package org.openehealth.ipf.commons.ihe.ws.cxf.audit;

import java.util.Iterator;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.xml.namespace.QName;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.Validate;
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.headers.Header;
import org.apache.cxf.message.Message;
import org.apache.cxf.ws.addressing.AddressingProperties;
import org.apache.cxf.ws.addressing.AttributedURIType;
import org.apache.cxf.ws.addressing.EndpointReferenceType;
import org.openehealth.ipf.commons.ihe.ws.InterceptorUtils;
import org.openehealth.ipf.commons.ihe.ws.cxf.AbstractSafeInterceptor;
import org.openhealthtools.ihe.atna.auditor.models.rfc3881.CodedValueType;
import org.opensaml.Configuration;
import org.opensaml.DefaultBootstrap;
import org.opensaml.saml2.core.Assertion;
import org.opensaml.saml2.core.Attribute;
import org.opensaml.saml2.core.AttributeStatement;
import org.opensaml.xml.ConfigurationException;
import org.opensaml.xml.XMLObject;
import org.opensaml.xml.io.UnmarshallerFactory;
import org.opensaml.xml.io.UnmarshallingException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;

/* loaded from: input_file:org/openehealth/ipf/commons/ihe/ws/cxf/audit/AbstractAuditInterceptor.class */
public abstract class AbstractAuditInterceptor extends AbstractSafeInterceptor {
    private static final transient Logger LOG = LoggerFactory.getLogger(AbstractAuditInterceptor.class);
    public static final String DATASET_CONTEXT_KEY = String.valueOf(AbstractAuditInterceptor.class.getName()) + ".DATASET";
    public static final String XUA_SAML_ASSERTION = String.valueOf(AbstractAuditInterceptor.class.getName()) + ".XUA_SAML_ASSERTION";
    public static final String WSSE_NS_URI = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
    private final WsAuditStrategy auditStrategy;
    private static final UnmarshallerFactory SAML_UNMARSHALLER_FACTORY;

    static {
        try {
            DefaultBootstrap.bootstrap();
            SAML_UNMARSHALLER_FACTORY = Configuration.getUnmarshallerFactory();
        } catch (ConfigurationException e) {
            throw new RuntimeException((Throwable) e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AbstractAuditInterceptor(String str, WsAuditStrategy wsAuditStrategy) {
        super(str);
        Validate.notNull(wsAuditStrategy);
        this.auditStrategy = wsAuditStrategy;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public WsAuditDataset getAuditDataset(SoapMessage soapMessage) {
        WsAuditDataset wsAuditDataset = (WsAuditDataset) InterceptorUtils.findContextualProperty(soapMessage, DATASET_CONTEXT_KEY);
        if (wsAuditDataset == null) {
            wsAuditDataset = getAuditStrategy().createAuditDataset();
            if (wsAuditDataset == null) {
                LOG.warn("Cannot obtain audit dataset instance, NPE is pending");
                return null;
            }
            soapMessage.setContextualProperty(DATASET_CONTEXT_KEY, wsAuditDataset);
        }
        return wsAuditDataset;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public WsAuditStrategy getAuditStrategy() {
        return this.auditStrategy;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void extractUserIdFromWSAddressing(SoapMessage soapMessage, boolean z, boolean z2, WsAuditDataset wsAuditDataset) {
        AddressingProperties addressingProperties = (AddressingProperties) soapMessage.get(z ? "javax.xml.ws.addressing.context.inbound" : "javax.xml.ws.addressing.context.outbound");
        if (addressingProperties == null) {
            LOG.error("Missing WS-Addressing headers");
            return;
        }
        AttributedURIType attributedURIType = null;
        if (z2) {
            attributedURIType = addressingProperties.getTo();
        } else {
            EndpointReferenceType replyTo = addressingProperties.getReplyTo();
            if (replyTo != null) {
                attributedURIType = replyTo.getAddress();
            }
        }
        if (attributedURIType != null) {
            wsAuditDataset.setUserId(attributedURIType.getValue());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void extractXuaUserNameFromSaml2Assertion(SoapMessage soapMessage, Header.Direction direction, WsAuditDataset wsAuditDataset) {
        Element element;
        Object contextualProperty = soapMessage.getContextualProperty(XUA_SAML_ASSERTION);
        Assertion assertion = contextualProperty instanceof Assertion ? (Assertion) contextualProperty : null;
        if (assertion == null) {
            Header header = soapMessage.getHeader(new QName(WSSE_NS_URI, "Security"));
            if (header == null || !direction.equals(header.getDirection()) || !(header.getObject() instanceof Element) || (element = (Element) ((Element) header.getObject()).getElementsByTagNameNS("urn:oasis:names:tc:SAML:2.0:assertion", "Assertion").item(0)) == null) {
                return;
            }
            try {
                assertion = (Assertion) SAML_UNMARSHALLER_FACTORY.getUnmarshaller(element).unmarshall(element);
                soapMessage.setContextualProperty(XUA_SAML_ASSERTION, assertion);
            } catch (UnmarshallingException e) {
                LOG.warn("Cannot extract SAML assertion from the WS-Security SOAP header", e);
                return;
            }
        }
        String value = (assertion.getSubject() == null || assertion.getSubject().getNameID() == null) ? null : assertion.getSubject().getNameID().getValue();
        String value2 = assertion.getIssuer() != null ? assertion.getIssuer().getValue() : null;
        if (StringUtils.isNotEmpty(value2) && StringUtils.isNotEmpty(value)) {
            wsAuditDataset.setUserName(String.valueOf(assertion.getSubject().getNameID().getSPProvidedID()) + '<' + value + '@' + value2 + '>');
        }
        Iterator it = assertion.getAttributeStatements().iterator();
        while (it.hasNext()) {
            for (Attribute attribute : ((AttributeStatement) it.next()).getAttributes()) {
                if ("urn:oasis:names:tc:xspa:1.0:subject:purposeofuse".equals(attribute.getName())) {
                    Iterator it2 = attribute.getAttributeValues().iterator();
                    while (it2.hasNext()) {
                        NodeList elementsByTagNameNS = ((XMLObject) it2.next()).getDOM().getElementsByTagNameNS("urn:hl7-org:v3", "PurposeOfUse");
                        for (int i = 0; i < elementsByTagNameNS.getLength(); i++) {
                            Element element2 = (Element) elementsByTagNameNS.item(i);
                            CodedValueType codedValueType = new CodedValueType();
                            codedValueType.setCode(element2.getAttribute("code"));
                            codedValueType.setCodeSystemName(element2.getAttribute("codeSystem"));
                            codedValueType.setOriginalText(element2.getAttribute("displayName"));
                            wsAuditDataset.getPurposesOfUse().add(codedValueType);
                        }
                    }
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void extractAddressesFromServletRequest(SoapMessage soapMessage, WsAuditDataset wsAuditDataset) {
        HttpServletRequest httpServletRequest = (HttpServletRequest) soapMessage.get("HTTP.REQUEST");
        wsAuditDataset.setClientIpAddress(httpServletRequest.getRemoteAddr());
        wsAuditDataset.setServiceEndpointUrl(httpServletRequest.getRequestURL().toString());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static Object extractPojo(Message message) {
        List list = (List) message.getContent(List.class);
        if (list == null || list.isEmpty()) {
            return null;
        }
        return list.get(0);
    }
}
