package org.mule.runtime.core.security.filters;

import org.mule.runtime.api.lifecycle.InitialisationException;
import org.mule.runtime.api.security.Authentication;
import org.mule.runtime.api.security.SecurityException;
import org.mule.runtime.api.security.SecurityProviderNotFoundException;
import org.mule.runtime.api.security.UnknownAuthenticationTypeException;
import org.mule.runtime.core.api.Event;
import org.mule.runtime.core.api.config.i18n.CoreMessages;
import org.mule.runtime.core.api.security.CredentialsNotSetException;
import org.mule.runtime.core.api.security.CryptoFailureException;
import org.mule.runtime.core.api.security.DefaultMuleAuthentication;
import org.mule.runtime.core.api.security.DefaultMuleCredentials;
import org.mule.runtime.core.api.security.EncryptionStrategy;
import org.mule.runtime.core.api.security.EncryptionStrategyNotFoundException;
import org.mule.runtime.core.api.security.SecurityContext;
import org.mule.runtime.core.api.security.UnauthorisedException;
import org.mule.runtime.core.security.AbstractOperationSecurityFilter;
import org.mule.runtime.core.security.MuleHeaderCredentialsAccessor;

/* loaded from: input_file:org/mule/runtime/core/security/filters/MuleEncryptionEndpointSecurityFilter.class */
public class MuleEncryptionEndpointSecurityFilter extends AbstractOperationSecurityFilter {
    private EncryptionStrategy strategy;

    public MuleEncryptionEndpointSecurityFilter(EncryptionStrategy encryptionStrategy) {
        this.strategy = encryptionStrategy;
        setCredentialsAccessor(new MuleHeaderCredentialsAccessor());
    }

    @Override // org.mule.runtime.core.security.AbstractOperationSecurityFilter
    protected Event authenticateInbound(Event event) throws SecurityException, SecurityProviderNotFoundException, CryptoFailureException, EncryptionStrategyNotFoundException, UnknownAuthenticationTypeException {
        String str = (String) getCredentialsAccessor().getCredentials(event);
        if (str == null) {
            throw new CredentialsNotSetException(event, event.getSession().getSecurityContext(), this);
        }
        DefaultMuleCredentials defaultMuleCredentials = new DefaultMuleCredentials(str, getSecurityManager());
        try {
            Authentication authenticate = getSecurityManager().authenticate(new DefaultMuleAuthentication(defaultMuleCredentials));
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("Authentication success: " + authenticate.toString());
            }
            SecurityContext createSecurityContext = getSecurityManager().createSecurityContext(authenticate);
            createSecurityContext.setAuthentication(authenticate);
            event.getSession().setSecurityContext(createSecurityContext);
            return event;
        } catch (Exception e) {
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("Authentication request for user: " + defaultMuleCredentials.getUsername() + " failed: " + e.toString());
            }
            throw new UnauthorisedException(CoreMessages.authFailedForUser(defaultMuleCredentials.getUsername()), e);
        }
    }

    @Override // org.mule.runtime.core.security.AbstractSecurityFilter
    protected void doInitialise() throws InitialisationException {
        if (this.strategy == null) {
            throw new InitialisationException(CoreMessages.encryptionStrategyNotSet(), this);
        }
    }
}
