package org.apache.wss4j.stax.validate;

import java.security.Key;
import javax.crypto.spec.SecretKeySpec;
import org.apache.wss4j.binding.wssc.AbstractSecurityContextTokenType;
import org.apache.wss4j.common.ext.WSPasswordCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.stax.ext.WSSUtils;
import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
import org.apache.xml.security.algorithms.JCEMapper;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.stax.ext.XMLSecurityConstants;
import org.apache.xml.security.stax.impl.securityToken.AbstractInboundSecurityToken;
import org.apache.xml.security.stax.securityToken.InboundSecurityToken;
import org.apache.xml.security.stax.securityToken.SecurityTokenConstants;

/* loaded from: input_file:org/apache/wss4j/stax/validate/SecurityContextTokenValidatorImpl.class */
public class SecurityContextTokenValidatorImpl implements SecurityContextTokenValidator {
    @Override // org.apache.wss4j.stax.validate.SecurityContextTokenValidator
    public InboundSecurityToken validate(final AbstractSecurityContextTokenType abstractSecurityContextTokenType, final String str, final TokenContext tokenContext) throws WSSecurityException {
        AbstractInboundSecurityToken abstractInboundSecurityToken = new AbstractInboundSecurityToken(tokenContext.getWsSecurityContext(), str, WSSecurityTokenConstants.KeyIdentifier_ExternalReference, true) { // from class: org.apache.wss4j.stax.validate.SecurityContextTokenValidatorImpl.1
            public boolean isAsymmetric() {
                return false;
            }

            public Key getKey(String str2, XMLSecurityConstants.AlgorithmUsage algorithmUsage, String str3) throws XMLSecurityException {
                Key key = (Key) getSecretKey().get(str2);
                if (key != null) {
                    return key;
                }
                WSPasswordCallback wSPasswordCallback = new WSPasswordCallback(str, 6);
                WSSUtils.doSecretKeyCallback(tokenContext.getWssSecurityProperties().getCallbackHandler(), wSPasswordCallback, null);
                if (wSPasswordCallback.getKey() == null) {
                    throw new WSSecurityException(WSSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE, "noKey", new Object[]{abstractSecurityContextTokenType.getId()});
                }
                SecretKeySpec secretKeySpec = new SecretKeySpec(wSPasswordCallback.getKey(), JCEMapper.getJCEKeyAlgorithmFromURI(str2));
                setSecretKey(str2, secretKeySpec);
                return secretKeySpec;
            }

            public SecurityTokenConstants.TokenType getTokenType() {
                return WSSecurityTokenConstants.SecurityContextToken;
            }
        };
        abstractInboundSecurityToken.setElementPath(tokenContext.getElementPath());
        abstractInboundSecurityToken.setXMLSecEvent(tokenContext.getFirstXMLSecEvent());
        return abstractInboundSecurityToken;
    }
}
