package com.mulesoft.mule.saml;

import com.mulesoft.mule.saml.crypto.KeyProvider;
import com.mulesoft.mule.saml.realms.SecurityRealm;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.mule.api.security.Authentication;
import org.mule.api.security.SecurityContext;
import org.mule.api.security.SecurityContextFactory;
import org.mule.api.security.SecurityException;
import org.mule.api.security.SecurityProvider;
import org.mule.api.security.UnauthorisedException;
import org.mule.api.security.UnknownAuthenticationTypeException;
import org.mule.config.i18n.CoreMessages;
import org.opensaml.saml1.core.Subject;

/* loaded from: input_file:mule/lib/mule/mule-module-saml-ee-3.7.1.jar:com/mulesoft/mule/saml/SAMLSecurityProvider.class */
public final class SAMLSecurityProvider implements SecurityProvider {
    private static final Log logger = LogFactory.getLog(SAMLSecurityProvider.class);
    private SecurityContextFactory factory;
    private String name;
    private String samlVersion;
    private List<KeyProvider> keyProviders = new ArrayList();
    private List<SecurityRealm> securityRealms = new ArrayList();
    private String defaultRealm;

    @Override // org.mule.api.security.SecurityProvider
    public Authentication authenticate(Authentication authentication) throws SecurityException {
        logger.debug("Starting SAML authentication");
        if (!supports(authentication.getClass())) {
            throw new UnauthorisedException(CoreMessages.authTypeNotRecognised(authentication.getClass().getCanonicalName()));
        }
        SAMLAuthenticationAdapter sAMLAuthenticationAdapter = (SAMLAuthenticationAdapter) authentication;
        return getRealm(sAMLAuthenticationAdapter).authenticate(sAMLAuthenticationAdapter);
    }

    private SecurityRealm getRealm(SAMLAuthenticationAdapter sAMLAuthenticationAdapter) throws SecurityException {
        String str = this.defaultRealm;
        if (sAMLAuthenticationAdapter.getSecurityRealm() != null) {
            str = sAMLAuthenticationAdapter.getSecurityRealm();
        }
        SecurityRealm securityRealm = null;
        Iterator<SecurityRealm> it = this.securityRealms.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            SecurityRealm next = it.next();
            if (next.getName().equals(str)) {
                securityRealm = next;
                break;
            }
        }
        if (securityRealm == null) {
            throw new UnauthorisedException(CoreMessages.authFailedForUser(((Subject) sAMLAuthenticationAdapter.getPrincipal()).getNameIdentifier()));
        }
        return securityRealm;
    }

    @Override // org.mule.api.security.SecurityProvider
    public SecurityContext createSecurityContext(Authentication authentication) throws UnknownAuthenticationTypeException {
        return this.factory.create(authentication);
    }

    @Override // org.mule.api.security.SecurityProvider
    public boolean supports(Class cls) {
        return SAMLAuthenticationAdapter.class.isAssignableFrom(cls);
    }

    @Override // org.mule.api.NamedObject
    public String getName() {
        return this.name;
    }

    @Override // org.mule.api.NameableObject
    public void setName(String str) {
        this.name = str;
    }

    public String getSamlVersion() {
        return this.samlVersion;
    }

    public void setSamlVersion(String str) {
        this.samlVersion = str;
    }

    @Override // org.mule.api.lifecycle.Initialisable
    public void initialise() {
        this.factory = new SAMLSecurityContextFactory();
    }

    public List<KeyProvider> getKeyProviders() {
        return this.keyProviders;
    }

    public void setKeyProviders(List<KeyProvider> list) {
        this.keyProviders.addAll(list);
    }

    public List<SecurityRealm> getSecurityRealms() {
        return this.securityRealms;
    }

    public void setSecurityRealms(List<SecurityRealm> list) {
        this.securityRealms.addAll(list);
    }

    public String getDefaultRealm() {
        return this.defaultRealm;
    }

    public void setDefaultRealm(String str) {
        this.defaultRealm = str;
    }
}
