package org.mule.security;

import org.mule.api.MuleEvent;
import org.mule.api.expression.ExpressionManager;
import org.mule.api.security.Authentication;
import org.mule.api.security.SecurityContext;
import org.mule.api.security.SecurityException;
import org.mule.api.security.SecurityProviderNotFoundException;
import org.mule.api.security.UnauthorisedException;
import org.mule.api.security.UnknownAuthenticationTypeException;
import org.mule.config.i18n.CoreMessages;

/* loaded from: input_file:WEB-INF/lib/mule-core-3.6.0-M3-SNAPSHOT.jar:org/mule/security/UsernamePasswordAuthenticationFilter.class */
public class UsernamePasswordAuthenticationFilter extends AbstractAuthenticationFilter {
    private String username = "#[header:inbound:username]";
    private String password = "#[header:inbound:password]";

    @Override // org.mule.security.AbstractAuthenticationFilter, org.mule.api.security.AuthenticationFilter
    public void authenticate(MuleEvent muleEvent) throws SecurityException, SecurityProviderNotFoundException, UnknownAuthenticationTypeException {
        Authentication authenticationToken = getAuthenticationToken(muleEvent);
        try {
            Authentication authenticate = getSecurityManager().authenticate(authenticationToken);
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("Authentication success: " + authenticate.toString());
            }
            SecurityContext createSecurityContext = getSecurityManager().createSecurityContext(authenticate);
            createSecurityContext.setAuthentication(authenticate);
            muleEvent.getSession().setSecurityContext(createSecurityContext);
        } catch (UnauthorisedException e) {
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("Authentication request for user: " + this.username + " failed: " + e.toString());
            }
            throw new UnauthorisedException(CoreMessages.authFailedForUser(authenticationToken.getPrincipal().toString()), e);
        }
    }

    protected Authentication getAuthenticationToken(MuleEvent muleEvent) throws UnauthorisedException {
        ExpressionManager expressionManager = muleEvent.getMuleContext().getExpressionManager();
        Object evaluate = expressionManager.evaluate(this.username, muleEvent);
        Object evaluate2 = expressionManager.evaluate(this.password, muleEvent);
        if (evaluate == null) {
            throw new UnauthorisedException(CoreMessages.authNoCredentials());
        }
        if (evaluate2 == null) {
            throw new UnauthorisedException(CoreMessages.authNoCredentials());
        }
        return new DefaultMuleAuthentication(new MuleCredentials(evaluate.toString(), evaluate2.toString().toCharArray()));
    }

    public String getUsername() {
        return this.username;
    }

    public void setUsername(String str) {
        this.username = str;
    }

    public String getPassword() {
        return this.password;
    }

    public void setPassword(String str) {
        this.password = str;
    }
}
