package be.ehealth.technicalconnector.handler;

import be.ehealth.technicalconnector.exception.TechnicalConnectorException;
import be.ehealth.technicalconnector.exception.TechnicalConnectorExceptionValues;
import be.ehealth.technicalconnector.handler.AbstractWsSecurityHandler;
import be.ehealth.technicalconnector.service.sts.security.Credential;
import be.ehealth.technicalconnector.service.sts.security.impl.KeyPairCredential;
import be.ehealth.technicalconnector.session.Session;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.concurrent.TimeUnit;
import javax.xml.ws.handler.soap.SOAPMessageContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:be/ehealth/technicalconnector/handler/CertificateCallback.class */
public class CertificateCallback extends AbstractWsSecurityHandler {
    private static final Logger LOG = LoggerFactory.getLogger(CertificateCallback.class);
    private Credential cred;

    public CertificateCallback() throws TechnicalConnectorException {
    }

    public CertificateCallback(X509Certificate x509Certificate, PrivateKey privateKey) {
        this.cred = new KeyPairCredential(privateKey, x509Certificate);
    }

    public CertificateCallback(Credential credential) {
        this.cred = credential;
    }

    @Override // be.ehealth.technicalconnector.handler.AbstractWsSecurityHandler
    protected void addWSSecurity(SOAPMessageContext sOAPMessageContext) throws TechnicalConnectorException {
        Credential credential = this.cred;
        if (credential == null) {
            LOG.debug("[Lazy Loading] Trying to load SAMLToken from session.");
            credential = Session.getInstance().getSession().getHolderOfKeyCredential();
            if (credential == null) {
                throw new TechnicalConnectorException(TechnicalConnectorExceptionValues.ERROR_TECHNICAL, "Unable to lazy load credential.");
            }
        }
        buildSignature().on(sOAPMessageContext).withTimeStamp(getTimeStampTTL(), TimeUnit.SECONDS).withBinarySecurityToken(credential).sign(AbstractWsSecurityHandler.SignedParts.BODY, AbstractWsSecurityHandler.SignedParts.TIMESTAMP, AbstractWsSecurityHandler.SignedParts.BST);
    }

    @Override // be.ehealth.technicalconnector.handler.AbstractWsSecurityHandler
    protected Logger getLogger() {
        return LOG;
    }
}
