package org.wildfly.security.http.impl;

import javax.net.ssl.SSLSession;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.wildfly.security._private.ElytronMessages;
import org.wildfly.security.auth.callback.AuthenticationCompleteCallback;
import org.wildfly.security.auth.callback.SSLSessionAuthorizationCallback;
import org.wildfly.security.http.HttpAuthenticationException;
import org.wildfly.security.http.HttpConstants;
import org.wildfly.security.http.HttpServerAuthenticationMechanism;
import org.wildfly.security.http.HttpServerRequest;
import org.wildfly.security.mechanism.AuthenticationMechanismException;
import org.wildfly.security.mechanism.MechanismUtil;

/* loaded from: input_file:org/wildfly/security/http/impl/ClientCertAuthenticationMechanism.class */
public class ClientCertAuthenticationMechanism implements HttpServerAuthenticationMechanism {
    private final CallbackHandler callbackHandler;

    /* JADX INFO: Access modifiers changed from: package-private */
    public ClientCertAuthenticationMechanism(CallbackHandler callbackHandler) {
        this.callbackHandler = callbackHandler;
    }

    @Override // org.wildfly.security.http.HttpServerAuthenticationMechanism
    public String getMechanismName() {
        return HttpConstants.CLIENT_CERT_NAME;
    }

    @Override // org.wildfly.security.http.HttpServerAuthenticationMechanism
    public void evaluateRequest(HttpServerRequest httpServerRequest) throws HttpAuthenticationException {
        SSLSession sSLSession = httpServerRequest.getSSLSession();
        if (sSLSession == null) {
            httpServerRequest.noAuthenticationInProgress();
            return;
        }
        SSLSessionAuthorizationCallback sSLSessionAuthorizationCallback = new SSLSessionAuthorizationCallback(sSLSession);
        try {
            MechanismUtil.handleCallbacks(HttpConstants.CLIENT_CERT_NAME, this.callbackHandler, sSLSessionAuthorizationCallback);
            if (sSLSessionAuthorizationCallback.isAuthorized()) {
                try {
                    MechanismUtil.handleCallbacks(HttpConstants.CLIENT_CERT_NAME, this.callbackHandler, AuthenticationCompleteCallback.SUCCEEDED);
                    httpServerRequest.authenticationComplete();
                    return;
                } catch (UnsupportedCallbackException e) {
                    return;
                } catch (AuthenticationMechanismException e2) {
                    throw e2.toHttpAuthenticationException();
                }
            }
            try {
                MechanismUtil.handleCallbacks(HttpConstants.CLIENT_CERT_NAME, this.callbackHandler, AuthenticationCompleteCallback.FAILED);
                httpServerRequest.authenticationFailed(ElytronMessages.log.authenticationFailed(HttpConstants.CLIENT_CERT_NAME));
            } catch (UnsupportedCallbackException e3) {
            } catch (AuthenticationMechanismException e4) {
                throw e4.toHttpAuthenticationException();
            }
        } catch (UnsupportedCallbackException e5) {
            throw ElytronMessages.log.mechCallbackHandlerFailedForUnknownReason(HttpConstants.CLIENT_CERT_NAME, e5).toHttpAuthenticationException();
        } catch (AuthenticationMechanismException e6) {
            throw e6.toHttpAuthenticationException();
        }
    }
}
