package org.keycloak.quarkus.runtime.integration.web;

import io.vertx.ext.web.RoutingContext;
import java.lang.annotation.Annotation;
import java.security.cert.X509Certificate;
import javax.enterprise.inject.Instance;
import javax.enterprise.inject.spi.CDI;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import org.jboss.logging.Logger;
import org.jboss.resteasy.spi.HttpRequest;
import org.keycloak.services.x509.X509ClientCertificateLookup;

/* loaded from: input_file:org/keycloak/quarkus/runtime/integration/web/VertxClientCertificateLookup.class */
public class VertxClientCertificateLookup implements X509ClientCertificateLookup {
    private static final Logger logger = Logger.getLogger(VertxClientCertificateLookup.class);

    public void close() {
    }

    public X509Certificate[] getCertificateChain(HttpRequest httpRequest) {
        Instance select = CDI.current().select(RoutingContext.class, new Annotation[0]);
        if (!select.isResolvable()) {
            return null;
        }
        try {
            SSLSession sslSession = ((RoutingContext) select.get()).request().sslSession();
            if (sslSession == null) {
                return null;
            }
            X509Certificate[] x509CertificateArr = (X509Certificate[]) sslSession.getPeerCertificates();
            if (logger.isTraceEnabled() && x509CertificateArr != null) {
                for (X509Certificate x509Certificate : x509CertificateArr) {
                    logger.tracef("Certificate's SubjectDN => \"%s\"", x509Certificate.getSubjectDN().getName());
                }
            }
            return x509CertificateArr;
        } catch (SSLPeerUnverifiedException e) {
            return null;
        }
    }
}
