package org.mule.service.soap.client;

import com.google.common.collect.ImmutableList;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.StringJoiner;
import org.apache.commons.lang3.StringUtils;
import org.apache.cxf.binding.Binding;
import org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor;
import org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor;
import org.apache.cxf.binding.soap.interceptor.Soap12FaultInInterceptor;
import org.apache.cxf.endpoint.Client;
import org.apache.cxf.interceptor.Interceptor;
import org.apache.cxf.message.Message;
import org.apache.cxf.phase.PhaseInterceptor;
import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor;
import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
import org.apache.cxf.wsdl.interceptors.WrappedOutInterceptor;
import org.apache.wss4j.common.ConfigurationConstants;
import org.mule.runtime.extension.api.soap.security.DecryptSecurityStrategy;
import org.mule.runtime.extension.api.soap.security.EncryptSecurityStrategy;
import org.mule.runtime.extension.api.soap.security.SecurityStrategy;
import org.mule.runtime.extension.api.soap.security.SecurityStrategyVisitor;
import org.mule.runtime.extension.api.soap.security.SignSecurityStrategy;
import org.mule.runtime.extension.api.soap.security.TimestampSecurityStrategy;
import org.mule.runtime.extension.api.soap.security.UsernameTokenSecurityStrategy;
import org.mule.runtime.extension.api.soap.security.VerifySignatureSecurityStrategy;
import org.mule.runtime.soap.api.client.SoapClientConfiguration;
import org.mule.service.soap.interceptor.NamespaceRestorerStaxInterceptor;
import org.mule.service.soap.interceptor.NamespaceSaverStaxInterceptor;
import org.mule.service.soap.interceptor.OutputMtomSoapAttachmentsInterceptor;
import org.mule.service.soap.interceptor.OutputSoapHeadersInterceptor;
import org.mule.service.soap.interceptor.SoapActionInterceptor;
import org.mule.service.soap.interceptor.StreamClosingInterceptor;
import org.mule.service.soap.security.SecurityStrategyCxfAdapter;
import org.mule.service.soap.security.SecurityStrategyType;
import org.mule.service.soap.security.WssDecryptSecurityStrategyCxfAdapter;
import org.mule.service.soap.security.WssEncryptSecurityStrategyCxfAdapter;
import org.mule.service.soap.security.WssSignSecurityStrategyCxfAdapter;
import org.mule.service.soap.security.WssTimestampSecurityStrategyCxfAdapter;
import org.mule.service.soap.security.WssUsernameTokenSecurityStrategyCxfAdapter;
import org.mule.service.soap.security.WssVerifySignatureSecurityStrategyCxfAdapter;
import org.mule.service.soap.security.callback.CompositeCallbackHandler;
import org.mule.service.soap.security.callback.WSPasswordCallbackHandler;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:lib/mule-service-soap-1.6.3.jar:org/mule/service/soap/client/CxfClientProvider.class */
public class CxfClientProvider {
    private final CxfClientFactory factory = new CxfClientFactory();

    /* JADX INFO: Access modifiers changed from: package-private */
    public Client getClient(SoapClientConfiguration soapClientConfiguration) {
        boolean isMtomEnabled = soapClientConfiguration.isMtomEnabled();
        Client createClient = this.factory.createClient(soapClientConfiguration.getAddress(), soapClientConfiguration.getVersion().getVersion());
        addSecurityInterceptors(createClient, getAdaptedSecurities(soapClientConfiguration.getSecurities()));
        addRequestInterceptors(createClient);
        addResponseInterceptors(createClient, isMtomEnabled);
        createClient.getEndpoint().put(Message.MTOM_ENABLED, Boolean.valueOf(isMtomEnabled));
        removeUnnecessaryCxfInterceptors(createClient);
        return createClient;
    }

    private List<SecurityStrategyCxfAdapter> getAdaptedSecurities(List<SecurityStrategy> list) {
        ImmutableList.Builder builder = ImmutableList.builder();
        list.forEach(securityStrategy -> {
            securityStrategy.accept(new SecurityStrategyVisitor() { // from class: org.mule.service.soap.client.CxfClientProvider.1
                @Override // org.mule.runtime.extension.api.soap.security.SecurityStrategyVisitor
                public void visitEncrypt(EncryptSecurityStrategy encryptSecurityStrategy) {
                    builder.add((ImmutableList.Builder) new WssEncryptSecurityStrategyCxfAdapter(encryptSecurityStrategy.getKeyStoreConfiguration()));
                }

                @Override // org.mule.runtime.extension.api.soap.security.SecurityStrategyVisitor
                public void visitDecrypt(DecryptSecurityStrategy decryptSecurityStrategy) {
                    builder.add((ImmutableList.Builder) new WssDecryptSecurityStrategyCxfAdapter(decryptSecurityStrategy.getKeyStoreConfiguration()));
                }

                @Override // org.mule.runtime.extension.api.soap.security.SecurityStrategyVisitor
                public void visitUsernameToken(UsernameTokenSecurityStrategy usernameTokenSecurityStrategy) {
                    builder.add((ImmutableList.Builder) new WssUsernameTokenSecurityStrategyCxfAdapter(usernameTokenSecurityStrategy));
                }

                @Override // org.mule.runtime.extension.api.soap.security.SecurityStrategyVisitor
                public void visitSign(SignSecurityStrategy signSecurityStrategy) {
                    builder.add((ImmutableList.Builder) new WssSignSecurityStrategyCxfAdapter(signSecurityStrategy.getKeyStoreConfiguration()));
                }

                @Override // org.mule.runtime.extension.api.soap.security.SecurityStrategyVisitor
                public void visitVerify(VerifySignatureSecurityStrategy verifySignatureSecurityStrategy) {
                    builder.add((ImmutableList.Builder) verifySignatureSecurityStrategy.getTrustStoreConfiguration().map(WssVerifySignatureSecurityStrategyCxfAdapter::new).orElse(new WssVerifySignatureSecurityStrategyCxfAdapter()));
                }

                @Override // org.mule.runtime.extension.api.soap.security.SecurityStrategyVisitor
                public void visitTimestamp(TimestampSecurityStrategy timestampSecurityStrategy) {
                    builder.add((ImmutableList.Builder) new WssTimestampSecurityStrategyCxfAdapter(timestampSecurityStrategy.getTimeToLeaveInSeconds()));
                }
            });
        });
        return builder.build();
    }

    private void addSecurityInterceptors(Client client, List<SecurityStrategyCxfAdapter> list) {
        Map<String, Object> buildSecurityProperties = buildSecurityProperties(list, SecurityStrategyType.OUTGOING);
        if (!buildSecurityProperties.isEmpty()) {
            client.getOutInterceptors().add(new WSS4JOutInterceptor(buildSecurityProperties));
        }
        Map<String, Object> buildSecurityProperties2 = buildSecurityProperties(list, SecurityStrategyType.INCOMING);
        if (buildSecurityProperties2.isEmpty()) {
            return;
        }
        client.getInInterceptors().add(new WSS4JInInterceptor(buildSecurityProperties2));
    }

    private Map<String, Object> buildSecurityProperties(List<SecurityStrategyCxfAdapter> list, SecurityStrategyType securityStrategyType) {
        if (list.isEmpty()) {
            return Collections.emptyMap();
        }
        HashMap hashMap = new HashMap();
        StringJoiner stringJoiner = new StringJoiner(" ");
        ImmutableList.Builder builder = ImmutableList.builder();
        list.stream().filter(securityStrategyCxfAdapter -> {
            return securityStrategyCxfAdapter.securityType().equals(securityStrategyType);
        }).forEach(securityStrategyCxfAdapter2 -> {
            hashMap.putAll(securityStrategyCxfAdapter2.buildSecurityProperties());
            stringJoiner.add(securityStrategyCxfAdapter2.securityAction());
            Optional<WSPasswordCallbackHandler> buildPasswordCallbackHandler = securityStrategyCxfAdapter2.buildPasswordCallbackHandler();
            Objects.requireNonNull(builder);
            buildPasswordCallbackHandler.ifPresent((v1) -> {
                r1.add(v1);
            });
        });
        ImmutableList build = builder.build();
        if (!build.isEmpty()) {
            hashMap.put(ConfigurationConstants.PW_CALLBACK_REF, new CompositeCallbackHandler(build));
        }
        String stringJoiner2 = stringJoiner.toString();
        if (StringUtils.isNotBlank(stringJoiner2)) {
            hashMap.put("action", stringJoiner2);
        }
        return hashMap;
    }

    private void addRequestInterceptors(Client client) {
        client.getOutInterceptors().add(new SoapActionInterceptor());
    }

    private void addResponseInterceptors(Client client, boolean z) {
        List<Interceptor<? extends Message>> inInterceptors = client.getInInterceptors();
        inInterceptors.add(new NamespaceRestorerStaxInterceptor());
        inInterceptors.add(new NamespaceSaverStaxInterceptor());
        inInterceptors.add(new StreamClosingInterceptor());
        inInterceptors.add(new CheckFaultInterceptor());
        inInterceptors.add(new OutputSoapHeadersInterceptor());
        inInterceptors.add(new SoapActionInterceptor());
        if (z) {
            inInterceptors.add(new OutputMtomSoapAttachmentsInterceptor());
        }
    }

    private void removeUnnecessaryCxfInterceptors(Client client) {
        Binding binding = client.getEndpoint().getBinding();
        removeInterceptor(binding.getOutInterceptors(), WrappedOutInterceptor.class.getName());
        removeInterceptor(binding.getInInterceptors(), Soap11FaultInInterceptor.class.getName());
        removeInterceptor(binding.getInInterceptors(), Soap12FaultInInterceptor.class.getName());
        removeInterceptor(binding.getInInterceptors(), CheckFaultInterceptor.class.getName());
    }

    private void removeInterceptor(List<Interceptor<? extends Message>> list, String str) {
        list.removeIf(interceptor -> {
            return (interceptor instanceof PhaseInterceptor) && ((PhaseInterceptor) interceptor).getId().equals(str);
        });
    }
}
