package org.apache.geronimo.security.jaas;

import java.io.IOException;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import org.apache.geronimo.kernel.Kernel;
import org.apache.geronimo.kernel.jmx.MBeanProxyFactory;
import org.apache.geronimo.security.GeronimoSecurityException;
import org.apache.geronimo.security.RealmPrincipal;

/* loaded from: input_file:org/apache/geronimo/security/jaas/LocalLoginModule.class */
public class LocalLoginModule implements LoginModule {
    private String realmName;
    private String kernelName;
    private Subject internalSubject = new Subject();
    private Subject externalSubject;
    private LoginModuleId loginModuleId;
    LoginServiceMBean loginService;
    private CallbackHandler callbackHandler;
    static Class class$org$apache$geronimo$security$jaas$LoginServiceMBean;

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        Class cls;
        this.externalSubject = subject;
        this.callbackHandler = callbackHandler;
        this.realmName = (String) map2.get("realm");
        this.kernelName = (String) map2.get("kernel");
        try {
            Kernel kernel = Kernel.getKernel(this.kernelName);
            if (kernel == null) {
                throw new GeronimoSecurityException(new StringBuffer().append("No kernel found by the name of ").append(this.kernelName).toString());
            }
            if (class$org$apache$geronimo$security$jaas$LoginServiceMBean == null) {
                cls = class$("org.apache.geronimo.security.jaas.LoginServiceMBean");
                class$org$apache$geronimo$security$jaas$LoginServiceMBean = cls;
            } else {
                cls = class$org$apache$geronimo$security$jaas$LoginServiceMBean;
            }
            this.loginService = (LoginServiceMBean) MBeanProxyFactory.getProxy(cls, kernel.getMBeanServer(), LoginService.LOGIN_SERVICE);
            this.loginModuleId = this.loginService.allocateLoginModule(this.realmName);
        } catch (Exception e) {
            throw ((GeronimoSecurityException) new GeronimoSecurityException(new StringBuffer().append("Initialize error: ").append(e.toString()).append("\n").toString()).initCause(e));
        }
    }

    public boolean login() throws LoginException {
        if (this.loginModuleId == null) {
            throw new LoginException("No login module registered");
        }
        try {
            return tryLogin();
        } catch (ExpiredLoginModuleException e) {
            try {
                this.loginModuleId = this.loginService.allocateLoginModule(this.realmName);
                return tryLogin();
            } catch (Exception e2) {
                throw ((LoginException) new LoginException().initCause(e2));
            }
        } catch (Exception e3) {
            throw ((LoginException) new LoginException().initCause(e3));
        }
    }

    public boolean commit() throws LoginException {
        if (this.loginModuleId == null) {
            throw new LoginException("No login module registered");
        }
        this.loginService.commit(this.loginModuleId);
        this.internalSubject = this.loginService.retrieveSubject(this.loginModuleId);
        this.externalSubject.getPrincipals().addAll(this.internalSubject.getPrincipals());
        this.externalSubject.getPrivateCredentials().addAll(this.internalSubject.getPrivateCredentials());
        this.externalSubject.getPublicCredentials().addAll(this.internalSubject.getPublicCredentials());
        return true;
    }

    public boolean abort() throws LoginException {
        if (this.loginModuleId == null) {
            throw new LoginException("No login module registered");
        }
        return this.loginService.abort(this.loginModuleId);
    }

    public boolean logout() throws LoginException {
        if (this.loginModuleId == null) {
            throw new LoginException("No login module registered");
        }
        Iterator<Principal> it = this.externalSubject.getPrincipals().iterator();
        while (it.hasNext()) {
            Principal next = it.next();
            if (next instanceof RealmPrincipal) {
                it.remove();
            } else if (this.internalSubject.getPrincipals().contains(next)) {
                it.remove();
            }
        }
        Iterator<Object> it2 = this.externalSubject.getPrivateCredentials().iterator();
        while (it2.hasNext()) {
            if (this.internalSubject.getPrivateCredentials().contains(it2.next())) {
                it2.remove();
            }
        }
        Iterator<Object> it3 = this.externalSubject.getPublicCredentials().iterator();
        while (it3.hasNext()) {
            if (this.internalSubject.getPublicCredentials().contains(it3.next())) {
                it3.remove();
            }
        }
        return this.loginService.logout(this.loginModuleId);
    }

    private boolean tryLogin() throws Exception {
        Callback[] callbackArr = new Callback[0];
        Callback[] callbackArr2 = (Callback[]) this.loginService.getCallbacks(this.loginModuleId).toArray(new Callback[0]);
        try {
            this.callbackHandler.handle(callbackArr2);
            ArrayList arrayList = new ArrayList();
            for (Callback callback : callbackArr2) {
                arrayList.add(callback);
            }
            return this.loginService.login(this.loginModuleId, arrayList);
        } catch (IOException e) {
            throw ((LoginException) new LoginException().initCause(e));
        } catch (UnsupportedCallbackException e2) {
            throw ((LoginException) new LoginException().initCause(e2));
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }
}
