package org.mule.runtime.core.internal.security;

import org.mule.runtime.api.security.Authentication;
import org.mule.runtime.api.security.SecurityException;
import org.mule.runtime.api.security.SecurityProviderNotFoundException;
import org.mule.runtime.api.security.UnknownAuthenticationTypeException;
import org.mule.runtime.core.api.InternalEvent;
import org.mule.runtime.core.api.config.MuleProperties;
import org.mule.runtime.core.api.config.i18n.CoreMessages;
import org.mule.runtime.core.api.el.ExpressionManager;
import org.mule.runtime.core.api.security.AbstractAuthenticationFilter;
import org.mule.runtime.core.api.security.DefaultMuleAuthentication;
import org.mule.runtime.core.api.security.DefaultMuleCredentials;
import org.mule.runtime.core.api.security.UnauthorisedException;

/* loaded from: input_file:org/mule/runtime/core/internal/security/UsernamePasswordAuthenticationFilter.class */
public class UsernamePasswordAuthenticationFilter extends AbstractAuthenticationFilter {
    private String username = "#[mel:message.inboundProperties.username]";
    private String password = "#[mel:message.inboundProperties.password]";

    @Override // org.mule.runtime.core.api.security.AbstractAuthenticationFilter, org.mule.runtime.core.api.security.AuthenticationFilter
    public InternalEvent authenticate(InternalEvent internalEvent) throws SecurityException, SecurityProviderNotFoundException, UnknownAuthenticationTypeException {
        Authentication authenticationToken = getAuthenticationToken(internalEvent);
        try {
            Authentication authenticate = getSecurityManager().authenticate(authenticationToken);
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("Authentication success: " + authenticate.toString());
            }
            internalEvent.getSession().setSecurityContext(getSecurityManager().createSecurityContext(authenticate));
            return internalEvent;
        } catch (UnauthorisedException e) {
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("Authentication request for user: " + this.username + " failed: " + e.toString());
            }
            throw new UnauthorisedException(CoreMessages.authFailedForUser(authenticationToken.getPrincipal().toString()), e);
        }
    }

    protected Authentication getAuthenticationToken(InternalEvent internalEvent) throws UnauthorisedException {
        ExpressionManager expressionManager = (ExpressionManager) this.registry.lookupByName(MuleProperties.OBJECT_EXPRESSION_MANAGER).get();
        Object value = expressionManager.evaluate(this.username, internalEvent).getValue();
        Object value2 = expressionManager.evaluate(this.password, internalEvent).getValue();
        if (value == null) {
            throw new UnauthorisedException(CoreMessages.authNoCredentials());
        }
        if (value2 == null) {
            throw new UnauthorisedException(CoreMessages.authNoCredentials());
        }
        return new DefaultMuleAuthentication(new DefaultMuleCredentials(value.toString(), value2.toString().toCharArray()));
    }

    public String getUsername() {
        return this.username;
    }

    public String getPassword() {
        return this.password;
    }

    public void setUsername(String str) {
        this.username = str;
    }

    public void setPassword(String str) {
        this.password = str;
    }
}
