package org.zowe.apiml.gateway.security.mapping;

import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import lombok.Generated;
import org.apache.http.entity.ByteArrayEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
import org.springframework.stereotype.Component;
import org.zowe.apiml.gateway.security.mapping.ExternalMapper;
import org.zowe.apiml.gateway.security.mapping.model.MapperResponse;
import org.zowe.apiml.gateway.security.service.TokenCreationService;
import org.zowe.apiml.gateway.security.service.schema.source.AuthSource;
import org.zowe.apiml.gateway.security.service.schema.source.X509AuthSource;
import org.zowe.apiml.security.common.config.AuthConfigurationProperties;

@Component
@ConditionalOnExpression("!T(org.springframework.util.StringUtils).isEmpty('${apiml.security.x509.externalMapperUrl}')")
/* loaded from: input_file:BOOT-INF/classes/org/zowe/apiml/gateway/security/mapping/X509ExternalMapper.class */
public class X509ExternalMapper extends ExternalMapper implements AuthenticationMapper {

    @Generated
    private static final Logger log = LoggerFactory.getLogger((Class<?>) X509ExternalMapper.class);

    public X509ExternalMapper(CloseableHttpClient closeableHttpClient, TokenCreationService tokenCreationService, AuthConfigurationProperties authConfigurationProperties) {
        super(closeableHttpClient, tokenCreationService, ExternalMapper.Type.X509, authConfigurationProperties);
    }

    @Override // org.zowe.apiml.gateway.security.mapping.AuthenticationMapper
    public String mapToMainframeUserId(AuthSource authSource) {
        if (!(authSource instanceof X509AuthSource)) {
            return null;
        }
        try {
            MapperResponse callExternalMapper = callExternalMapper(new ByteArrayEntity(((X509Certificate) authSource.getRawSource()).getEncoded()));
            if (callExternalMapper != null) {
                return callExternalMapper.getUserId().trim();
            }
            return null;
        } catch (CertificateEncodingException e) {
            log.error("Can`t get encoded data from certificate", (Throwable) e);
            return null;
        }
    }
}
