package org.zowe.apiml.gateway.security.login.x509;

import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.List;
import lombok.Generated;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.AuthenticationServiceException;

/* loaded from: input_file:org/zowe/apiml/gateway/security/login/x509/X509AbstractMapper.class */
public abstract class X509AbstractMapper implements X509AuthenticationMapper {

    @Generated
    private static final Logger log = LoggerFactory.getLogger(X509AbstractMapper.class);
    private static final String CLIENT_AUTH_OID = "1.3.6.1.5.5.7.3.2";

    public boolean isClientAuthCertificate(X509Certificate x509Certificate) {
        try {
            List<String> extendedKeyUsage = x509Certificate.getExtendedKeyUsage();
            if (extendedKeyUsage == null) {
                log.debug("X509 certificate is missing the client certificate extended usage definition");
                return false;
            }
            boolean contains = extendedKeyUsage.contains(CLIENT_AUTH_OID);
            if (contains) {
                log.debug("X509 certificate does contain the client certificate extended usage definition.");
            } else {
                log.debug("X509 certificate is missing the client certificate extended usage definition.");
            }
            return contains;
        } catch (CertificateParsingException e) {
            throw new AuthenticationServiceException("Can't get extensions from certificate");
        }
    }
}
