package com.sun.messaging.jmq.jmsserver.auth;

import com.sun.messaging.jmq.auth.api.client.AuthenticationProtocolHandler;
import com.sun.messaging.jmq.auth.handlers.BasicAuthenticationHandler;
import com.sun.messaging.jmq.auth.handlers.DigestAuthenticationHandler;
import com.sun.messaging.jmq.jmsserver.Globals;
import com.sun.messaging.jmq.jmsserver.config.BrokerConfig;
import com.sun.messaging.jmq.jmsserver.resources.BrokerResources;
import com.sun.messaging.jmq.jmsserver.service.ServiceManager;
import com.sun.messaging.jmq.jmsserver.util.BrokerException;
import com.sun.messaging.jmq.util.ServiceType;
import com.sun.messaging.jmq.util.log.Logger;
import java.security.AccessControlException;
import java.util.Hashtable;
import java.util.List;
import java.util.Properties;
import javax.security.auth.login.LoginException;

/* loaded from: input_file:com/sun/messaging/jmq/jmsserver/auth/MQAuthenticator.class */
public class MQAuthenticator {
    private static boolean DEBUG = false;
    private String serviceName;
    private int serviceType;
    private String serviceTypeStr;
    private Hashtable handlers = new Hashtable();
    private AuthCacheData authCacheData = new AuthCacheData();
    private AccessController ac;
    public static final String CMDUSER_PROPERTY = "imq.imqcmd.user";
    public static final String CMDUSER_PWD_PROPERTY = "imq.imqcmd.password";
    public static final String CMDUSER_SVC_PROPERTY = "imq.imqcmd.service";

    public MQAuthenticator(String str, int i) throws BrokerException {
        this.serviceName = null;
        this.serviceTypeStr = null;
        this.ac = null;
        this.serviceName = str;
        this.serviceType = i;
        this.serviceTypeStr = ServiceType.getServiceTypeString(i);
        this.ac = AccessController.getInstance(str, i);
    }

    public void authenticate(String str, String str2) throws BrokerException, LoginException, AccessControlException {
        authenticate(str, str2, true);
    }

    public void authenticate(String str, String str2, boolean z) throws BrokerException, LoginException, AccessControlException {
        String authType = this.ac.getAuthType();
        AuthenticationProtocolHandler clientAuthHandler = getClientAuthHandler(authType);
        if (!clientAuthHandler.getType().equals(authType)) {
            throw new BrokerException(Globals.getBrokerResources().getKString(BrokerResources.X_AUTHTYPE_MISMATCH, (Object[]) new String[]{authType, clientAuthHandler.getType(), clientAuthHandler.getClass().getName()}));
        }
        clientAuthHandler.init(str, str2, null);
        int i = 0;
        byte[] challenge = this.ac.getChallenge(0, new Properties(), getAuthCacheData().getCacheData(), null);
        do {
            int i2 = i;
            i++;
            challenge = this.ac.handleResponse(clientAuthHandler.handleRequest(challenge, i2), i);
        } while (challenge != null);
        this.authCacheData.setCacheData(this.ac.getCacheData());
        this.ac.checkConnectionPermission(this.serviceName, this.serviceTypeStr);
        if (z) {
            this.ac.logout();
        }
    }

    public void logout() {
        if (this.ac != null) {
            this.ac.logout();
        }
    }

    public AuthCacheData getAuthCacheData() {
        return this.authCacheData;
    }

    public AccessController getAccessController() {
        return this.ac;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v15, types: [com.sun.messaging.jmq.auth.handlers.BasicAuthenticationHandler] */
    private AuthenticationProtocolHandler getClientAuthHandler(String str) throws BrokerException {
        DigestAuthenticationHandler digestAuthenticationHandler;
        AuthenticationProtocolHandler authenticationProtocolHandler = (AuthenticationProtocolHandler) this.handlers.get(str);
        if (authenticationProtocolHandler != null) {
            return authenticationProtocolHandler;
        }
        if (str.equals(AccessController.AUTHTYPE_BASIC)) {
            digestAuthenticationHandler = new BasicAuthenticationHandler();
            this.handlers.put(str, digestAuthenticationHandler);
        } else {
            if (!str.equals(AccessController.AUTHTYPE_DIGEST)) {
                throw new BrokerException(Globals.getBrokerResources().getKString(BrokerResources.X_UNSUPPORTED_AUTHTYPE, str));
            }
            digestAuthenticationHandler = new DigestAuthenticationHandler();
            this.handlers.put(str, digestAuthenticationHandler);
        }
        return digestAuthenticationHandler;
    }

    public static boolean authenticateCMDUserIfset() {
        BrokerConfig config = Globals.getConfig();
        String property = config.getProperty(CMDUSER_PROPERTY);
        if (property == null) {
            return true;
        }
        Logger logger = Globals.getLogger();
        Globals.getBrokerResources();
        if (property.trim().length() == 0) {
            logger.log(64, BrokerResources.X_BAD_PROPERTY_VALUE, "imq.imqcmd.user=" + property);
            return false;
        }
        String property2 = config.getProperty(CMDUSER_PWD_PROPERTY);
        if (property2 == null) {
            logger.log(64, BrokerResources.X_PASSWORD_NOT_PROVIDED, "imq.imqcmd.user=" + property);
            return false;
        }
        String property3 = config.getProperty(CMDUSER_SVC_PROPERTY);
        if (property3 == null) {
            property3 = "admin";
        }
        List allActiveServiceNames = ServiceManager.getAllActiveServiceNames();
        if (allActiveServiceNames == null || !allActiveServiceNames.contains(property3)) {
            logger.log(64, BrokerResources.E_NOT_ACTIVE_SERVICE, property3, "imq.imqcmd.user=" + property);
            return false;
        }
        String serviceTypeString = ServiceManager.getServiceTypeString(property3);
        if (serviceTypeString == null || ServiceType.getServiceType(serviceTypeString) != 1) {
            logger.log(64, BrokerResources.E_NOT_ADMIN_SERVICE, new String[]{property3, serviceTypeString, "imq.imqcmd.user=" + property});
            return false;
        }
        try {
            new MQAuthenticator(property3, 1).authenticate(property, property2);
            if (!DEBUG) {
                return true;
            }
            logger.log(64, BrokerResources.I_AUTH_OK, "imq.imqcmd.user=" + property, property3);
            return true;
        } catch (Exception e) {
            if (DEBUG) {
                logger.logStack(64, BrokerResources.W_AUTH_FAILED, property, property3, e);
                return false;
            }
            logger.log(64, BrokerResources.W_AUTH_FAILED, property, property3);
            return false;
        }
    }
}
