package de.adorsys.oauth.client;

import com.nimbusds.openid.connect.sdk.claims.UserInfo;
import java.io.Serializable;
import java.security.Principal;
import java.security.acl.Group;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import javax.security.jacc.PolicyContext;
import javax.security.jacc.PolicyContextException;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:de/adorsys/oauth/client/OAuthLoginModule.class */
public class OAuthLoginModule implements LoginModule {
    private static final Logger LOG = LoggerFactory.getLogger(OAuthLoginModule.class);
    private Subject subject;
    private CallbackHandler callbackHandler;
    private Map sharedState;

    /* loaded from: input_file:de/adorsys/oauth/client/OAuthLoginModule$SimpleGroup.class */
    private class SimpleGroup extends SimplePrincipal implements Group {
        private static final long serialVersionUID = 1;
        private HashMap<Principal, Principal> members;

        public SimpleGroup(String str) {
            super(str);
            this.members = new HashMap<>();
        }

        @Override // java.security.acl.Group
        public boolean addMember(Principal principal) {
            if (this.members.containsKey(principal)) {
                return false;
            }
            this.members.put(principal, principal);
            return true;
        }

        @Override // java.security.acl.Group
        public boolean isMember(Principal principal) {
            if (this.members.containsKey(principal)) {
                return true;
            }
            for (Principal principal2 : this.members.keySet()) {
                if (principal2 instanceof Group) {
                    return ((Group) principal2).isMember(principal2);
                }
            }
            return false;
        }

        @Override // java.security.acl.Group
        public Enumeration<Principal> members() {
            return Collections.enumeration(this.members.values());
        }

        @Override // java.security.acl.Group
        public boolean removeMember(Principal principal) {
            return this.members.remove(principal) != null;
        }
    }

    /* loaded from: input_file:de/adorsys/oauth/client/OAuthLoginModule$SimplePrincipal.class */
    private static class SimplePrincipal implements Principal, Serializable {
        private static final long serialVersionUID = 1;
        private final String name;

        public SimplePrincipal(String str) {
            this.name = str;
        }

        @Override // java.security.Principal
        public String getName() {
            return this.name;
        }

        @Override // java.security.Principal
        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || getClass() != obj.getClass()) {
                return false;
            }
            return this.name.equals(((SimplePrincipal) obj).name);
        }

        @Override // java.security.Principal
        public int hashCode() {
            return this.name.hashCode();
        }
    }

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> map, Map<String, ?> map2) {
        this.subject = subject;
        this.callbackHandler = callbackHandler;
        this.sharedState = map;
    }

    public boolean login() throws LoginException {
        Callback nameCallback = new NameCallback("name");
        PasswordCallback passwordCallback = new PasswordCallback("password", false);
        try {
            this.callbackHandler.handle(new Callback[]{nameCallback, passwordCallback});
            String name = nameCallback.getName();
            String str = new String(passwordCallback.getPassword());
            try {
                UserInfo userInfo = (UserInfo) resolveHttpRequest().getAttribute(UserInfo.class.getName());
                if (userInfo == null) {
                    LOG.trace("no userinfo available as request parameter");
                    return false;
                }
                LOG.info("login {}:{}", name, str);
                SimplePrincipal simplePrincipal = new SimplePrincipal(name);
                this.subject.getPrincipals().add(simplePrincipal);
                SimpleGroup simpleGroup = new SimpleGroup("CallerPrincipal");
                this.subject.getPrincipals().add(simpleGroup);
                simpleGroup.addMember(simplePrincipal);
                SimpleGroup simpleGroup2 = new SimpleGroup("Bearer");
                this.subject.getPrincipals().add(simpleGroup2);
                simpleGroup2.addMember(new SimplePrincipal(str));
                if (!userInfo.getSubject().getValue().equals(name)) {
                    return true;
                }
                Object claim = userInfo.getClaim("groups");
                LOG.info("UserInfo: {} {}", userInfo.getSubject().getValue(), claim);
                SimpleGroup simpleGroup3 = new SimpleGroup("Roles");
                this.subject.getPrincipals().add(simpleGroup3);
                if (claim != null) {
                    Iterator it = ((List) claim).iterator();
                    while (it.hasNext()) {
                        simpleGroup3.addMember(new SimplePrincipal((String) it.next()));
                    }
                }
                if (this.sharedState == null) {
                    return true;
                }
                this.sharedState.put("userInfo", userInfo);
                return true;
            } catch (Exception e) {
                throw new LoginException(e.getMessage());
            }
        } catch (Exception e2) {
            throw new LoginException(e2.getMessage());
        }
    }

    private HttpServletRequest resolveHttpRequest() throws LoginException {
        try {
            return (HttpServletRequest) PolicyContext.getContext(HttpServletRequest.class.getName());
        } catch (PolicyContextException e) {
            LOG.error("unable to extract HttpServletRequest from PolicyContext {} {}", e.getClass().getSimpleName(), e.getMessage());
            throw new LoginException(e.getMessage());
        }
    }

    public boolean commit() throws LoginException {
        return true;
    }

    public boolean abort() throws LoginException {
        return logout();
    }

    public boolean logout() throws LoginException {
        this.subject = null;
        return true;
    }
}
