package org.jboss.wsf.stack.cxf.security.authentication;

import javax.security.auth.Subject;
import org.apache.cxf.common.security.SecurityToken;
import org.apache.cxf.common.security.TokenType;
import org.apache.cxf.common.security.UsernameToken;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.Message;
import org.apache.cxf.security.SecurityContext;
import org.apache.wss4j.common.principal.UsernameTokenPrincipal;
import org.jboss.security.plugins.JBossAuthenticationManager;
import org.jboss.wsf.stack.cxf.i18n.Loggers;
import org.jboss.wsf.stack.cxf.i18n.Messages;

/* loaded from: input_file:org/jboss/wsf/stack/cxf/security/authentication/AuthenticationMgrSubjectCreatingInterceptor.class */
public class AuthenticationMgrSubjectCreatingInterceptor extends SubjectCreatingPolicyInterceptor {
    @Override // org.jboss.wsf.stack.cxf.security.authentication.SubjectCreatingPolicyInterceptor
    public void handleMessage(Message message) throws Fault {
        Subject createSubject;
        JBossAuthenticationManager jBossAuthenticationManager = (JBossAuthenticationManager) message.get(JBossAuthenticationManager.class);
        if (jBossAuthenticationManager == null) {
            return;
        }
        SecurityContext securityContext = (SecurityContext) message.get(SecurityContext.class);
        if (securityContext == null || securityContext.getUserPrincipal() == null) {
            Loggers.SECURITY_LOGGER.userPrincipalNotAvailableOnCurrentMessage();
            return;
        }
        UsernameToken usernameToken = (SecurityToken) message.get(SecurityToken.class);
        if (usernameToken == null) {
            UsernameTokenPrincipal userPrincipal = securityContext.getUserPrincipal();
            if (!(userPrincipal instanceof UsernameTokenPrincipal)) {
                throw Messages.MESSAGES.couldNotGetSubjectInfo();
            }
            UsernameTokenPrincipal usernameTokenPrincipal = userPrincipal;
            createSubject = this.helper.createSubject(jBossAuthenticationManager, usernameTokenPrincipal.getName(), usernameTokenPrincipal.getPassword(), usernameTokenPrincipal.isPasswordDigest(), usernameTokenPrincipal.getNonce(), usernameTokenPrincipal.getCreatedTime());
        } else {
            if (usernameToken.getTokenType() != TokenType.UsernameToken) {
                throw Messages.MESSAGES.unsupportedTokenType(usernameToken.getTokenType());
            }
            UsernameToken usernameToken2 = usernameToken;
            createSubject = this.helper.createSubject(jBossAuthenticationManager, usernameToken2.getName(), usernameToken2.getPassword(), usernameToken2.isHashed(), usernameToken2.getNonce(), usernameToken2.getCreatedTime());
        }
        message.put(SecurityContext.class, createSecurityContext(getPrincipal(securityContext.getUserPrincipal(), createSubject), createSubject));
    }
}
