package org.zowe.apiml.gateway.security.login.x509;

import java.security.cert.X509Certificate;
import javax.naming.InvalidNameException;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
import lombok.Generated;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.stereotype.Component;

@Component
@ConditionalOnExpression("T(org.springframework.util.StringUtils).isEmpty('${apiml.security.x509.externalMapperUrl}')")
/* loaded from: input_file:BOOT-INF/classes/org/zowe/apiml/gateway/security/login/x509/X509CommonNameUserMapper.class */
public class X509CommonNameUserMapper extends X509AbstractMapper {

    @Generated
    private static final Logger log = LoggerFactory.getLogger((Class<?>) X509CommonNameUserMapper.class);

    @Override // org.zowe.apiml.gateway.security.login.x509.X509AuthenticationMapper
    public String mapCertificateToMainframeUserId(X509Certificate x509Certificate) {
        if (!isClientAuthCertificate(x509Certificate)) {
            return null;
        }
        for (Rdn rdn : getLdapName(x509Certificate.getSubjectX500Principal().getName()).getRdns()) {
            if ("cn".equalsIgnoreCase(rdn.getType())) {
                return String.valueOf(rdn.getValue());
            }
        }
        return null;
    }

    public LdapName getLdapName(String str) {
        try {
            return new LdapName(str);
        } catch (InvalidNameException e) {
            throw new AuthenticationServiceException("Not able to create ldap name from certificate. Cause: " + e.getMessage(), e);
        }
    }
}
