package org.jboss.internal.soa.esb.services.security;

import java.security.Principal;
import java.util.Iterator;
import java.util.Set;
import javax.security.auth.Subject;
import org.jboss.internal.soa.esb.assertion.AssertArgument;
import org.jboss.security.RunAsIdentity;
import org.jboss.security.SecurityAssociation;
import org.jboss.soa.esb.services.security.SecurityConfig;
import org.jboss.soa.esb.services.security.SecurityContext;
import org.jboss.soa.esb.services.security.principals.User;

/* loaded from: input_file:org/jboss/internal/soa/esb/services/security/JBossASContextPropagator.class */
public final class JBossASContextPropagator implements SecurityContextPropagator {
    @Override // org.jboss.internal.soa.esb.services.security.SecurityContextPropagator
    public void pushSecurityContext(SecurityContext securityContext, Set<?> set, SecurityConfig securityConfig) {
        AssertArgument.isNotNull(securityContext, "context");
        Subject subject = securityContext.getSubject();
        Principal principal = getPrincipal(subject);
        Object obj = null;
        if (set != null && !set.isEmpty()) {
            obj = set.iterator().next();
        }
        SecurityAssociation.pushSubjectContext(subject, principal, obj);
        if (isRunAsSet(securityConfig)) {
            SecurityAssociation.pushRunAsIdentity(new RunAsIdentity(securityConfig.getRunAs(), principal.getName()));
        }
    }

    @Override // org.jboss.internal.soa.esb.services.security.SecurityContextPropagator
    public void popSecurityContext(SecurityContext securityContext, SecurityConfig securityConfig) {
        SecurityAssociation.popSubjectContext();
        if (isRunAsSet(securityConfig)) {
            SecurityAssociation.popRunAsIdentity();
        }
    }

    private Principal getPrincipal(Subject subject) {
        Iterator<Principal> it = subject.getPrincipals().iterator();
        return it.hasNext() ? it.next() : new User("NullPrincipal");
    }

    private boolean isRunAsSet(SecurityConfig securityConfig) {
        return (securityConfig == null || securityConfig.getRunAs() == null) ? false : true;
    }
}
