package org.jboss.bpm.console.server;

import java.net.HttpURLConnection;
import java.util.Map;
import org.overlord.commons.auth.jboss7.SAMLBearerTokenUtil;

/* loaded from: input_file:WEB-INF/classes/org/jboss/bpm/console/server/RestProxySAMLBearerTokenAuthProvider.class */
public class RestProxySAMLBearerTokenAuthProvider implements RestProxyAuthProvider {
    public static final String SAML_AUTH_ISSUER = "bpel-console.rest-proxy.authentication.saml.issuer";
    public static final String SAML_AUTH_SERVICE = "bpel-console.rest-proxy.authentication.saml.service";
    public static final String SAML_AUTH_SIGN_ASSERTIONS = "bpel-console.rest-proxy.authentication.saml.sign-assertions";
    public static final String SAML_AUTH_KEYSTORE = "bpel-console.rest-proxy.authentication.saml.keystore";
    public static final String SAML_AUTH_KEYSTORE_PASSWORD = "bpel-console.rest-proxy.authentication.saml.keystore-password";
    public static final String SAML_AUTH_KEY_ALIAS = "bpel-console.rest-proxy.authentication.saml.key-alias";
    public static final String SAML_AUTH_KEY_PASSWORD = "bpel-console.rest-proxy.authentication.saml.key-password";
    private Map<String, String> configProperties;

    @Override // org.jboss.bpm.console.server.RestProxyAuthProvider
    public void setConfiguration(Map<String, String> map) {
        this.configProperties = map;
    }

    @Override // org.jboss.bpm.console.server.RestProxyAuthProvider
    public void provideAuthentication(HttpURLConnection httpURLConnection) {
        httpURLConnection.setRequestProperty("Authorization", RestProxyBasicAuthProvider.createBasicAuthHeader("SAML-BEARER-TOKEN", createSAMLBearerTokenAssertion()));
    }

    private String createSAMLBearerTokenAssertion() {
        String createSAMLAssertion = SAMLBearerTokenUtil.createSAMLAssertion(getIssuer(), getService());
        if (isSignAssertions()) {
            try {
                createSAMLAssertion = SAMLBearerTokenUtil.signSAMLAssertion(createSAMLAssertion, SAMLBearerTokenUtil.getKeyPair(SAMLBearerTokenUtil.loadKeystore(getKeystorePath(), getKeystorePassword()), getAlias(), getAliasPassword()));
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }
        return createSAMLAssertion;
    }

    private String getIssuer() {
        return this.configProperties.get(SAML_AUTH_ISSUER);
    }

    private String getService() {
        return this.configProperties.get(SAML_AUTH_SERVICE);
    }

    private boolean isSignAssertions() {
        return "true".equals(this.configProperties.get(SAML_AUTH_SIGN_ASSERTIONS));
    }

    protected String getKeystorePath() {
        return this.configProperties.get(SAML_AUTH_KEYSTORE);
    }

    protected String getKeystorePassword() {
        return this.configProperties.get(SAML_AUTH_KEYSTORE_PASSWORD);
    }

    protected String getAlias() {
        return this.configProperties.get(SAML_AUTH_KEY_ALIAS);
    }

    protected String getAliasPassword() {
        return this.configProperties.get(SAML_AUTH_KEY_PASSWORD);
    }
}
