package com.filenet.apiimpl.wsi;

import com.filenet.api.authentication.Credentials;
import com.filenet.api.authentication.OpenTokenCredentials;
import com.filenet.api.authentication.SubjectCredentials;
import com.filenet.api.authentication.UsernameCredentials;
import com.filenet.api.constants.ConfigurationParameter;
import com.filenet.api.core.Connection;
import com.filenet.api.exception.EngineRuntimeException;
import com.filenet.api.exception.ExceptionCode;
import com.filenet.api.util.UserContext;
import com.filenet.apiimpl.constants.Charsets;
import com.filenet.apiimpl.core.ConnectionImpl;
import com.filenet.apiimpl.exception.ExceptionContext;
import com.filenet.apiimpl.transport.ClientCallContext;
import com.filenet.apiimpl.transport.Message;
import com.filenet.apiimpl.transport.Request;
import com.filenet.apiimpl.transport.Response;
import com.filenet.apiimpl.transport.TransportLogger;
import com.filenet.apiimpl.util.AuthToken;
import com.filenet.apiimpl.util.ConfigValueLookup;
import com.filenet.apiimpl.util.J2EEUtil;
import com.filenet.apiimpl.util.SessionContext;
import com.filenet.apiimpl.util.SubSystem;
import com.filenet.apiimpl.wsi.serialization.Names;
import java.io.UnsupportedEncodingException;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.security.AccessController;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.text.DecimalFormat;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.TimeZone;
import javax.security.auth.Subject;

/* loaded from: input_file:com/filenet/apiimpl/wsi/ClientOperation.class */
public abstract class ClientOperation {
    private final ServiceSessionWsi session;
    private final String operation;
    private final ConnectionImpl connection;
    private final ClientCallContext context;
    private final Request request;
    private Response response;
    private Throwable exception;
    private SessionContext savedSessionContext;
    private static ThreadLocal<WSICredential> overrideCredential = new ThreadLocal<>();
    private static final TransportLogger logger = TransportLogger.getLogger(ClientOperation.class, SubSystem.WSI);
    private static String DEFAULT_BUILD = ConfigValueLookup.getValue(ConfigValueLookup.BUILD_VERSION, "unknown").trim();
    private static final String CUSTOM_CRED_CLASS = ConfigValueLookup.getValue(ConfigValueLookup.WSI_CUSTOM_CREDENTIAL_CLASS, "com.filenet.apiimpl.wsi.WSICredential");
    private static final String CUSTOM_USER_METHOD = ConfigValueLookup.getValue(ConfigValueLookup.WSI_CUSTOM_CREDENTIAL_USER_METHOD, ConfigValueLookup.WSI_CUSTOM_CREDENTIAL_USER_METHOD_DEFAULT);
    private static final String CUSTOM_PASS_METHOD = ConfigValueLookup.getValue(ConfigValueLookup.WSI_CUSTOM_CREDENTIAL_PASSWORD_METHOD, ConfigValueLookup.WSI_CUSTOM_CREDENTIAL_PASSWORD_METHOD_DEFAULT);
    private static final Class[] NO_PARAMS_TYPES;
    private static final Object[] NO_PARAMS;

    protected ClientOperation(ServiceSessionWsi serviceSessionWsi, String str, ConnectionImpl connectionImpl, Request request, ClientCallContext clientCallContext) {
        this.session = serviceSessionWsi;
        this.operation = str;
        this.connection = connectionImpl;
        this.request = request;
        this.context = clientCallContext;
    }

    protected abstract Response execute() throws Exception;

    public static void setThreadCredential(WSICredential wSICredential) {
        overrideCredential.set(wSICredential);
    }

    Response run() {
        EngineRuntimeException finish;
        init();
        try {
            try {
                start();
                this.response = execute();
                finish = finish();
            } catch (Throwable th) {
                error(th);
                finish = finish();
            }
            if (finish == null) {
                return this.response;
            }
            throw finish;
        } catch (Throwable th2) {
            finish();
            throw th2;
        }
    }

    private void init() {
        this.savedSessionContext = SessionContext.getSessionContext();
        this.exception = null;
    }

    private void start() throws Exception {
        traceRequest();
        setSessionContext(this.session, this.connection, this.request);
        setCallContext(this.session, this.connection, this.context);
    }

    private EngineRuntimeException finish() {
        SessionContext.setSessionContext(this.savedSessionContext);
        EngineRuntimeException evaluate = evaluate(this.exception);
        traceResponse(evaluate);
        return evaluate;
    }

    protected void error(Throwable th) {
        if (th == null || this.exception == null) {
            this.exception = th;
        }
    }

    private static EngineRuntimeException evaluate(Throwable th) {
        if (th == null) {
            return null;
        }
        Throwable cause = th.getCause();
        while (true) {
            Throwable th2 = cause;
            if (th2 == null) {
                break;
            }
            if (th2 instanceof EngineRuntimeException) {
                th = th2;
            }
            cause = th2.getCause();
        }
        return th instanceof EngineRuntimeException ? (EngineRuntimeException) th : th instanceof Error ? new EngineRuntimeException(th, ExceptionCode.E_UNEXPECTED_EXCEPTION, (Object[]) null) : new EngineRuntimeException(th, ExceptionCode.E_EXCEPTION_RETRY, (Object[]) null);
    }

    private void traceRequest() throws Exception {
        if (logger.isCallTraceEnabled() && (this.request instanceof Message)) {
            logger.traceRequest(this.context, this.operation, (Message) this.request);
        }
    }

    private void traceResponse(EngineRuntimeException engineRuntimeException) {
        if (engineRuntimeException != null) {
            logger.traceException(this.context, this.operation, engineRuntimeException, System.currentTimeMillis());
        } else if (this.response instanceof Message) {
            logger.traceResponse(this.context, this.operation, (Message) this.response, System.currentTimeMillis());
        }
    }

    private static void setSessionContext(ServiceSessionWsi serviceSessionWsi, Connection connection, Request request) {
        SessionContext.setSessionContext(new SessionContext(connection));
        ClientBinding binding = serviceSessionWsi.getBinding();
        ClientInfo.setBinding(binding.getType());
        ClientInfo.setVersion(binding.getVersion());
        ClientInfo.setRequest(request);
    }

    protected abstract void setCallContext(ServiceSessionWsi serviceSessionWsi, ConnectionImpl connectionImpl, ClientCallContext clientCallContext);

    protected static void setCallContextHelper(Map<String, Object> map, ClientCallContext clientCallContext) {
        Security soapEnvelopeSecurity = getSoapEnvelopeSecurity();
        Localization soapEnvelopeLocalization = getSoapEnvelopeLocalization(clientCallContext);
        ApiContext soapEnvelopeApiContext = getSoapEnvelopeApiContext(clientCallContext);
        map.put("Security", soapEnvelopeSecurity);
        map.put(Names.LOCALIZATION_HEADER, soapEnvelopeLocalization);
        map.put(Names.API_CONTEXT_HEADER, soapEnvelopeApiContext);
        map.put(ClientInfo.WSDL_VERSION, SessionContext.getRuntimeValues().get(ClientInfo.WSDL_VERSION));
    }

    public static Localization getSoapEnvelopeLocalization(ClientCallContext clientCallContext) {
        Localization localization = new Localization();
        if (clientCallContext == null || !(clientCallContext.getParam(ClientCallContext.LOCALE) instanceof String)) {
            UserContext userContext = UserContext.get();
            localization.Locale = userContext.getLocale().getLanguage() + "-" + userContext.getLocale().getCountry();
        } else {
            localization.Locale = (String) clientCallContext.getParam(ClientCallContext.LOCALE);
        }
        int offset = TimeZone.getDefault().getOffset(System.currentTimeMillis());
        String str = "+";
        if (offset < 0) {
            str = "-";
            offset = -offset;
        }
        DecimalFormat decimalFormat = new DecimalFormat("00");
        localization.Timezone = str + decimalFormat.format(offset / 3600000) + ":" + decimalFormat.format(offset % 3600000);
        return localization;
    }

    public static ApiContext getSoapEnvelopeApiContext(ClientCallContext clientCallContext) {
        ApiContext apiContext = new ApiContext();
        apiContext.type = "Java";
        if (clientCallContext != null) {
            apiContext.version = Integer.valueOf(clientCallContext.getClientVersion());
            apiContext.build = (String) clientCallContext.getParam(ClientCallContext.CLIENT_BUILD);
            apiContext.threadId = (String) clientCallContext.getParam(ClientCallContext.CLIENT_THREAD_ID);
        }
        if (apiContext.version == null) {
            apiContext.version = Integer.valueOf(ClientCallContext.VERSION_DEFAULT);
        }
        if (apiContext.threadId == null) {
            apiContext.threadId = ApiContext.getClientThreadId();
        }
        if (apiContext.build == null) {
            apiContext.build = DEFAULT_BUILD;
        }
        return apiContext;
    }

    public static Security getSoapEnvelopeSecurity() {
        return getCredential().getSecurityToken();
    }

    public static WSICredential getCredential() {
        EngineRuntimeException engineRuntimeException;
        WSICredential wSICredential = overrideCredential.get();
        if (wSICredential != null) {
            if (logger.isDetailTraceEnabled()) {
                logger.traceDetail("ClientOperation returns override credential " + wSICredential);
            }
            return wSICredential;
        }
        Credentials current = Credentials.getCurrent();
        if (current == null) {
            throw new EngineRuntimeException(ExceptionCode.SECURITY_INVALID_CREDENTIALS, (Object[]) null, ExceptionContext.SECURITY_NO_SECURITY_CONTEXT, (Object[]) null);
        }
        if (current instanceof OpenTokenCredentials) {
            OpenTokenCredentials openTokenCredentials = (OpenTokenCredentials) current;
            AuthToken authToken = new AuthToken();
            authToken.setTokenType(AuthToken.TokenType.OAUTH_TOKEN);
            authToken.setTokenName(UsernameToken.USER_NAME_OAUTH_TOKEN);
            authToken.setTokenValue(openTokenCredentials.getToken());
            authToken.setPrincipalName(openTokenCredentials.getUsername());
            authToken.setRealm(openTokenCredentials.getRealm());
            return authToken.getWsiCredential();
        }
        if (current instanceof UsernameCredentials) {
            UsernameCredentials usernameCredentials = (UsernameCredentials) current;
            return new WSICredential(usernameCredentials.getUsername(), usernameCredentials.getPassword());
        }
        if (!(current instanceof SubjectCredentials)) {
            throw new EngineRuntimeException(ExceptionCode.SECURITY_INVALID_CREDENTIALS, (Object[]) null, ExceptionContext.SECURITY_CREDENTIALS_TYPE_INVALID, new Object[]{current.getClass().getSimpleName()});
        }
        Subject subject = ((SubjectCredentials) current).getSubject();
        if (logger.isDetailTraceEnabled()) {
            logger.traceDetail("ClientOperation acting on Subject from UserContext");
        }
        try {
            Set<WSICredential> cDoPrivilegedGetPrivateCredentials = cDoPrivilegedGetPrivateCredentials(subject);
            if (cDoPrivilegedGetPrivateCredentials == null || cDoPrivilegedGetPrivateCredentials.isEmpty()) {
                try {
                    cDoPrivilegedGetPrivateCredentials = cDoPrivilegedGetPrivateCustomCredentials(subject);
                } finally {
                }
            }
            boolean valueAsBoolean = ConfigValueLookup.getValueAsBoolean(ConfigurationParameter.WSI_AUTO_DETECT_LTPA_TOKEN, false);
            if ((cDoPrivilegedGetPrivateCredentials == null || cDoPrivilegedGetPrivateCredentials.isEmpty()) && valueAsBoolean) {
                if (logger.isDetailTraceEnabled()) {
                    logger.traceDetail("ClientOperation calling getLTPATokenFromSubject for " + J2EEUtil.getInstance().getPrincipalFromSubject(subject));
                }
                String lTPATokenFromSubject = J2EEUtil.getInstance().getLTPATokenFromSubject(subject);
                if (lTPATokenFromSubject != null) {
                    WSICredential wSICredential2 = new WSICredential(UsernameToken.USER_NAME_LTPA_TOKEN, lTPATokenFromSubject);
                    if (logger.isDetailTraceEnabled()) {
                        logger.traceDetail("Using LTPA username <" + getPrincipal(wSICredential2) + "> from ambient context");
                    }
                    return wSICredential2;
                }
            }
            boolean valueAsBoolean2 = ConfigValueLookup.getValueAsBoolean(ConfigValueLookup.WSI_AUTO_DETECT_AUTH_TOKEN, false);
            if ((cDoPrivilegedGetPrivateCredentials == null || cDoPrivilegedGetPrivateCredentials.isEmpty()) && valueAsBoolean2) {
                if (logger.isDetailTraceEnabled()) {
                    logger.traceDetail("ClientOperation calling getAuthTokenFromSubject for " + J2EEUtil.getInstance().getPrincipalFromSubject(subject));
                }
                AuthToken authTokenFromSubject = J2EEUtil.getInstance().getAuthTokenFromSubject(subject);
                if (authTokenFromSubject != null) {
                    WSICredential wsiCredential = authTokenFromSubject.getWsiCredential();
                    if (logger.isDetailTraceEnabled()) {
                        logger.traceDetail("Using SSO Token username <" + getPrincipal(wsiCredential) + "> from ambient context");
                    }
                    return wsiCredential;
                }
            }
            if (cDoPrivilegedGetPrivateCredentials == null) {
                throw new EngineRuntimeException(ExceptionCode.SECURITY_INVALID_CREDENTIALS, (Object[]) null, ExceptionContext.SECURITY_MISSING_CREDENTIALS, (Object[]) null);
            }
            Iterator<WSICredential> it = cDoPrivilegedGetPrivateCredentials.iterator();
            if (it == null || !it.hasNext()) {
                throw new EngineRuntimeException(ExceptionCode.SECURITY_INVALID_CREDENTIALS, (Object[]) null, ExceptionContext.SECURITY_MISSING_CREDENTIALS, (Object[]) null);
            }
            WSICredential next = it.next();
            if (logger.isDetailTraceEnabled()) {
                logger.traceDetail("Using username <" + getPrincipal(next) + "> from UserContext");
            }
            return next;
        } finally {
        }
    }

    public static WSICredential getWSICredential(Subject subject) {
        Set<WSICredential> set;
        Iterator<WSICredential> it;
        try {
            set = cDoPrivilegedGetPrivateCredentials(subject);
        } catch (Throwable th) {
            logger.error("Unable to retrieve WSICredential", th);
            set = null;
        }
        if (set == null || set.isEmpty()) {
            try {
                set = cDoPrivilegedGetPrivateCustomCredentials(subject);
            } catch (Throwable th2) {
                logger.error("Unable to retrieve WSICredential", th2);
                set = null;
            }
        }
        WSICredential wSICredential = null;
        if (set != null && (it = set.iterator()) != null && it.hasNext()) {
            wSICredential = it.next();
        }
        if (logger.isDebugEnabled()) {
            logger.traceDetail("getWSICredential(sub) returning credential for [" + getPrincipal(wSICredential) + "]");
        }
        return wSICredential;
    }

    private static final Set<WSICredential> cDoPrivilegedGetPrivateCredentials(final Subject subject) throws Throwable {
        try {
            return (Set) AccessController.doPrivileged(new PrivilegedExceptionAction<Set<WSICredential>>() { // from class: com.filenet.apiimpl.wsi.ClientOperation.1
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public Set<WSICredential> run() {
                    Set<WSICredential> privateCredentials = subject.getPrivateCredentials(WSICredential.class);
                    if (ClientOperation.logger.isDetailTraceEnabled()) {
                        ClientOperation.logger.traceDetail("Set of private credentials for " + WSICredential.class.getSimpleName() + " has " + (privateCredentials == null ? null : Integer.valueOf(privateCredentials.size())) + " items");
                    }
                    return privateCredentials;
                }
            });
        } catch (PrivilegedActionException e) {
            throw e.getCause();
        }
    }

    private static final Set<WSICredential> cDoPrivilegedGetPrivateCustomCredentials(final Subject subject) throws Throwable {
        try {
            return (Set) AccessController.doPrivileged(new PrivilegedExceptionAction<Set<WSICredential>>() { // from class: com.filenet.apiimpl.wsi.ClientOperation.2
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public Set<WSICredential> run() throws SecurityException, NoSuchMethodException, IllegalArgumentException, IllegalAccessException, InvocationTargetException {
                    String str;
                    if (ClientOperation.logger.isDetailTraceEnabled()) {
                        ClientOperation.logger.traceDetail(" CUSTOM_CRED_CLASS   is   -  " + ClientOperation.CUSTOM_CRED_CLASS);
                    }
                    if (ClientOperation.CUSTOM_CRED_CLASS == null || ClientOperation.CUSTOM_CRED_CLASS.length() == 0) {
                        return null;
                    }
                    HashSet hashSet = new HashSet();
                    Set privateCredentials = subject.getPrivateCredentials(Object.class);
                    if (ClientOperation.logger.isDetailTraceEnabled()) {
                        ClientOperation.logger.traceDetail("Set of all private credentials has " + (privateCredentials == null ? null : Integer.valueOf(privateCredentials.size())) + " items");
                    }
                    for (Object obj : privateCredentials) {
                        if (obj.getClass().getName().equals(ClientOperation.CUSTOM_CRED_CLASS)) {
                            if (ClientOperation.logger.isDetailTraceEnabled()) {
                                ClientOperation.logger.traceDetail("Found instance of custom private credential " + ClientOperation.CUSTOM_CRED_CLASS + ": " + obj);
                            }
                            try {
                                Method method = obj.getClass().getMethod(ClientOperation.CUSTOM_USER_METHOD, ClientOperation.NO_PARAMS_TYPES);
                                Method method2 = obj.getClass().getMethod(ClientOperation.CUSTOM_PASS_METHOD, ClientOperation.NO_PARAMS_TYPES);
                                String str2 = (String) method.invoke(obj, ClientOperation.NO_PARAMS);
                                Object invoke = method2.invoke(obj, ClientOperation.NO_PARAMS);
                                if (ClientOperation.logger.isDetailTraceEnabled()) {
                                    ClientOperation.logger.traceDetail("Reflection on custom private credential yields username <" + str2 + ">");
                                }
                                if ((invoke instanceof String) || invoke == null) {
                                    str = (String) invoke;
                                } else {
                                    try {
                                        str = new String((byte[]) invoke, Charsets.CHARSET_UTF_8.name());
                                    } catch (UnsupportedEncodingException e) {
                                        str = new String((byte[]) invoke);
                                    }
                                }
                                WSICredential wSICredential = new WSICredential(str2, str);
                                if (ClientOperation.logger.isDetailTraceEnabled()) {
                                    ClientOperation.logger.traceDetail("Returning custom private credential as " + wSICredential);
                                }
                                hashSet.add(wSICredential);
                                return hashSet;
                            } catch (Exception e2) {
                                if (ClientOperation.logger.isDetailTraceEnabled()) {
                                    ClientOperation.logger.traceDetail("Exception during reflection on custom private credential: " + e2);
                                }
                                return hashSet;
                            }
                        }
                    }
                    return hashSet;
                }
            });
        } catch (PrivilegedActionException e) {
            throw e.getCause();
        }
    }

    private static String getPrincipal(WSICredential wSICredential) {
        if (wSICredential == null || wSICredential.getSecurityToken() == null || wSICredential.getSecurityToken().UsernameToken == null || wSICredential.getSecurityToken().UsernameToken.Username == null) {
            return null;
        }
        return wSICredential.getSecurityToken().UsernameToken.Username;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static int getConnectionTimeout(Connection connection) {
        Object parameter = connection.getParameter(ConfigurationParameter.WSI_TRANSPORT_CONNECTION_TIMEOUT);
        if (parameter == null) {
            parameter = ConfigValueLookup.getValue(ConfigurationParameter.WSI_TRANSPORT_CONNECTION_TIMEOUT_AS_STRING, null);
        }
        if (parameter == null) {
            return ConfigValueLookup.getInt(ConfigurationParameter.WSI_TRANSPORT_CONNECTION_TIMEOUT, Integer.MAX_VALUE);
        }
        if (parameter instanceof String) {
            return Integer.parseInt((String) parameter);
        }
        if (parameter instanceof Integer) {
            return ((Integer) parameter).intValue();
        }
        return Integer.MAX_VALUE;
    }

    static {
        if (logger.isDetailTraceEnabled()) {
            logger.traceDetail("ClientOperation looks for custom private credential class " + CUSTOM_CRED_CLASS + " with methods " + CUSTOM_USER_METHOD + " and " + CUSTOM_PASS_METHOD + " (ignored if class is null)");
        }
        NO_PARAMS_TYPES = new Class[0];
        NO_PARAMS = new Object[0];
    }
}
