package oracle.kv.impl.admin;

import java.net.SocketException;
import java.util.HashSet;
import javax.security.auth.Subject;
import oracle.kv.AuthenticationFailureException;
import oracle.kv.LoginCredentials;
import oracle.kv.impl.admin.param.AdminParams;
import oracle.kv.impl.security.KVStoreRolePrincipal;
import oracle.kv.impl.security.login.LoginResult;
import oracle.kv.impl.security.login.LoginTable;
import oracle.kv.impl.security.login.UserLoginHandler;
import oracle.kv.impl.security.util.SecurityUtils;
import oracle.kv.impl.topo.AdminId;

/* loaded from: input_file:oracle/kv/impl/admin/AdminLoginHandler.class */
public class AdminLoginHandler extends UserLoginHandler {
    private final AdminService adminService;
    private final AdminUserVerifier userVerifier;
    private final LoginTable sessionMgr;

    public static AdminLoginHandler create(AdminService adminService) {
        AdminUserVerifier adminUserVerifier = new AdminUserVerifier(adminService);
        AdminPasswordRenewer adminPasswordRenewer = new AdminPasswordRenewer(adminService);
        AdminParams adminParams = adminService.getParams().getAdminParams();
        return new AdminLoginHandler(adminService.getAdmin() != null ? adminParams.getAdminId() : new AdminId(-1), adminService, adminUserVerifier, adminPasswordRenewer, new LoginTable(adminParams.getSessionLimit(), new byte[0], 16), UserLoginHandler.LoginConfig.buildLoginConfig(adminService.getParams().getGlobalParams()));
    }

    @Override // oracle.kv.impl.security.login.UserLoginHandler
    public LoginResult login(LoginCredentials loginCredentials, String str) throws AuthenticationFailureException {
        if (this.userVerifier.userDataExists()) {
            if (loginCredentials == null) {
                throw new AuthenticationFailureException("Authentication failed");
            }
            return super.login(loginCredentials, str);
        }
        if (loginCredentials != null) {
            throw new AuthenticationFailureException("No user data exists, only anonymous login is allowed.");
        }
        return tryAnonymousLogin(loginCredentials, str);
    }

    LoginResult tryAnonymousLogin(LoginCredentials loginCredentials, String str) throws AuthenticationFailureException {
        boolean z = false;
        try {
            z = SecurityUtils.isLocalHost(str);
        } catch (SecurityException e) {
            this.logger.info("Encountered exception while checking whether " + str + " is local: " + e);
        } catch (SocketException e2) {
            this.logger.info("Encountered exception while checking whether " + str + " is local: " + e2);
        }
        if (z) {
            return new LoginResult(createLoginSession(makeAdminSubject(), str));
        }
        this.logger.info("anonymous client login from " + str + ": host is not a local address");
        throw new AuthenticationFailureException("Anonymous login allowed only from local host");
    }

    private AdminLoginHandler(AdminId adminId, AdminService adminService, AdminUserVerifier adminUserVerifier, AdminPasswordRenewer adminPasswordRenewer, LoginTable loginTable, UserLoginHandler.LoginConfig loginConfig) {
        super(adminId, adminService.getAdmin() == null, adminUserVerifier, adminPasswordRenewer, loginTable, loginConfig, adminService.getLogger());
        this.adminService = adminService;
        this.userVerifier = adminUserVerifier;
        this.sessionMgr = loginTable;
    }

    private Subject makeAdminSubject() {
        HashSet hashSet = new HashSet();
        hashSet.add(KVStoreRolePrincipal.SYSADMIN);
        hashSet.add(KVStoreRolePrincipal.PUBLIC);
        return new Subject(true, hashSet, new HashSet(), new HashSet());
    }

    public boolean updateSessionLimit(int i) {
        return this.sessionMgr.updateSessionLimit(i);
    }
}
