package org.restlet.security;

import java.security.Principal;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import org.restlet.Context;
import org.restlet.Request;
import org.restlet.Response;
import org.restlet.data.Status;

/* loaded from: input_file:META-INF/repository/fuse-eap-distro-6.3.0.redhat-371-04.zip:modules/system/layers/fuse/org/restlet/main/org.restlet-2.3.6.jar:org/restlet/security/CertificateAuthenticator.class */
public class CertificateAuthenticator extends Authenticator {
    public CertificateAuthenticator(Context context) {
        super(context);
    }

    protected List<Principal> getPrincipals(List<Certificate> list) {
        ArrayList arrayList = null;
        if (list == null || list.size() <= 0) {
            return null;
        }
        Certificate certificate = list.get(0);
        if (certificate instanceof X509Certificate) {
            arrayList = new ArrayList();
            arrayList.add(((X509Certificate) certificate).getSubjectX500Principal());
        }
        return arrayList;
    }

    protected User getUser(Principal principal) {
        if (principal != null) {
            return new User(principal.getName());
        }
        return null;
    }

    @Override // org.restlet.security.Authenticator
    protected boolean authenticate(Request request, Response response) {
        List<Principal> principals = getPrincipals(request.getClientInfo().getCertificates());
        if (principals == null || principals.size() <= 0) {
            response.setStatus(Status.CLIENT_ERROR_UNAUTHORIZED);
            return false;
        }
        request.getClientInfo().getPrincipals().addAll(principals);
        User user = getUser(principals.get(0));
        if (user == null) {
            return true;
        }
        request.getClientInfo().setUser(user);
        return true;
    }
}
