package gov.nih.nci.cagrid.introduce.security.client;

import gov.nih.nci.cagrid.introduce.security.common.ServiceSecurityI;
import gov.nih.nci.cagrid.introduce.security.stubs.GetServiceSecurityMetadataRequest;
import gov.nih.nci.cagrid.introduce.security.stubs.ServiceSecurityPortType;
import gov.nih.nci.cagrid.introduce.security.stubs.service.ServiceSecurityServiceAddressingLocator;
import gov.nih.nci.cagrid.metadata.security.CommunicationMechanism;
import gov.nih.nci.cagrid.metadata.security.Operation;
import gov.nih.nci.cagrid.metadata.security.ProtectionLevelType;
import gov.nih.nci.cagrid.metadata.security.ServiceSecurityMetadata;
import gov.nih.nci.cagrid.metadata.security.ServiceSecurityMetadataOperations;
import java.io.InputStream;
import java.rmi.RemoteException;
import java.util.HashMap;
import java.util.Map;
import org.apache.axis.client.AxisClient;
import org.apache.axis.client.Stub;
import org.apache.axis.configuration.FileProvider;
import org.apache.axis.message.addressing.Address;
import org.apache.axis.message.addressing.EndpointReferenceType;
import org.apache.axis.types.URI;
import org.apache.axis.utils.ClassUtils;
import org.globus.axis.util.Util;
import org.globus.gsi.GlobusCredential;
import org.globus.gsi.gssapi.GlobusGSSCredentialImpl;
import org.globus.wsrf.impl.security.authorization.Authorization;
import org.globus.wsrf.impl.security.authorization.NoAuthorization;
import org.globus.wsrf.security.Constants;
import org.ietf.jgss.GSSException;

/* loaded from: input_file:gov/nih/nci/cagrid/introduce/security/client/ServiceSecurityClient.class */
public class ServiceSecurityClient implements ServiceSecurityI {
    protected GlobusCredential proxy;
    protected EndpointReferenceType epr;
    protected ServiceSecurityMetadata securityMetadata;
    protected Map operations;
    protected Authorization authorization;
    protected String delegationMode;
    protected boolean anonymousPrefered;

    public boolean isAnonymousPrefered() {
        return this.anonymousPrefered;
    }

    public void setAnonymousPrefered(boolean z) {
        this.anonymousPrefered = z;
    }

    public ServiceSecurityClient(String str) throws URI.MalformedURIException, RemoteException {
        this(str, (GlobusCredential) null);
    }

    public ServiceSecurityClient(String str, GlobusCredential globusCredential) throws URI.MalformedURIException, RemoteException {
        this.anonymousPrefered = true;
        this.proxy = globusCredential;
        this.epr = new EndpointReferenceType();
        this.epr.setAddress(new Address(str));
    }

    public ServiceSecurityClient(EndpointReferenceType endpointReferenceType) throws URI.MalformedURIException, RemoteException {
        this(endpointReferenceType, (GlobusCredential) null);
    }

    public ServiceSecurityClient(EndpointReferenceType endpointReferenceType, GlobusCredential globusCredential) throws URI.MalformedURIException, RemoteException {
        this.anonymousPrefered = true;
        this.proxy = globusCredential;
        this.epr = endpointReferenceType;
    }

    public Authorization getAuthorization() {
        return this.authorization;
    }

    public void setAuthorization(Authorization authorization) {
        this.authorization = authorization;
    }

    public String getDelegationMode() {
        return this.delegationMode;
    }

    public void setDelegationMode(String str) {
        this.delegationMode = str;
    }

    public EndpointReferenceType getEndpointReference() {
        return this.epr;
    }

    public GlobusCredential getProxy() {
        return this.proxy;
    }

    public void setProxy(GlobusCredential globusCredential) {
        this.proxy = globusCredential;
    }

    protected ServiceSecurityPortType getPortType() throws RemoteException {
        ServiceSecurityServiceAddressingLocator serviceSecurityServiceAddressingLocator = new ServiceSecurityServiceAddressingLocator();
        InputStream resourceAsStream = ClassUtils.getResourceAsStream(getClass(), "client-config.wsdd");
        if (resourceAsStream != null) {
            serviceSecurityServiceAddressingLocator.setEngine(new AxisClient(new FileProvider(resourceAsStream)));
        }
        try {
            return serviceSecurityServiceAddressingLocator.getServiceSecurityPortTypePort(this.epr);
        } catch (Exception e) {
            throw new RemoteException("Unable to configured porttype:" + e.getMessage(), e);
        }
    }

    public static void usage() {
        System.out.println(ServiceSecurityClient.class.getName() + " -url <service url>");
    }

    public static void main(String[] strArr) {
        System.out.println("Running the Grid Service Client");
        try {
            if (strArr.length < 2) {
                usage();
                System.exit(1);
            } else if (strArr[0].equals("-url")) {
                new ServiceSecurityClient(strArr[1]);
            } else {
                usage();
                System.exit(1);
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    protected void configureStubSecurity(Stub stub, String str) throws RemoteException {
        Operation[] operation;
        boolean z = this.epr.getAddress().getScheme().equals("https");
        if (str.equals("getServiceSecurityMetadata")) {
            if (z) {
                resetStub(stub);
                stub._setProperty("org.globus.security.transport.type", Constants.SIGNATURE);
                stub._setProperty("org.globus.gsi.anonymous", Boolean.TRUE);
                stub._setProperty("org.globus.security.authorization", NoAuthorization.getInstance());
                return;
            }
            return;
        }
        if (this.securityMetadata == null) {
            this.operations = new HashMap();
            this.securityMetadata = getServiceSecurityMetadata();
            ServiceSecurityMetadataOperations operations = this.securityMetadata.getOperations();
            if (operations != null && (operation = operations.getOperation()) != null) {
                for (int i = 0; i < operation.length; i++) {
                    this.operations.put(operation[i].getName().substring(0, 1).toLowerCase() + operation[i].getName().substring(1), operation[i]);
                }
            }
        }
        resetStub(stub);
        CommunicationMechanism communicationMechanism = this.operations.containsKey(str) ? ((Operation) this.operations.get(str)).getCommunicationMechanism() : this.securityMetadata.getDefaultCommunicationMechanism();
        boolean z2 = true;
        boolean z3 = true;
        boolean z4 = true;
        boolean z5 = true;
        if (z && communicationMechanism.getGSITransport() != null) {
            ProtectionLevelType protectionLevel = communicationMechanism.getGSITransport().getProtectionLevel();
            if (protectionLevel == null) {
                stub._setProperty("org.globus.security.transport.type", Constants.SIGNATURE);
            } else if (protectionLevel.equals(ProtectionLevelType.privacy) || protectionLevel.equals(ProtectionLevelType.either)) {
                stub._setProperty("org.globus.security.transport.type", Constants.ENCRYPTION);
            } else {
                stub._setProperty("org.globus.security.transport.type", Constants.SIGNATURE);
            }
            z4 = false;
        } else if (z) {
            stub._setProperty("org.globus.security.transport.type", Constants.SIGNATURE);
            z4 = false;
        } else if (communicationMechanism.getGSISecureConversation() != null) {
            ProtectionLevelType protectionLevel2 = communicationMechanism.getGSISecureConversation().getProtectionLevel();
            if (protectionLevel2 == null) {
                stub._setProperty("org.globus.security.secConv.msg.type", Constants.ENCRYPTION);
            } else if (protectionLevel2.equals(ProtectionLevelType.privacy) || protectionLevel2.equals(ProtectionLevelType.either)) {
                stub._setProperty("org.globus.security.secConv.msg.type", Constants.ENCRYPTION);
            } else {
                stub._setProperty("org.globus.security.secConv.msg.type", Constants.SIGNATURE);
            }
        } else if (communicationMechanism.getGSISecureMessage() != null) {
            ProtectionLevelType protectionLevel3 = communicationMechanism.getGSISecureMessage().getProtectionLevel();
            if (protectionLevel3 == null) {
                stub._setProperty("org.globus.security.secMsg.msg.type", Constants.ENCRYPTION);
            } else if (protectionLevel3.equals(ProtectionLevelType.privacy) || protectionLevel3.equals(ProtectionLevelType.either)) {
                stub._setProperty("org.globus.security.secMsg.msg.type", Constants.ENCRYPTION);
            } else {
                stub._setProperty("org.globus.security.secMsg.msg.type", Constants.SIGNATURE);
            }
            z4 = false;
            z2 = false;
        } else {
            z2 = false;
            z3 = false;
            z4 = false;
            z5 = false;
        }
        if (z2 && communicationMechanism.isAnonymousPermitted() && isAnonymousPrefered()) {
            stub._setProperty("org.globus.gsi.anonymous", Boolean.TRUE);
        } else if (z5 && this.proxy != null) {
            try {
                stub._setProperty("org.globus.gsi.credentials", new GlobusGSSCredentialImpl(this.proxy, 0));
            } catch (GSSException e) {
                throw new RemoteException(e.getMessage());
            }
        }
        if (z3) {
            if (this.authorization == null) {
                stub._setProperty("org.globus.security.authorization", NoAuthorization.getInstance());
            } else {
                stub._setProperty("org.globus.security.authorization", getAuthorization());
            }
        }
        if (!z4 || getDelegationMode() == null) {
            return;
        }
        stub._setProperty("org.globus.gsi.mode", getDelegationMode());
    }

    protected void resetStub(Stub stub) {
        stub.removeProperty("org.globus.security.transport.type");
        stub.removeProperty("org.globus.gsi.anonymous");
        stub.removeProperty("org.globus.security.authorization");
        stub.removeProperty("org.globus.gsi.credentials");
        stub.removeProperty("org.globus.security.secConv.msg.type");
        stub.removeProperty("org.globus.security.secMsg.msg.type");
        stub.removeProperty("org.globus.gsi.mode");
    }

    public ServiceSecurityMetadata getServiceSecurityMetadata() throws RemoteException {
        ServiceSecurityPortType portType = getPortType();
        configureStubSecurity((Stub) portType, "getServiceSecurityMetadata");
        return portType.getServiceSecurityMetadata(new GetServiceSecurityMetadataRequest()).getServiceSecurityMetadata();
    }

    static {
        Util.registerTransport();
    }
}
