package org.picketlink.identity.federation.bindings.tomcat;

import io.undertow.server.protocol.ajp.AjpRequestParser;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.servlet.ServletException;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
import org.apache.catalina.valves.ValveBase;
import org.picketlink.common.PicketLinkLogger;
import org.picketlink.common.PicketLinkLoggerFactory;

/* loaded from: input_file:eap7/api-jars/picketlink-wildfly8-2.5.5.SP1.jar:org/picketlink/identity/federation/bindings/tomcat/SSLValve.class */
public class SSLValve extends ValveBase {
    protected static final PicketLinkLogger logger = PicketLinkLoggerFactory.getLogger();

    @Override // org.apache.catalina.valves.ValveBase, org.apache.catalina.Valve
    public void invoke(Request request, Response response) throws IOException, ServletException {
        String header = request.getHeader("ssl_client_cert");
        if (isNotNull(header)) {
            String replace = header.replace(' ', '\n');
            String concat = new String("-----BEGIN CERTIFICATE-----\n").concat(replace.substring(28, replace.length() - 26)).concat("\n-----END CERTIFICATE-----\n");
            X509Certificate[] x509CertificateArr = null;
            try {
                x509CertificateArr = new X509Certificate[]{(X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(concat.getBytes()))};
            } catch (CertificateException e) {
                logger.error("SSLValve failed :" + concat);
                logger.error(e);
            }
            request.setAttribute("javax.servlet.request.X509Certificate", x509CertificateArr);
        }
        String header2 = request.getHeader(AjpRequestParser.SSL_CIPHER);
        if (isNotNull(header2)) {
            request.setAttribute("javax.servlet.request.cipher_suite", header2);
        }
        String header3 = request.getHeader("ssl_session_id");
        if (isNotNull(header3)) {
            request.setAttribute("javax.servlet.request.ssl_session", header3);
        }
        String header4 = request.getHeader("ssl_cipher_usekeysize");
        if (isNotNull(header4)) {
            request.setAttribute("javax.servlet.request.key_size", header4);
        }
        getNext().invoke(request, response);
    }

    private boolean isNotNull(String str) {
        return (str == null || "".equals(str.trim())) ? false : true;
    }
}
