package ch.ivyteam.ivy.webservice.process.internal;

import ch.ivyteam.ivy.persistence.PersistencyException;
import ch.ivyteam.ivy.security.AuthenticationException;
import ch.ivyteam.ivy.security.ISecurityContext;
import ch.ivyteam.security.Password;
import java.util.Map;
import javax.security.auth.Subject;
import org.apache.cxf.common.security.SimplePrincipal;
import org.apache.cxf.ws.security.wss4j.AbstractUsernameTokenAuthenticatingInterceptor;

/* loaded from: input_file:ch/ivyteam/ivy/webservice/process/internal/IvyWsSecurityAuthenticationInterceptor.class */
public class IvyWsSecurityAuthenticationInterceptor extends AbstractUsernameTokenAuthenticatingInterceptor {
    private SessionProvider sessionProvider;

    public IvyWsSecurityAuthenticationInterceptor(Map<String, Object> map, ISecurityContext iSecurityContext) {
        super(map);
        setSupportDigestPasswords(true);
        this.sessionProvider = new SessionProvider(iSecurityContext);
    }

    @Override // org.apache.cxf.ws.security.wss4j.AbstractUsernameTokenAuthenticatingInterceptor
    protected Subject createSubject(String str, String str2, boolean z, String str3, String str4) throws SecurityException {
        if (z) {
            throw new SecurityException("Digest authetication is not yet supported");
        }
        try {
            this.sessionProvider.createAndRegister().authenticateSessionUser(str, new Password(str2));
            Subject subject = new Subject();
            subject.getPrincipals().add(new SimplePrincipal(str));
            return subject;
        } catch (AuthenticationException e) {
            throw new SecurityException("Could not authenticate user " + str, e);
        } catch (PersistencyException e2) {
            throw new SecurityException("Could not authenticate user " + str, e2);
        }
    }
}
