package org.mule.extension.ws.api.security;

import com.google.common.collect.ImmutableMap;
import java.util.Map;
import java.util.Optional;
import org.mule.extension.ws.internal.security.EncryptionHelper;
import org.mule.extension.ws.internal.security.SecurityStrategyType;
import org.mule.extension.ws.internal.security.callback.WSPasswordCallbackHandler;
import org.mule.runtime.api.connection.ConnectionException;
import org.mule.runtime.api.tls.TlsContextFactory;
import org.mule.runtime.extension.api.annotation.param.Parameter;

/* loaded from: input_file:org/mule/extension/ws/api/security/WssEncryptSecurityStrategy.class */
public class WssEncryptSecurityStrategy implements SecurityStrategy {
    private static final String WS_ENCRYPT_PROPERTIES_KEY = "encryptProperties";
    private static final EncryptionHelper encryptionHelper = new EncryptionHelper();

    @Parameter
    private String alias;
    private TlsContextFactory tlsContextFactory;

    @Override // org.mule.extension.ws.api.security.SecurityStrategy
    public void initializeTlsContextFactory(TlsContextFactory tlsContextFactory) throws ConnectionException {
        if (tlsContextFactory == null) {
            throw new ConnectionException("Encrypt security strategy required a TLS context and no one was provided");
        }
        this.tlsContextFactory = tlsContextFactory;
    }

    @Override // org.mule.extension.ws.api.security.SecurityStrategy
    public SecurityStrategyType securityType() {
        return SecurityStrategyType.OUTGOING;
    }

    @Override // org.mule.extension.ws.api.security.SecurityStrategy
    public String securityAction() {
        return "Encrypt";
    }

    @Override // org.mule.extension.ws.api.security.SecurityStrategy
    public Optional<WSPasswordCallbackHandler> buildPasswordCallbackHandler() {
        return Optional.empty();
    }

    @Override // org.mule.extension.ws.api.security.SecurityStrategy
    public Map<String, Object> buildSecurityProperties() {
        return ImmutableMap.builder().put("encryptionPropRefId", WS_ENCRYPT_PROPERTIES_KEY).put(WS_ENCRYPT_PROPERTIES_KEY, this.tlsContextFactory == null ? encryptionHelper.createDefaultTrustStoreProperties() : encryptionHelper.createTrustStoreProperties(this.tlsContextFactory.getTrustStoreConfiguration())).put("encryptionUser", this.alias).build();
    }
}
