package org.mule.service.soap.security;

import com.google.common.collect.ImmutableMap;
import java.util.Map;
import java.util.Optional;
import java.util.Properties;
import org.apache.wss4j.common.ConfigurationConstants;
import org.apache.wss4j.common.crypto.Merlin;
import org.mule.runtime.extension.api.soap.security.config.WssTrustStoreConfiguration;
import org.mule.service.soap.security.callback.WSPasswordCallbackHandler;
import org.mule.service.soap.security.config.WssStoreConfigurationPropertiesBuilder;
import org.mule.service.soap.security.config.WssTrustStoreConfigurationPropertiesBuilder;

/* loaded from: input_file:lib/mule-service-soap-1.7.0-SNAPSHOT.jar:org/mule/service/soap/security/WssVerifySignatureSecurityStrategyCxfAdapter.class */
public class WssVerifySignatureSecurityStrategyCxfAdapter implements SecurityStrategyCxfAdapter {
    private static final String WS_VERIFY_SIGNATURE_PROPERTIES_KEY = "verifySignatureProperties";
    private final WssTrustStoreConfigurationPropertiesBuilder trustStoreConfiguration;

    public WssVerifySignatureSecurityStrategyCxfAdapter(WssTrustStoreConfiguration wssTrustStoreConfiguration) {
        this.trustStoreConfiguration = new WssTrustStoreConfigurationPropertiesBuilder(wssTrustStoreConfiguration);
    }

    public WssVerifySignatureSecurityStrategyCxfAdapter() {
        this.trustStoreConfiguration = null;
    }

    @Override // org.mule.service.soap.security.SecurityStrategyCxfAdapter
    public SecurityStrategyType securityType() {
        return SecurityStrategyType.INCOMING;
    }

    @Override // org.mule.service.soap.security.SecurityStrategyCxfAdapter
    public Optional<WSPasswordCallbackHandler> buildPasswordCallbackHandler() {
        return Optional.empty();
    }

    @Override // org.mule.service.soap.security.SecurityStrategyCxfAdapter
    public String securityAction() {
        return "Signature";
    }

    @Override // org.mule.service.soap.security.SecurityStrategyCxfAdapter
    public Map<String, Object> buildSecurityProperties() {
        return ImmutableMap.builder().put(ConfigurationConstants.SIG_PROP_REF_ID, WS_VERIFY_SIGNATURE_PROPERTIES_KEY).put(WS_VERIFY_SIGNATURE_PROPERTIES_KEY, this.trustStoreConfiguration != null ? this.trustStoreConfiguration.getConfigurationProperties() : getDefaultTrustStoreConfigurationProperties()).build();
    }

    private Properties getDefaultTrustStoreConfigurationProperties() {
        Properties properties = new Properties();
        properties.setProperty(WssStoreConfigurationPropertiesBuilder.WS_CRYPTO_PROVIDER_KEY, Merlin.class.getCanonicalName());
        properties.setProperty(Merlin.LOAD_CA_CERTS, String.valueOf(true));
        return properties;
    }
}
