package org.mule.module.jaas.filters;

import org.mule.api.MuleEvent;
import org.mule.api.lifecycle.InitialisationException;
import org.mule.api.security.Authentication;
import org.mule.api.security.CredentialsNotSetException;
import org.mule.api.security.CryptoFailureException;
import org.mule.api.security.EncryptionStrategyNotFoundException;
import org.mule.api.security.SecurityContext;
import org.mule.api.security.SecurityException;
import org.mule.api.security.SecurityProviderNotFoundException;
import org.mule.api.security.UnauthorisedException;
import org.mule.api.security.UnknownAuthenticationTypeException;
import org.mule.config.i18n.CoreMessages;
import org.mule.module.jaas.JaasAuthentication;
import org.mule.security.AbstractEndpointSecurityFilter;
import org.mule.security.MuleCredentials;
import org.mule.security.MuleHeaderCredentialsAccessor;

/* loaded from: input_file:org/mule/module/jaas/filters/JaasSecurityFilter.class */
public class JaasSecurityFilter extends AbstractEndpointSecurityFilter {
    public JaasSecurityFilter() {
        setCredentialsAccessor(new MuleHeaderCredentialsAccessor());
    }

    @Override // org.mule.security.AbstractEndpointSecurityFilter
    protected final void authenticateInbound(MuleEvent muleEvent) throws SecurityException, CryptoFailureException, EncryptionStrategyNotFoundException, UnknownAuthenticationTypeException {
        String str = (String) getCredentialsAccessor().getCredentials(muleEvent);
        if (str == null) {
            throw new CredentialsNotSetException(muleEvent, muleEvent.getSession().getSecurityContext(), this);
        }
        MuleCredentials muleCredentials = new MuleCredentials(str, getSecurityManager());
        JaasAuthentication jaasAuthentication = new JaasAuthentication(muleCredentials);
        jaasAuthentication.setEvent(muleEvent);
        try {
            Authentication authenticate = getSecurityManager().authenticate(jaasAuthentication);
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("Authentication success: " + authenticate.toString());
            }
            SecurityContext createSecurityContext = getSecurityManager().createSecurityContext(authenticate);
            createSecurityContext.setAuthentication(authenticate);
            muleEvent.getSession().setSecurityContext(createSecurityContext);
        } catch (SecurityException e) {
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("Security Exception raised. Authentication request for user: " + muleCredentials.getUsername() + " failed: " + e.toString());
            }
            throw e;
        } catch (Exception e2) {
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("Authentication request for user: " + muleCredentials.getUsername() + " failed: " + e2.toString());
            }
            throw new UnauthorisedException(CoreMessages.authFailedForUser(muleCredentials.getUsername()), muleEvent, e2);
        }
    }

    @Override // org.mule.security.AbstractEndpointSecurityFilter
    protected void authenticateOutbound(MuleEvent muleEvent) throws SecurityException, SecurityProviderNotFoundException, CryptoFailureException {
        SecurityContext securityContext = muleEvent.getSession().getSecurityContext();
        if (securityContext == null) {
            if (isAuthenticate()) {
                throw new UnauthorisedException(muleEvent, securityContext, this);
            }
            return;
        }
        Authentication authentication = securityContext.getAuthentication();
        if (isAuthenticate()) {
            authentication = getSecurityManager().authenticate(authentication);
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("Authentication success: " + authentication.toString());
            }
        }
        getCredentialsAccessor().setCredentials(muleEvent, authentication.getCredentials().toString());
    }

    @Override // org.mule.security.AbstractSecurityFilter
    protected void doInitialise() throws InitialisationException {
    }
}
