package org.apache.activemq.artemis.protocol.amqp.sasl;

import java.lang.invoke.MethodHandles;
import java.security.Principal;
import org.apache.activemq.artemis.core.remoting.CertificateUtil;
import org.apache.activemq.artemis.core.server.ActiveMQServer;
import org.apache.activemq.artemis.protocol.amqp.broker.AmqpInterceptor;
import org.apache.activemq.artemis.protocol.amqp.proton.AMQPRoutingHandler;
import org.apache.activemq.artemis.spi.core.protocol.ProtocolManager;
import org.apache.activemq.artemis.spi.core.protocol.RemotingConnection;
import org.apache.activemq.artemis.spi.core.remoting.Connection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:artemis-amqp-protocol-2.32.0.jar:org/apache/activemq/artemis/protocol/amqp/sasl/ExternalServerSASLFactory.class */
public class ExternalServerSASLFactory implements ServerSASLFactory {
    private static final Logger logger = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());

    @Override // org.apache.activemq.artemis.protocol.amqp.sasl.ServerSASLFactory
    public String getMechanism() {
        return ExternalServerSASL.NAME;
    }

    @Override // org.apache.activemq.artemis.protocol.amqp.sasl.ServerSASLFactory
    public ServerSASL create(ActiveMQServer activeMQServer, ProtocolManager<AmqpInterceptor, AMQPRoutingHandler> protocolManager, Connection connection, RemotingConnection remotingConnection) {
        Principal peerPrincipalFromConnection = CertificateUtil.getPeerPrincipalFromConnection(remotingConnection);
        if (peerPrincipalFromConnection == null) {
            logger.debug("SASL EXTERNAL mechanism requires a TLS peer principal");
            return null;
        }
        ExternalServerSASL externalServerSASL = new ExternalServerSASL();
        externalServerSASL.setPrincipal(peerPrincipalFromConnection);
        return externalServerSASL;
    }

    @Override // org.apache.activemq.artemis.protocol.amqp.sasl.ServerSASLFactory
    public int getPrecedence() {
        return 0;
    }

    @Override // org.apache.activemq.artemis.protocol.amqp.sasl.ServerSASLFactory
    public boolean isDefaultPermitted() {
        return false;
    }
}
