package org.apache.cxf.rs.security.saml.authorization;

import org.apache.cxf.interceptor.security.SAMLSecurityContext;
import org.apache.cxf.message.Message;
import org.apache.cxf.rs.security.saml.SAMLUtils;
import org.apache.cxf.rs.security.saml.assertion.Claim;
import org.apache.cxf.rs.security.saml.assertion.Claims;
import org.apache.cxf.rs.security.saml.assertion.Subject;
import org.apache.cxf.security.SecurityContext;
import org.apache.ws.security.saml.ext.AssertionWrapper;

/* loaded from: input_file:org/apache/cxf/rs/security/saml/authorization/SecurityContextProviderImpl.class */
public class SecurityContextProviderImpl implements SecurityContextProvider {
    private static final String ROLE_QUALIFIER_PROPERTY = "org.apache.cxf.saml.claims.role.qualifier";
    private static final String ROLE_NAMEFORMAT_PROPERTY = "org.apache.cxf.saml.claims.role.nameformat";

    @Override // org.apache.cxf.rs.security.saml.authorization.SecurityContextProvider
    public SecurityContext getSecurityContext(Message message, AssertionWrapper assertionWrapper) {
        Claims claims = getClaims(assertionWrapper);
        SAMLSecurityContext doGetSecurityContext = doGetSecurityContext(message, getSubject(message, assertionWrapper, claims), claims);
        if (doGetSecurityContext instanceof SAMLSecurityContext) {
            doGetSecurityContext.setAssertionElement(assertionWrapper.getElement());
        }
        return doGetSecurityContext;
    }

    protected Claims getClaims(AssertionWrapper assertionWrapper) {
        return SAMLUtils.getClaims(assertionWrapper);
    }

    protected Subject getSubject(Message message, AssertionWrapper assertionWrapper, Claims claims) {
        return SAMLUtils.getSubject(message, assertionWrapper);
    }

    protected SecurityContext doGetSecurityContext(Message message, Subject subject, Claims claims) {
        String str = (String) message.getContextualProperty(ROLE_QUALIFIER_PROPERTY);
        String str2 = (String) message.getContextualProperty(ROLE_NAMEFORMAT_PROPERTY);
        return new JAXRSSAMLSecurityContext(new SubjectPrincipal(getSubjectPrincipalName(subject, claims), subject), claims, str == null ? Claim.DEFAULT_ROLE_NAME : str, str2 == null ? Claim.DEFAULT_NAME_FORMAT : str2);
    }

    protected String getSubjectPrincipalName(Subject subject, Claims claims) {
        return subject.getName();
    }
}
