package com.wso2.openbanking.accelerator.gateway.handler;

import com.wso2.openbanking.accelerator.gateway.internal.GatewayDataHolder;
import com.wso2.openbanking.accelerator.gateway.util.GatewayConstants;
import com.wso2.openbanking.accelerator.gateway.util.GatewayUtils;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.Map;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.synapse.MessageContext;
import org.apache.synapse.core.axis2.Axis2MessageContext;
import org.apache.synapse.rest.AbstractHandler;

/* loaded from: input_file:com/wso2/openbanking/accelerator/gateway/handler/GatewayClientAuthenticationHandler.class */
public class GatewayClientAuthenticationHandler extends AbstractHandler {
    private static final Log log = LogFactory.getLog(GatewayClientAuthenticationHandler.class);

    public boolean handleRequest(MessageContext messageContext) {
        log.debug("Gateway Client Authentication Handler engaged");
        org.apache.axis2.context.MessageContext axis2MessageContext = ((Axis2MessageContext) messageContext).getAxis2MessageContext();
        X509Certificate extractAuthCertificateFromMessageContext = GatewayUtils.extractAuthCertificateFromMessageContext(axis2MessageContext);
        Map map = (Map) axis2MessageContext.getProperty("TRANSPORT_HEADERS");
        if (extractAuthCertificateFromMessageContext == null) {
            log.debug(GatewayConstants.TRANSPORT_CERT_NOT_FOUND);
            GatewayUtils.returnSynapseHandlerJSONError(messageContext, "400", GatewayUtils.getOAuth2JsonErrorBody(GatewayConstants.INVALID_REQUEST, GatewayConstants.TRANSPORT_CERT_NOT_FOUND));
            return true;
        }
        log.debug("Valid certificate found in request");
        try {
            String clientTransportCertHeaderName = GatewayDataHolder.getInstance().getClientTransportCertHeaderName();
            String pEMEncodedCertificateString = GatewayUtils.getPEMEncodedCertificateString(extractAuthCertificateFromMessageContext);
            if (GatewayDataHolder.getInstance().isUrlEncodeClientTransportCertHeaderEnabled()) {
                log.debug("URL encoding pem encoded transport certificate");
                pEMEncodedCertificateString = URLEncoder.encode(pEMEncodedCertificateString, "UTF-8");
            }
            map.put(clientTransportCertHeaderName, pEMEncodedCertificateString);
            axis2MessageContext.setProperty("TRANSPORT_HEADERS", map);
            if (log.isDebugEnabled()) {
                log.debug(String.format("Added encoded transport certificate in header %s", clientTransportCertHeaderName));
            }
            return true;
        } catch (UnsupportedEncodingException | CertificateEncodingException e) {
            log.error("Unable to encode client transport certificate", e);
            GatewayUtils.returnSynapseHandlerJSONError(messageContext, "400", GatewayUtils.getOAuth2JsonErrorBody(GatewayConstants.INVALID_REQUEST, GatewayConstants.TRANSPORT_CERT_MALFORMED));
            return true;
        }
    }

    public boolean handleResponse(MessageContext messageContext) {
        return true;
    }
}
