package fr.lixbox.security.jaas.login;

import fr.lixbox.security.jaas.model.enumeration.TypeAuthentification;
import java.security.Principal;
import java.security.acl.Group;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.jboss.security.NestableGroup;
import org.jboss.security.SimpleGroup;
import org.jboss.security.SimplePrincipal;

/* loaded from: input_file:fr/lixbox/security/jaas/login/AbstractServerLoginModule.class */
public abstract class AbstractServerLoginModule implements LoginModule {
    private static final Log LOG = LogFactory.getLog(AbstractServerLoginModule.class);
    protected Subject subject;
    protected Principal identity;
    protected Object credential;
    protected CallbackHandler callbackHandler;
    protected Map sharedState;
    protected Map options;
    protected boolean useFirstPass;
    protected boolean loginOk;
    protected String principalClassName;
    protected Principal unauthenticatedIdentity;
    protected String jnpHost = "localhost:1099";
    protected String dsJndiName = "java:/XAOracleDS";
    protected String userQuery = "select NAME from USER where USER_ID=?";
    protected String rolesQuery = "select ROLE_NAME from ROLE where USER_NAME=?";
    protected String jnpUser = "guest";
    protected String jnpPwd = "jboss";
    protected String jnpFactory = "org.jboss.as.naming.InitialContextFactory";
    protected String pathCrl;
    protected String pathKeystore;
    protected String pwdKeystore;
    protected String keyAlias;

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        this.subject = subject;
        this.callbackHandler = callbackHandler;
        this.sharedState = map;
        this.options = map2;
        this.principalClassName = (String) map2.get("principalClass");
        if (this.principalClassName == null) {
            this.principalClassName = "fr.lixbox.security.jaas.model.LixboxPrincipal";
        }
        this.pathKeystore = (String) map2.get("pathKeystore");
        this.pwdKeystore = (String) map2.get("pwdKeystore");
        this.pathCrl = (String) map2.get("pathCrl");
        this.keyAlias = (String) map2.get("keyAlias");
        String str = (String) map2.get("password-stacking");
        if (str != null && str.equalsIgnoreCase("useFirstPass")) {
            this.useFirstPass = true;
        }
        this.jnpHost = (String) map2.get("jnpHost");
        if (this.jnpHost == null) {
            this.jnpHost = "localhost:1099";
        }
        String str2 = (String) map2.get("unauthenticatedIdentity");
        if (str2 != null) {
            try {
                this.unauthenticatedIdentity = createIdentity(str2);
                LOG.trace("Saw unauthenticatedIdentity=" + str2);
            } catch (Exception e) {
                LOG.warn("Failed to create custom unauthenticatedIdentity", e);
            }
        }
        this.dsJndiName = (String) map2.get("dsJndiName");
        this.jnpHost = (String) map2.get("jnpHost");
        Object obj = map2.get("principalsQuery");
        if (obj != null) {
            this.userQuery = obj.toString();
        } else if (map2.get("userQuery") != null) {
            this.userQuery = map2.get("userQuery").toString();
        }
        Object obj2 = map2.get("rolesQuery");
        if (obj2 != null) {
            this.rolesQuery = obj2.toString();
        }
        LOG.trace("CertLoginModule, dsJndiName=" + this.dsJndiName);
        LOG.trace("jnpHost=" + this.jnpHost);
        LOG.trace("userQuery=" + this.userQuery);
        LOG.trace("rolesQuery=" + this.rolesQuery);
        LOG.trace("pathCrl=" + this.pathCrl);
        LOG.trace("pathKeystore=" + this.pathKeystore);
        LOG.trace("pwdKeystore=" + this.pwdKeystore);
        LOG.trace("keyAlias=" + this.keyAlias);
    }

    public boolean login() throws LoginException {
        this.loginOk = false;
        if (!this.useFirstPass) {
            return false;
        }
        try {
            Object obj = this.sharedState.get("javax.security.auth.login.name");
            Object obj2 = this.sharedState.get("javax.security.auth.login.password");
            if (obj == null || obj2 == null) {
                return false;
            }
            this.loginOk = true;
            return true;
        } catch (Exception e) {
            LOG.error("login failed", e);
            return false;
        }
    }

    public boolean commit() throws LoginException {
        if (!this.loginOk) {
            return false;
        }
        Set<Principal> principals = this.subject.getPrincipals();
        Principal identity = getIdentity();
        principals.add(identity);
        for (Group group : getRoleSets()) {
            Group createGroup = createGroup(group.getName(), principals);
            if (createGroup instanceof NestableGroup) {
                Group simpleGroup = new SimpleGroup("Roles");
                createGroup.addMember(simpleGroup);
                createGroup = simpleGroup;
            }
            Enumeration<? extends Principal> members = group.members();
            while (members.hasMoreElements()) {
                createGroup.addMember(members.nextElement());
            }
        }
        Group group2 = null;
        Iterator<Principal> it = principals.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Principal next = it.next();
            if (next instanceof Group) {
                Group group3 = (Group) Group.class.cast(next);
                if (group3.getName().equals("CallerPrincipal")) {
                    group2 = group3;
                    break;
                }
            }
        }
        if (group2 == null) {
            SimpleGroup simpleGroup2 = new SimpleGroup("CallerPrincipal");
            simpleGroup2.addMember(identity);
            principals.add(simpleGroup2);
        }
        SecurityAssociationActions.setPrincipalInfo(this.identity, this.credential, this.subject);
        return true;
    }

    public boolean abort() throws LoginException {
        LOG.trace("abort");
        return true;
    }

    public boolean logout() throws LoginException {
        LOG.trace("logout");
        this.subject.getPrincipals().remove(getIdentity());
        return true;
    }

    protected boolean getUseFirstPass() {
        return this.useFirstPass;
    }

    protected Principal getUnauthenticatedIdentity() {
        return this.unauthenticatedIdentity;
    }

    protected Group createGroup(String str, Set<Principal> set) {
        Group group = null;
        Iterator<Principal> it = set.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Principal next = it.next();
            if (next instanceof Group) {
                Group group2 = (Group) next;
                if (group2.getName().equals(str)) {
                    group = group2;
                    break;
                }
            }
        }
        if (group == null) {
            group = new SimpleGroup(str);
            set.add(group);
        }
        return group;
    }

    protected Principal createIdentity(String str) throws Exception {
        return this.principalClassName == null ? new SimplePrincipal(str) : (Principal) Thread.currentThread().getContextClassLoader().loadClass(this.principalClassName).getConstructor(String.class, TypeAuthentification.class).newInstance(str, TypeAuthentification.BASIC);
    }

    protected abstract Principal getIdentity();

    protected abstract Group[] getRoleSets() throws LoginException;
}
