package com.atlassian.sal.core.net.auth;

import com.atlassian.sal.core.trusted.CertificateFactory;
import com.atlassian.security.auth.trustedapps.EncryptedCertificate;
import org.apache.http.Header;
import org.apache.http.HttpRequest;
import org.apache.http.auth.AuthenticationException;
import org.apache.http.auth.ContextAwareAuthScheme;
import org.apache.http.auth.Credentials;
import org.apache.http.auth.MalformedChallengeException;
import org.apache.http.client.methods.HttpRequestWrapper;
import org.apache.http.protocol.BasicHttpContext;
import org.apache.http.protocol.HttpContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/atlassian/sal/core/net/auth/TrustedTokenScheme.class */
public class TrustedTokenScheme implements ContextAwareAuthScheme {
    private static final Logger log = LoggerFactory.getLogger(TrustedTokenScheme.class);
    private final CertificateFactory certificateFactory;

    public TrustedTokenScheme(CertificateFactory certificateFactory) {
        this.certificateFactory = certificateFactory;
    }

    public Header authenticate(Credentials credentials, HttpRequest httpRequest, HttpContext httpContext) throws AuthenticationException {
        EncryptedCertificate createCertificate = this.certificateFactory.createCertificate(credentials.getUserPrincipal().getName(), ((HttpRequestWrapper) httpRequest).getOriginal().getRequestLine().getUri());
        httpRequest.addHeader("X-Seraph-Trusted-App-ID", createCertificate.getID());
        httpRequest.addHeader("X-Seraph-Trusted-App-Cert", createCertificate.getCertificate());
        httpRequest.addHeader("X-Seraph-Trusted-App-Key", createCertificate.getSecretKey());
        Integer protocolVersion = createCertificate.getProtocolVersion();
        if (protocolVersion != null) {
            httpRequest.addHeader("X-Seraph-Trusted-App-Version", protocolVersion.toString());
        }
        httpRequest.addHeader("X-Seraph-Trusted-App-Magic", createCertificate.getMagicNumber());
        if (createCertificate.getSignature() == null) {
            return null;
        }
        httpRequest.addHeader("X-Seraph-Trusted-App-Signature", createCertificate.getSignature());
        return null;
    }

    public void processChallenge(Header header) throws MalformedChallengeException {
        log.warn("Ignoring a call to processChallenge as TrustedTokenScheme is intended for preemptive authentication only.");
    }

    public String getSchemeName() {
        return "trustedtoken";
    }

    public String getParameter(String str) {
        throw new UnsupportedOperationException("Not implemented");
    }

    public String getRealm() {
        throw new UnsupportedOperationException("Not implemented");
    }

    public boolean isConnectionBased() {
        return false;
    }

    public boolean isComplete() {
        return true;
    }

    public Header authenticate(Credentials credentials, HttpRequest httpRequest) throws AuthenticationException {
        return authenticate(credentials, httpRequest, new BasicHttpContext());
    }
}
