package org.mule.extension.ws.api.security;

import com.google.common.collect.ImmutableMap;
import java.util.Map;
import java.util.Properties;
import org.apache.ws.security.components.crypto.Merlin;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.mule.extension.ws.api.security.config.WssStoreConfiguration;
import org.mule.extension.ws.api.security.config.WssTrustStoreConfiguration;
import org.mule.extension.ws.internal.security.SecurityStrategyType;
import org.mule.extension.ws.internal.security.callback.WSPasswordCallbackHandler;
import org.mule.runtime.extension.api.annotation.param.Optional;
import org.mule.runtime.extension.api.annotation.param.Parameter;

/* loaded from: input_file:org/mule/extension/ws/api/security/WssVerifySignatureSecurityStrategy.class */
public class WssVerifySignatureSecurityStrategy implements SecurityStrategy {
    private static final String WS_VERIFY_SIGNATURE_PROPERTIES_KEY = "verifySignatureProperties";

    @Optional
    @Parameter
    private WssTrustStoreConfiguration trustStoreConfiguration;

    @Override // org.mule.extension.ws.api.security.SecurityStrategy
    public SecurityStrategyType securityType() {
        return SecurityStrategyType.INCOMING;
    }

    @Override // org.mule.extension.ws.api.security.SecurityStrategy
    public java.util.Optional<WSPasswordCallbackHandler> buildPasswordCallbackHandler() {
        return java.util.Optional.empty();
    }

    @Override // org.mule.extension.ws.api.security.SecurityStrategy
    public String securityAction() {
        return "Signature";
    }

    @Override // org.mule.extension.ws.api.security.SecurityStrategy
    public Map<String, Object> buildSecurityProperties() {
        return ImmutableMap.builder().put(WSHandlerConstants.SIG_PROP_REF_ID, WS_VERIFY_SIGNATURE_PROPERTIES_KEY).put(WS_VERIFY_SIGNATURE_PROPERTIES_KEY, this.trustStoreConfiguration != null ? this.trustStoreConfiguration.getConfigurationProperties() : getDefaultTrustStoreConfigurationProperties()).build();
    }

    private Properties getDefaultTrustStoreConfigurationProperties() {
        Properties properties = new Properties();
        properties.setProperty(WssStoreConfiguration.WS_CRYPTO_PROVIDER_KEY, Merlin.class.getCanonicalName());
        properties.setProperty(Merlin.LOAD_CA_CERTS, String.valueOf(true));
        return properties;
    }
}
