package org.zowe.apiml.gateway.x509;

import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.Base64;
import java.util.Collections;
import lombok.Generated;
import org.apache.commons.lang3.ArrayUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.server.reactive.SslInfo;
import org.springframework.security.authentication.ReactiveAuthenticationManager;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.web.authentication.preauth.x509.SubjectDnX509PrincipalExtractor;
import org.springframework.security.web.authentication.preauth.x509.X509PrincipalExtractor;
import org.zowe.apiml.security.common.token.X509AuthenticationToken;
import reactor.core.publisher.Mono;

/* loaded from: input_file:org/zowe/apiml/gateway/x509/X509Util.class */
public final class X509Util {

    @Generated
    private static final Logger log = LoggerFactory.getLogger(X509Util.class);

    /* loaded from: input_file:org/zowe/apiml/gateway/x509/X509Util$X509Principal.class */
    public static final class X509Principal {
        private final X509Certificate x509Certificate;
        private final String username;

        @Generated
        public X509Principal(X509Certificate x509Certificate, String str) {
            this.x509Certificate = x509Certificate;
            this.username = str;
        }

        @Generated
        public X509Certificate getX509Certificate() {
            return this.x509Certificate;
        }

        @Generated
        public String getUsername() {
            return this.username;
        }

        @Generated
        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof X509Principal)) {
                return false;
            }
            X509Principal x509Principal = (X509Principal) obj;
            X509Certificate x509Certificate = getX509Certificate();
            X509Certificate x509Certificate2 = x509Principal.getX509Certificate();
            if (x509Certificate == null) {
                if (x509Certificate2 != null) {
                    return false;
                }
            } else if (!x509Certificate.equals(x509Certificate2)) {
                return false;
            }
            String username = getUsername();
            String username2 = x509Principal.getUsername();
            return username == null ? username2 == null : username.equals(username2);
        }

        @Generated
        public int hashCode() {
            X509Certificate x509Certificate = getX509Certificate();
            int hashCode = (1 * 59) + (x509Certificate == null ? 43 : x509Certificate.hashCode());
            String username = getUsername();
            return (hashCode * 59) + (username == null ? 43 : username.hashCode());
        }

        @Generated
        public String toString() {
            return "X509Util.X509Principal(x509Certificate=" + getX509Certificate() + ", username=" + getUsername() + ")";
        }
    }

    public static String getEncodedClientCertificate(SslInfo sslInfo) throws CertificateEncodingException {
        if (sslInfo == null) {
            return null;
        }
        X509Certificate[] peerCertificates = sslInfo.getPeerCertificates();
        if (ArrayUtils.isEmpty(peerCertificates)) {
            return null;
        }
        return Base64.getEncoder().encodeToString(peerCertificates[0].getEncoded());
    }

    public static X509PrincipalExtractor x509PrincipalExtractor() {
        return new SubjectDnX509PrincipalExtractor() { // from class: org.zowe.apiml.gateway.x509.X509Util.1
            public Object extractPrincipal(X509Certificate x509Certificate) {
                return new X509Principal(x509Certificate, (String) super.extractPrincipal(x509Certificate));
            }
        };
    }

    public static ReactiveAuthenticationManager x509ReactiveAuthenticationManager() {
        return authentication -> {
            X509AuthenticationToken x509AuthenticationToken = new X509AuthenticationToken(Collections.singleton(new SimpleGrantedAuthority("TRUSTED_CERTIFICATE")), new X509Certificate[]{((X509Principal) authentication.getPrincipal()).getX509Certificate()});
            x509AuthenticationToken.setAuthenticated(true);
            return Mono.just(x509AuthenticationToken);
        };
    }

    @Generated
    private X509Util() {
        throw new UnsupportedOperationException("This is a utility class and cannot be instantiated");
    }
}
