package com.networknt.oauth.spnego;

import com.networknt.config.Config;
import java.io.IOException;
import java.util.HashMap;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.Configuration;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;

/* loaded from: input_file:com/networknt/oauth/spnego/KerberosKDCUtil.class */
public class KerberosKDCUtil {
    static final String CONFIG_SPNEGO = "spnego";
    static final SpnegoConfig config = (SpnegoConfig) Config.getInstance().getJsonObjectConfig(CONFIG_SPNEGO, SpnegoConfig.class);

    /* loaded from: input_file:com/networknt/oauth/spnego/KerberosKDCUtil$UsernamePasswordCBH.class */
    private static class UsernamePasswordCBH implements CallbackHandler {
        private final String username;
        private final char[] password;

        private UsernamePasswordCBH(String str, char[] cArr) {
            this.username = str;
            this.password = cArr;
        }

        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
            for (Callback callback : callbackArr) {
                if (callback instanceof NameCallback) {
                    ((NameCallback) callback).setName(this.username);
                } else {
                    if (!(callback instanceof PasswordCallback)) {
                        throw new UnsupportedCallbackException(callback);
                    }
                    ((PasswordCallback) callback).setPassword(this.password);
                }
            }
        }
    }

    public static Subject login(String str, char[] cArr) throws LoginException {
        Subject subject = new Subject();
        new LoginContext("KDC", subject, new UsernamePasswordCBH(str, cArr), createJaasConfiguration()).login();
        return subject;
    }

    private static Configuration createJaasConfiguration() {
        return new Configuration() { // from class: com.networknt.oauth.spnego.KerberosKDCUtil.1
            public AppConfigurationEntry[] getAppConfigurationEntry(String str) {
                if (!"KDC".equals(str)) {
                    throw new IllegalArgumentException("Unexpected name '" + str + "'");
                }
                AppConfigurationEntry[] appConfigurationEntryArr = new AppConfigurationEntry[1];
                HashMap hashMap = new HashMap();
                hashMap.put("debug", KerberosKDCUtil.config.getDebug());
                hashMap.put("refreshKrb5Config", "true");
                hashMap.put("storeKey", "true");
                if ("true".equalsIgnoreCase(KerberosKDCUtil.config.getUseKeyTab())) {
                    hashMap.put("useKeyTab", KerberosKDCUtil.config.getUseKeyTab());
                    hashMap.put("keyTab", KerberosKDCUtil.config.getKeyTab());
                    hashMap.put("principal", KerberosKDCUtil.config.getPrincipal());
                }
                hashMap.put("isInitiator", "true");
                appConfigurationEntryArr[0] = new AppConfigurationEntry("com.sun.security.auth.module.Krb5LoginModule", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, hashMap);
                return appConfigurationEntryArr;
            }
        };
    }
}
