package org.mule.soap.api.security;

import com.google.common.collect.ImmutableMap;
import java.util.Map;
import java.util.Optional;
import java.util.Properties;
import org.apache.wss4j.common.ConfigurationConstants;
import org.apache.wss4j.common.crypto.Merlin;
import org.mule.soap.api.security.SecurityStrategy;
import org.mule.soap.api.security.stores.WssStoreConfiguration;
import org.mule.soap.api.security.stores.WssTrustStoreConfiguration;
import org.mule.soap.internal.security.callback.WSPasswordCallbackHandler;

/* loaded from: input_file:repository/org/mule/connectors/mule-soap-engine/1.0.0/mule-soap-engine-1.0.0.jar:org/mule/soap/api/security/WssVerifySignatureSecurityStrategy.class */
public class WssVerifySignatureSecurityStrategy implements SecurityStrategy {
    private static final String WS_VERIFY_SIGNATURE_PROPERTIES_KEY = "verifySignatureProperties";
    private final WssTrustStoreConfiguration trustStoreConfiguration;

    public WssVerifySignatureSecurityStrategy(WssTrustStoreConfiguration wssTrustStoreConfiguration) {
        this.trustStoreConfiguration = wssTrustStoreConfiguration;
    }

    public WssVerifySignatureSecurityStrategy() {
        this.trustStoreConfiguration = null;
    }

    @Override // org.mule.soap.api.security.SecurityStrategy
    public SecurityStrategy.SecurityStrategyType securityType() {
        return SecurityStrategy.SecurityStrategyType.INCOMING;
    }

    @Override // org.mule.soap.api.security.SecurityStrategy
    public Optional<WSPasswordCallbackHandler> buildPasswordCallbackHandler() {
        return Optional.empty();
    }

    @Override // org.mule.soap.api.security.SecurityStrategy
    public String securityAction() {
        return "Signature";
    }

    @Override // org.mule.soap.api.security.SecurityStrategy
    public Map<String, Object> buildSecurityProperties() {
        return ImmutableMap.builder().put(ConfigurationConstants.SIG_PROP_REF_ID, WS_VERIFY_SIGNATURE_PROPERTIES_KEY).put(WS_VERIFY_SIGNATURE_PROPERTIES_KEY, this.trustStoreConfiguration != null ? this.trustStoreConfiguration.getConfigurationProperties() : getDefaultTrustStoreConfigurationProperties()).build();
    }

    private Properties getDefaultTrustStoreConfigurationProperties() {
        Properties properties = new Properties();
        properties.setProperty(WssStoreConfiguration.WS_CRYPTO_PROVIDER_KEY, Merlin.class.getCanonicalName());
        properties.setProperty(Merlin.LOAD_CA_CERTS, String.valueOf(true));
        return properties;
    }
}
