package org.astrogrid.security;

import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.security.auth.Subject;
import javax.security.auth.x500.X500Principal;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.astrogrid.security.delegation.Delegations;

/* loaded from: input_file:org/astrogrid/security/HttpsServiceSecurityGuard.class */
public class HttpsServiceSecurityGuard extends SecurityGuard {
    static Log log = LogFactory.getLog(HttpsServiceSecurityGuard.class);

    public HttpsServiceSecurityGuard() {
    }

    public HttpsServiceSecurityGuard(Subject subject) {
        super(subject);
    }

    public void loadHttpsAuthentication(HttpServletRequest httpServletRequest) throws CertificateException {
        X509Certificate[] x509CertificateArr = (X509Certificate[]) httpServletRequest.getAttribute("javax.servlet.request.X509Certificate");
        if (x509CertificateArr != null) {
            setCertificateChain(x509CertificateArr);
        }
        if (httpServletRequest.isSecure()) {
            setX500PrincipalFromCertificateChain();
        }
    }

    public void loadDelegation() throws CertificateException {
        X500Principal x500Principal = getX500Principal();
        if (x500Principal != null) {
            Delegations delegations = Delegations.getInstance();
            String num = Integer.toString(x500Principal.hashCode());
            if (delegations.hasCertificate(num)) {
                X509Certificate certificate = delegations.getCertificate(num);
                X509Certificate[] certificateChain = getCertificateChain();
                X509Certificate[] x509CertificateArr = new X509Certificate[certificateChain.length + 1];
                x509CertificateArr[0] = certificate;
                for (int i = 1; i < x509CertificateArr.length; i++) {
                    x509CertificateArr[i] = certificateChain[i - 1];
                }
                setCertificateChain(x509CertificateArr);
                setPrivateKey(delegations.getPrivateKey(num));
            }
        }
    }

    public boolean isAnonymous() {
        return getSubject().getPrincipals().size() == 0;
    }
}
