package com.evasion.sam.jaas;

import com.evasion.sam.Config;
import com.evasion.sam.PasswordEncoder;
import com.evasion.sam.ejb.JNDIClient;
import com.evasion.sam.ejb.JaasEjb;
import java.util.Date;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import javax.transaction.HeuristicMixedException;
import javax.transaction.HeuristicRollbackException;
import javax.transaction.NotSupportedException;
import javax.transaction.RollbackException;
import javax.transaction.SystemException;
import javax.transaction.UserTransaction;

/* loaded from: input_file:lib/evasion-sam-modul-1.0.0.6-RC1.jar:com/evasion/sam/jaas/EvasionEJBLoginModule.class */
public class EvasionEJBLoginModule implements LoginModule {
    private static final Logger LOGGER = Logger.getLogger(EvasionEJBLoginModule.class.getName());
    private Subject subject;
    private CallbackHandler callbackHandler;
    private String username = null;
    private String password = null;
    private boolean success = true;
    private JaasEjb loginEJB = null;
    JNDIClient ejbClient = null;

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> map, Map<String, ?> map2) {
        this.subject = subject;
        this.callbackHandler = callbackHandler;
        LOGGER.info("Init Evasion Login Module");
        String str = (String) map2.get(Config.PARAM_EJB_JNDI);
        String str2 = (String) map2.get(Config.PARAM_PROVIDER_URL);
        LOGGER.info("------- Properties ------------------");
        completePropertiesAndLog(Config.PARAM_EJB_JNDI, str);
        completePropertiesAndLog(Config.PARAM_PROVIDER_URL, str2);
        this.ejbClient = new JNDIClient(str2);
        this.loginEJB = (JaasEjb) this.ejbClient.lookup(str);
    }

    private void completePropertiesAndLog(String str, String str2) {
        LOGGER.log(Level.INFO, "{0} : {1}", new Object[]{str, str2});
        if (str2 == null || str2.equals("")) {
            LOGGER.log(Level.SEVERE, "{0} can not be null", str);
        }
    }

    public boolean login() throws LoginException {
        LOGGER.info("Start Login");
        traitementPWD();
        String password = this.loginEJB.getPassword(this.username);
        if (password == null || !password.equals(this.password)) {
            throw new LoginException("Bad username or password  for username=" + this.username);
        }
        LOGGER.fine("Login succes");
        return true;
    }

    private boolean traitementPWD() throws LoginException {
        try {
            Callback nameCallback = new NameCallback("UsrName");
            PasswordCallback passwordCallback = new PasswordCallback("Passwd", false);
            this.callbackHandler.handle(new Callback[]{nameCallback, passwordCallback});
            this.username = nameCallback.getName();
            char[] password = passwordCallback.getPassword();
            if (password != null) {
                this.password = new String(password);
            }
            if (this.password == null || this.password.isEmpty() || this.username == null || this.username.isEmpty()) {
                LOGGER.severe("User or password are null");
                throw new LoginException("Login Failed for user " + this.username + "!!!");
            }
            this.password = PasswordEncoder.encodePassword(this.username, this.password);
            passwordCallback.clearPassword();
            LOGGER.log(Level.FINE, "Login with username: {0} and password: xxxxxxxxx", this.username);
            return true;
        } catch (Exception e) {
            this.success = false;
            LoginException loginException = new LoginException("Login Failed!!!");
            LOGGER.log(Level.SEVERE, "Login Failed with username: {0} and password: xxxxxx", this.username);
            loginException.initCause(e);
            throw loginException;
        }
    }

    public boolean commit() throws LoginException {
        UserTransaction transaction = this.ejbClient.getTransaction();
        LOGGER.fine("Commit");
        if (this.username == null || !this.success) {
            return true;
        }
        EvasionPrincipal evasionPrincipal = this.loginEJB.getEvasionPrincipal(this.username);
        this.subject.getPrincipals().add(evasionPrincipal);
        this.subject.getPrincipals().add(this.loginEJB.getAllRoles(this.username));
        if (new Date().getTime() - evasionPrincipal.getLastLogin().getTime() <= 86400) {
            return true;
        }
        try {
            transaction.begin();
            this.loginEJB.postLogin(this.username);
            transaction.commit();
            return true;
        } catch (IllegalStateException e) {
            Logger.getLogger(EvasionEJBLoginModule.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e);
            return true;
        } catch (SecurityException e2) {
            Logger.getLogger(EvasionEJBLoginModule.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e2);
            return true;
        } catch (HeuristicMixedException e3) {
            Logger.getLogger(EvasionEJBLoginModule.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e3);
            return true;
        } catch (HeuristicRollbackException e4) {
            Logger.getLogger(EvasionEJBLoginModule.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e4);
            return true;
        } catch (NotSupportedException e5) {
            Logger.getLogger(EvasionEJBLoginModule.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e5);
            return true;
        } catch (RollbackException e6) {
            Logger.getLogger(EvasionEJBLoginModule.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e6);
            return true;
        } catch (SystemException e7) {
            Logger.getLogger(EvasionEJBLoginModule.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e7);
            return true;
        }
    }

    public boolean abort() throws LoginException {
        this.username = null;
        this.password = null;
        return true;
    }

    public boolean logout() throws LoginException {
        this.subject.getPrincipals().remove(new EvasionPrincipal(this.username));
        this.username = null;
        this.password = null;
        return true;
    }
}
