package org.jboss.ws.extensions.security.operation;

import java.security.Principal;
import java.security.cert.X509Certificate;
import org.jboss.logging.Logger;
import org.jboss.security.CertificatePrincipal;
import org.jboss.security.auth.certs.SubjectDNMapping;
import org.jboss.ws.extensions.security.element.Token;
import org.jboss.ws.extensions.security.element.X509Token;
import org.jboss.ws.extensions.security.exception.WSSecurityException;
import org.jboss.wsf.spi.SPIProviderResolver;
import org.jboss.wsf.spi.invocation.SecurityAdaptor;
import org.jboss.wsf.spi.invocation.SecurityAdaptorFactory;
import org.w3c.dom.Document;

/* loaded from: input_file:org/jboss/ws/extensions/security/operation/ReceiveX509Certificate.class */
public class ReceiveX509Certificate implements TokenOperation {
    private static Logger log = Logger.getLogger((Class<?>) ReceiveX509Certificate.class);
    private SecurityAdaptorFactory secAdapterfactory = (SecurityAdaptorFactory) SPIProviderResolver.getInstance().getProvider().getSPI(SecurityAdaptorFactory.class);
    private CertificatePrincipal certMapping;

    public ReceiveX509Certificate(String str) {
        if (str != null && !str.equals("")) {
            try {
                this.certMapping = (CertificatePrincipal) SecurityActions.getContextClassLoader().loadClass(str).newInstance();
            } catch (Exception e) {
                log.error("Failed to load CertificatePrincipal '" + str + "', using default SubjectDNMapping.", e);
            }
        }
        if (this.certMapping == null) {
            this.certMapping = new SubjectDNMapping();
        }
    }

    @Override // org.jboss.ws.extensions.security.operation.TokenOperation
    public void process(Document document, Token token) throws WSSecurityException {
        if (token == null || !(token instanceof X509Token)) {
            throw new IllegalArgumentException("Token " + token + " is not a X509Token!");
        }
        X509Certificate cert = ((X509Token) token).getCert();
        Principal prinicipal = this.certMapping.toPrinicipal(new X509Certificate[]{cert});
        SecurityAdaptor newSecurityAdapter = this.secAdapterfactory.newSecurityAdapter();
        newSecurityAdapter.setPrincipal(prinicipal);
        newSecurityAdapter.setCredential(cert);
    }
}
