package org.opensaml.common.binding.security;

import org.opensaml.common.binding.SAMLMessageContext;
import org.opensaml.security.MetadataCriteria;
import org.opensaml.ws.message.MessageContext;
import org.opensaml.ws.security.SecurityPolicyException;
import org.opensaml.ws.security.provider.CertificateNameOptions;
import org.opensaml.ws.security.provider.ClientCertAuthRule;
import org.opensaml.xml.security.CriteriaSet;
import org.opensaml.xml.security.trust.TrustEngine;
import org.opensaml.xml.security.x509.X509Credential;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:META-INF/repository/fuse-eap-distro-6.2.1.redhat-211.zip:modules/system/layers/fuse/org/opensaml/2.6/opensaml-2.6.1.jar:org/opensaml/common/binding/security/SAMLMDClientCertAuthRule.class */
public class SAMLMDClientCertAuthRule extends ClientCertAuthRule {
    private final Logger log;

    public SAMLMDClientCertAuthRule(TrustEngine<X509Credential> trustEngine, CertificateNameOptions certificateNameOptions) {
        super(trustEngine, certificateNameOptions);
        this.log = LoggerFactory.getLogger(SAMLMDClientCertAuthRule.class);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.opensaml.ws.security.provider.ClientCertAuthRule, org.opensaml.ws.security.provider.BaseTrustEngineRule
    public CriteriaSet buildCriteriaSet(String str, MessageContext messageContext) throws SecurityPolicyException {
        if (!(messageContext instanceof SAMLMessageContext)) {
            this.log.error("Supplied message context was not an instance of SAMLMessageContext, can not build criteria set from SAML metadata parameters");
            throw new SecurityPolicyException("Supplied message context was not an instance of SAMLMessageContext");
        }
        SAMLMessageContext sAMLMessageContext = (SAMLMessageContext) messageContext;
        CriteriaSet buildCriteriaSet = super.buildCriteriaSet(str, messageContext);
        buildCriteriaSet.add(new MetadataCriteria(sAMLMessageContext.getPeerEntityRole(), sAMLMessageContext.getInboundSAMLProtocol()));
        return buildCriteriaSet;
    }
}
