package com.mulesoft.mule.saml.cxf;

import com.mulesoft.mule.saml.SAMLAuthenticationAdapter;
import org.apache.cxf.binding.soap.SoapFault;
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.phase.Phase;
import org.apache.cxf.ws.security.wss4j.AbstractWSS4JInterceptor;
import org.mule.RequestContext;
import org.mule.api.MuleContext;
import org.mule.api.MuleEvent;
import org.mule.api.security.Authentication;
import org.mule.api.security.SecurityContext;
import org.mule.api.security.SecurityException;
import org.mule.api.security.SecurityManager;
import org.mule.api.security.SecurityProviderNotFoundException;
import org.mule.api.security.UnknownAuthenticationTypeException;

/* loaded from: input_file:mule/lib/mule/mule-module-saml-ee-3.7.1.jar:com/mulesoft/mule/saml/cxf/SAMLVerifyInterceptor.class */
public final class SAMLVerifyInterceptor extends AbstractWSS4JInterceptor {
    private String certificateAlias;
    private String securityRealm;
    private SAMLVerifyCallback callback;

    public SAMLVerifyInterceptor() {
        setPhase(Phase.PRE_INVOKE);
    }

    @Override // org.apache.cxf.interceptor.Interceptor
    public void handleMessage(SoapMessage soapMessage) {
        MuleContext muleContext = RequestContext.getEventContext().getMuleContext();
        MuleEvent event = RequestContext.getEvent();
        SecurityManager securityManager = muleContext.getSecurityManager();
        try {
            SAMLAuthenticationAdapter sAMLAuthenticationAdapter = new SAMLAuthenticationAdapter(SAMLCxfUtil.getAssertions(soapMessage).iterator().next(), this.certificateAlias, this.securityRealm);
            sAMLAuthenticationAdapter.setEvent(event);
            Authentication authenticate = securityManager.authenticate(sAMLAuthenticationAdapter);
            SecurityContext createSecurityContext = securityManager.createSecurityContext(authenticate);
            createSecurityContext.setAuthentication(authenticate);
            if (this.callback != null) {
                this.callback.verify(sAMLAuthenticationAdapter);
            }
            event.getSession().setSecurityContext(createSecurityContext);
        } catch (SecurityException e) {
            throw new SoapFault(e.getLocalizedMessage(), e, Fault.FAULT_CODE_CLIENT);
        } catch (SecurityProviderNotFoundException e2) {
            throw new SoapFault(e2.getLocalizedMessage(), e2, Fault.FAULT_CODE_SERVER);
        } catch (UnknownAuthenticationTypeException e3) {
            throw new SoapFault(e3.getLocalizedMessage(), e3, Fault.FAULT_CODE_SERVER);
        }
    }

    public String getCertificateAlias() {
        return this.certificateAlias;
    }

    public void setCertificateAlias(String str) {
        this.certificateAlias = str;
    }

    public String getSecurityRealm() {
        return this.securityRealm;
    }

    public void setSecurityRealm(String str) {
        this.securityRealm = str;
    }

    public SAMLVerifyCallback getCallback() {
        return this.callback;
    }

    public void setCallback(SAMLVerifyCallback sAMLVerifyCallback) {
        this.callback = sAMLVerifyCallback;
    }
}
