToken.getDigestAlgorithm());
        }
        if (signatureActionToken.getSignatureAlgorithm() != null) {
            wSSecSignature.setSignatureAlgorithm(signatureActionToken.getSignatureAlgorithm());
        } else {
            wSSecSignature.setSignatureAlgorithm(WSConstants.HMAC_SHA1);
        }
        wSSecSignature.prepare(document, null, requestData.getSecHeader());
        if (signatureActionToken.getParts().size() > 0) {
            arrayList = signatureActionToken.getParts();
        } else {
            SOAPConstants soapConstants = requestData.getSoapConstants();
            if (soapConstants == null) {
                soapConstants = WSSecurityUtil.getSOAPConstants(document.getDocumentElement());
            }
            arrayList = new ArrayList();
            arrayList.add(new WSEncryptionPart(WSConstants.ELEM_BODY, soapConstants.getEnvelopeURI(), "Content"));
        }
        try {
            wSSecSignature.computeSignature(wSSecSignature.addReferencesToSign(arrayList, requestData.getSecHeader()));
            requestData.getSignatureValues().add(wSSecSignature.getSignatureValue());
            wSSecUsernameToken.prependToHeader(requestData.getSecHeader());
        } catch (WSSecurityException e) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "empty", e, new Object[]{"WSHandler: Error during UsernameTokenSignature"});
        }
    }
}
