package org.apache.cxf.ws.security.wss4j.policyvalidators;

import java.util.Collection;
import javax.xml.namespace.QName;
import org.apache.cxf.ws.policy.AssertionInfo;
import org.apache.cxf.ws.policy.AssertionInfoMap;
import org.apache.cxf.ws.security.policy.PolicyUtils;
import org.apache.wss4j.policy.SP11Constants;
import org.apache.wss4j.policy.SP12Constants;
import org.apache.wss4j.policy.SP13Constants;
import org.apache.wss4j.policy.SPConstants;
import org.apache.wss4j.policy.model.AbstractSecurityAssertion;
import org.apache.wss4j.policy.model.SupportingTokens;
import org.apache.wss4j.policy.model.UsernameToken;

/* loaded from: classes4.dex */
public class UsernameTokenPolicyValidator extends AbstractSecurityPolicyValidator {
    private void assertToken(UsernameToken usernameToken, AssertionInfoMap assertionInfoMap) {
        String namespaceURI = usernameToken.getName().getNamespaceURI();
        if (usernameToken.isCreated()) {
            PolicyUtils.assertPolicy(assertionInfoMap, SP13Constants.CREATED);
        }
        if (usernameToken.isNonce()) {
            PolicyUtils.assertPolicy(assertionInfoMap, SP13Constants.NONCE);
        }
        UsernameToken.PasswordType passwordType = usernameToken.getPasswordType();
        if (passwordType != null) {
            PolicyUtils.assertPolicy(assertionInfoMap, new QName(namespaceURI, passwordType.name()));
        }
        UsernameToken.UsernameTokenType usernameTokenType = usernameToken.getUsernameTokenType();
        if (usernameTokenType != null) {
            PolicyUtils.assertPolicy(assertionInfoMap, new QName(namespaceURI, usernameTokenType.name()));
        }
    }

    private boolean isNonEndorsingSupportingToken(UsernameToken usernameToken) {
        AbstractSecurityAssertion parentAssertion = usernameToken.getParentAssertion();
        if (!(parentAssertion instanceof SupportingTokens)) {
            return false;
        }
        String localPart = ((SupportingTokens) parentAssertion).getName().getLocalPart();
        return localPart.equals(SPConstants.SUPPORTING_TOKENS) || localPart.equals(SPConstants.SIGNED_SUPPORTING_TOKENS) || localPart.equals(SPConstants.ENCRYPTED_SUPPORTING_TOKENS) || localPart.equals(SPConstants.SIGNED_ENCRYPTED_SUPPORTING_TOKENS);
    }

    @Override // org.apache.cxf.ws.security.wss4j.policyvalidators.SecurityPolicyValidator
    public boolean canValidatePolicy(AssertionInfo assertionInfo) {
        return assertionInfo.getAssertion() != null && (SP12Constants.USERNAME_TOKEN.equals(assertionInfo.getAssertion().getName()) || SP11Constants.USERNAME_TOKEN.equals(assertionInfo.getAssertion().getName()));
    }

    /* JADX WARN: Code restructure failed: missing block: B:34:0x006b, code lost:
    
        r8.setNotAsserted("Username Token Created policy not enforced");
     */
    /* JADX WARN: Code restructure failed: missing block: B:35:0x0070, code lost:
    
        return false;
     */
    /* JADX WARN: Code restructure failed: missing block: B:45:0x0083, code lost:
    
        r8.setNotAsserted("Username Token Nonce policy not enforced");
     */
    /* JADX WARN: Code restructure failed: missing block: B:46:0x0088, code lost:
    
        return false;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public boolean checkTokens(org.apache.wss4j.policy.model.UsernameToken r7, org.apache.cxf.ws.policy.AssertionInfo r8, java.util.List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> r9) {
        /*
            r6 = this;
            java.util.Iterator r9 = r9.iterator()
        L4:
            boolean r0 = r9.hasNext()
            r1 = 1
            if (r0 == 0) goto L89
            java.lang.Object r0 = r9.next()
            org.apache.wss4j.dom.engine.WSSecurityEngineResult r0 = (org.apache.wss4j.dom.engine.WSSecurityEngineResult) r0
            java.lang.String r2 = "username-token"
            java.lang.Object r0 = r0.get(r2)
            org.apache.wss4j.dom.message.token.UsernameToken r0 = (org.apache.wss4j.dom.message.token.UsernameToken) r0
            org.apache.wss4j.policy.model.UsernameToken$PasswordType r2 = r7.getPasswordType()
            org.apache.wss4j.policy.model.UsernameToken$PasswordType r3 = org.apache.wss4j.policy.model.UsernameToken.PasswordType.HashPassword
            r4 = 0
            if (r2 != r3) goto L24
            r3 = 1
            goto L25
        L24:
            r3 = 0
        L25:
            org.apache.wss4j.policy.model.UsernameToken$PasswordType r5 = org.apache.wss4j.policy.model.UsernameToken.PasswordType.NoPassword
            if (r2 != r5) goto L2a
            goto L2b
        L2a:
            r1 = 0
        L2b:
            boolean r2 = r0.isHashed()
            if (r3 == r2) goto L37
            java.lang.String r7 = "Password hashing policy not enforced"
            r8.setNotAsserted(r7)
            return r4
        L37:
            if (r1 == 0) goto L45
            java.lang.String r2 = r0.getPassword()
            if (r2 == 0) goto L45
            java.lang.String r7 = "Username Token NoPassword policy not enforced"
            r8.setNotAsserted(r7)
            return r4
        L45:
            if (r1 != 0) goto L59
            java.lang.String r1 = r0.getPassword()
            if (r1 != 0) goto L59
            boolean r1 = r6.isNonEndorsingSupportingToken(r7)
            if (r1 == 0) goto L59
            java.lang.String r7 = "Username Token No Password supplied"
            r8.setNotAsserted(r7)
            return r4
        L59:
            boolean r1 = r7.isCreated()
            if (r1 == 0) goto L71
            java.lang.String r1 = r0.getCreated()
            if (r1 == 0) goto L6b
            boolean r1 = r0.isHashed()
            if (r1 == 0) goto L71
        L6b:
            java.lang.String r7 = "Username Token Created policy not enforced"
            r8.setNotAsserted(r7)
            return r4
        L71:
            boolean r1 = r7.isNonce()
            if (r1 == 0) goto L4
            java.lang.String r1 = r0.getNonce()
            if (r1 == 0) goto L83
            boolean r0 = r0.isHashed()
            if (r0 == 0) goto L4
        L83:
            java.lang.String r7 = "Username Token Nonce policy not enforced"
            r8.setNotAsserted(r7)
            return r4
        L89:
            return r1
        */
        throw new UnsupportedOperationException("Method not decompiled: org.apache.cxf.ws.security.wss4j.policyvalidators.UsernameTokenPolicyValidator.checkTokens(org.apache.wss4j.policy.model.UsernameToken, org.apache.cxf.ws.policy.AssertionInfo, java.util.List):boolean");
    }

    @Override // org.apache.cxf.ws.security.wss4j.policyvalidators.SecurityPolicyValidator
    public void validatePolicies(PolicyValidatorParameters policyValidatorParameters, Collection<AssertionInfo> collection) {
        for (AssertionInfo assertionInfo : collection) {
            UsernameToken usernameToken = (UsernameToken) assertionInfo.getAssertion();
            assertionInfo.setAsserted(true);
            assertToken(usernameToken, policyValidatorParameters.getAssertionInfoMap());
            if (isTokenRequired(usernameToken, policyValidatorParameters.getMessage())) {
                if (policyValidatorParameters.getUsernameTokenResults().isEmpty()) {
                    assertionInfo.setNotAsserted("The received token does not match the token inclusion requirement");
                } else {
                    checkTokens(usernameToken, assertionInfo, policyValidatorParameters.getUsernameTokenResults());
                }
            }
        }
    }
}
