package net.shibboleth.idp.authn.impl;

import java.security.cert.X509Certificate;
import javax.annotation.Nonnull;
import javax.servlet.http.HttpServletRequest;
import net.shibboleth.idp.authn.AbstractExtractionAction;
import net.shibboleth.idp.authn.context.AuthenticationContext;
import net.shibboleth.idp.authn.context.CertificateContext;
import org.opensaml.profile.action.ActionSupport;
import org.opensaml.profile.context.ProfileRequestContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/shibboleth/idp/authn/impl/ExtractX509CertificateFromRequest.class */
public class ExtractX509CertificateFromRequest extends AbstractExtractionAction {

    @Nonnull
    private final Logger log = LoggerFactory.getLogger(ExtractX509CertificateFromRequest.class);

    protected void doExecute(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull AuthenticationContext authenticationContext) {
        CertificateContext certificateContext = new CertificateContext();
        authenticationContext.addSubcontext(certificateContext, true);
        HttpServletRequest httpServletRequest = getHttpServletRequest();
        if (httpServletRequest == null) {
            this.log.warn("{} Profile action does not contain an HttpServletRequest", getLogPrefix());
            ActionSupport.buildEvent(profileRequestContext, "NoCredentials");
            return;
        }
        X509Certificate[] x509CertificateArr = (X509Certificate[]) httpServletRequest.getAttribute("javax.servlet.request.X509Certificate");
        if (x509CertificateArr == null || x509CertificateArr.length == 0) {
            x509CertificateArr = (X509Certificate[]) httpServletRequest.getAttribute("jakarta.servlet.request.X509Certificate");
        }
        if (x509CertificateArr == null || x509CertificateArr.length == 0) {
            this.log.info("{} No X.509 certificate found in request", getLogPrefix());
            ActionSupport.buildEvent(profileRequestContext, "NoCredentials");
            return;
        }
        this.log.debug("{} {} X.509 Certificate(s) found in request", getLogPrefix(), Integer.valueOf(x509CertificateArr.length));
        X509Certificate x509Certificate = x509CertificateArr[0];
        this.log.debug("{} End-entity X.509 certificate found with subject '{}', issued by '{}'", new Object[]{getLogPrefix(), x509Certificate.getSubjectX500Principal().getName(), x509Certificate.getIssuerX500Principal().getName()});
        certificateContext.setCertificate(x509Certificate);
        for (int i = 1; i < x509CertificateArr.length; i++) {
            certificateContext.getIntermediates().add(x509CertificateArr[i]);
        }
    }
}
