package com.microsoft.aad.adal4j;

import java.io.ByteArrayInputStream;
import java.nio.charset.Charset;
import java.util.HashMap;
import java.util.Map;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.xpath.XPath;
import javax.xml.xpath.XPathConstants;
import javax.xml.xpath.XPathExpressionException;
import javax.xml.xpath.XPathFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:WEB-INF/lib/adal4j-1.0.0.jar:com/microsoft/aad/adal4j/MexParser.class */
class MexParser {
    private static final Logger log = LoggerFactory.getLogger(MexParser.class);
    private static final String TRANSPORT_BINDING_XPATH = "wsp:ExactlyOne/wsp:All/sp:TransportBinding";
    private static final String TRANSPORT_BINDING_2005_XPATH = "wsp:ExactlyOne/wsp:All/sp2005:TransportBinding";
    private static final String PORT_XPATH = "//wsdl:definitions/wsdl:service/wsdl:port";
    private static final String ADDRESS_XPATH = "wsa10:EndpointReference/wsa10:Address";
    private static final String SOAP_ACTION_XPATH = "wsdl:operation/soap12:operation/@soapAction";
    private static final String RST_SOAP_ACTION = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue";
    private static final String SOAP_TRANSPORT_XPATH = "soap12:binding/@transport";
    private static final String SOAP_HTTP_TRANSPORT_VALUE = "http://schemas.xmlsoap.org/soap/http";

    MexParser() {
    }

    static String getWsTrustEndpointFromMexResponse(String str) throws Exception {
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setNamespaceAware(true);
        Document parse = newInstance.newDocumentBuilder().parse(new ByteArrayInputStream(str.getBytes(Charset.forName("UTF-8"))));
        XPath newXPath = XPathFactory.newInstance().newXPath();
        newXPath.setNamespaceContext(new NamespaceContextImpl());
        Map<String, BindingPolicy> selectUsernamePasswordPolicies = selectUsernamePasswordPolicies(parse, newXPath);
        if (selectUsernamePasswordPolicies.isEmpty()) {
            log.debug("No matching policies");
            return null;
        }
        Map<String, String> matchingBindings = getMatchingBindings(parse, newXPath, selectUsernamePasswordPolicies);
        if (matchingBindings.isEmpty()) {
            log.debug("No matching bindings");
            return null;
        }
        getPortsForPolicyBindings(parse, newXPath, matchingBindings, selectUsernamePasswordPolicies);
        return selectSingleMatchingPolicy(selectUsernamePasswordPolicies).trim();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String getWsTrustEndpointFromMexEndpoint(String str) throws Exception {
        return getWsTrustEndpointFromMexResponse(HttpHelper.executeHttpGet(log, str));
    }

    private static String selectSingleMatchingPolicy(Map<String, BindingPolicy> map) {
        for (String str : map.keySet()) {
            if (map.get(str).getUrl() == null) {
                map.remove(str);
            }
        }
        if (map.size() != 0) {
            return map.values().iterator().next().getUrl();
        }
        log.warn("no policies found with an url");
        return null;
    }

    private static Map<String, String> getPortsForPolicyBindings(Document document, XPath xPath, Map<String, String> map, Map<String, BindingPolicy> map2) throws Exception {
        NodeList nodeList = (NodeList) xPath.compile(PORT_XPATH).evaluate(document, XPathConstants.NODESET);
        if (nodeList.getLength() == 0) {
            log.warn("no ports found");
            return null;
        }
        for (int i = 0; i < nodeList.getLength(); i++) {
            Node item = nodeList.item(i);
            String[] split = item.getAttributes().getNamedItem("binding").getNodeValue().split(":");
            BindingPolicy bindingPolicy = map2.get(map.get(split[split.length - 1]));
            if (bindingPolicy != null && StringHelper.isBlank(bindingPolicy.getUrl())) {
                NodeList nodeList2 = (NodeList) xPath.compile(ADDRESS_XPATH).evaluate(item, XPathConstants.NODESET);
                if (nodeList2.getLength() <= 0) {
                    throw new Exception("no address nodes on port");
                }
                String textContent = nodeList2.item(0).getTextContent();
                if (textContent == null || !textContent.toLowerCase().startsWith("https://")) {
                    log.warn("skipping insecure endpoint: " + textContent);
                } else {
                    bindingPolicy.setUrl(textContent);
                }
            }
        }
        return null;
    }

    private static Map<String, String> getMatchingBindings(Document document, XPath xPath, Map<String, BindingPolicy> map) throws XPathExpressionException {
        HashMap hashMap = new HashMap();
        NodeList nodeList = (NodeList) xPath.compile("//wsdl:definitions/wsdl:binding/wsp:PolicyReference").evaluate(document, XPathConstants.NODESET);
        for (int i = 0; i < nodeList.getLength(); i++) {
            Node item = nodeList.item(i);
            String nodeValue = item.getAttributes().getNamedItem("URI").getNodeValue();
            if (map.containsKey(nodeValue)) {
                Node parentNode = item.getParentNode();
                String nodeValue2 = parentNode.getAttributes().getNamedItem("name").getNodeValue();
                if (checkSoapActionAndTransport(xPath, parentNode)) {
                    hashMap.put(nodeValue2, nodeValue);
                }
            }
        }
        return hashMap;
    }

    private static boolean checkSoapActionAndTransport(XPath xPath, Node node) throws XPathExpressionException {
        NodeList nodeList = null;
        String str = null;
        String str2 = null;
        String nodeValue = node.getAttributes().getNamedItem("name").getNodeValue();
        NodeList nodeList2 = (NodeList) xPath.compile(SOAP_ACTION_XPATH).evaluate(node, XPathConstants.NODESET);
        if (nodeList2.getLength() > 0) {
            str = nodeList2.item(0).getNodeValue();
            nodeList = (NodeList) xPath.compile(SOAP_TRANSPORT_XPATH).evaluate(node, XPathConstants.NODESET);
        }
        if (nodeList != null && nodeList.getLength() > 0) {
            str2 = nodeList.item(0).getNodeValue();
        }
        boolean z = str.equalsIgnoreCase(RST_SOAP_ACTION) && str2.equalsIgnoreCase(SOAP_HTTP_TRANSPORT_VALUE);
        if (z) {
            log.debug("Found binding matching Action and Transport: " + nodeValue);
        } else {
            log.debug("Binding node did not match soap Action or Transport: " + nodeValue);
        }
        return z;
    }

    private static Map<String, BindingPolicy> selectUsernamePasswordPolicies(Document document, XPath xPath) throws XPathExpressionException {
        HashMap hashMap = new HashMap();
        NodeList nodeList = (NodeList) xPath.compile("//wsdl:definitions/wsp:Policy/wsp:ExactlyOne/wsp:All/sp:SignedEncryptedSupportingTokens/wsp:Policy/sp:UsernameToken/wsp:Policy/sp:WssUsernameToken10").evaluate(document, XPathConstants.NODESET);
        for (int i = 0; i < nodeList.getLength(); i++) {
            String checkPolicy = checkPolicy(xPath, nodeList.item(i).getParentNode().getParentNode().getParentNode().getParentNode().getParentNode().getParentNode().getParentNode());
            hashMap.put("#" + checkPolicy, new BindingPolicy("#" + checkPolicy));
        }
        return hashMap;
    }

    private static String checkPolicy(XPath xPath, Node node) throws XPathExpressionException {
        String str = null;
        Node namedItem = node.getAttributes().getNamedItem("wsu:Id");
        NodeList nodeList = (NodeList) xPath.compile(TRANSPORT_BINDING_XPATH).evaluate(node, XPathConstants.NODESET);
        if (nodeList.getLength() == 0) {
            nodeList = (NodeList) xPath.compile(TRANSPORT_BINDING_2005_XPATH).evaluate(node, XPathConstants.NODESET);
        }
        if (nodeList.getLength() <= 0 || namedItem == null) {
            log.debug("potential policy did not match required transport binding: " + namedItem.getNodeValue());
        } else {
            str = namedItem.getNodeValue();
            log.debug("found matching policy id: " + str);
        }
        return str;
    }
}
