package net.sf.jguard.core.authentication.loginmodules;

import java.io.IOException;
import java.security.Principal;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import net.sf.jguard.core.authentication.callbacks.AsynchronousCallbackException;
import net.sf.jguard.core.authentication.callbacks.AuthenticationSchemeHandlerCallback;
import net.sf.jguard.core.authentication.credentials.JGuardCredential;
import net.sf.jguard.core.authentication.manager.AuthenticationManager;
import net.sf.jguard.core.authentication.manager.JGuardAuthenticationManagerMarkups;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/sf/jguard/core/authentication/loginmodules/UserLoginModule.class */
public abstract class UserLoginModule implements LoginModule {
    protected Subject subject;
    private CallbackHandler callbackHandler;
    protected Map sharedState;
    protected Map<String, ?> options;
    private static final Logger logger = LoggerFactory.getLogger(UserLoginModule.class.getName());
    protected boolean skipPasswordCheck;
    public static final String LOGIN_ERROR = "login.error";
    protected static final String USER_INACTIVE = "user.inactive";
    protected Set<Principal> globalPrincipals;
    protected Set<Object> globalPrivateCredentials;
    protected Set<Object> globalPublicCredentials;
    private String authenticationSchemeHandlerName;
    protected AuthenticationManager authenticationManager;
    protected Callback[] callbacks;
    public static final String SKIP_CREDENTIAL_CHECK = "skipCredentialCheck";
    public static final String AUTHENTICATION_SCHEME_HANDLER_NAME = "authenticationSchemeHandlerName";
    public static final String DEBUG = "debug";
    protected boolean debug = false;
    protected String login = null;
    protected char[] password = null;
    protected boolean loginOK = true;

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> map, Map<String, ?> map2) {
        this.subject = subject;
        this.callbackHandler = callbackHandler;
        this.sharedState = map;
        this.options = map2;
        if (map2 == null) {
            throw new IllegalArgumentException("options map is null : 'options' map must contains an authenticationManager instance");
        }
        this.debug = Boolean.valueOf((String) map2.get(DEBUG)).booleanValue();
        this.skipPasswordCheck = Boolean.valueOf((String) map2.get(SKIP_CREDENTIAL_CHECK)).booleanValue();
        this.authenticationManager = (AuthenticationManager) map2.get(JGuardAuthenticationManagerMarkups.AUTHENTICATION_MANAGER.getLabel());
        if (this.authenticationManager == null) {
            throw new IllegalArgumentException("authenticationManager is null : 'options' map must contains an authenticationManager instance");
        }
    }

    public boolean logout() throws LoginException {
        if (this.subject == null) {
            return true;
        }
        this.subject.getPrincipals().clear();
        this.subject.getPrivateCredentials().clear();
        this.subject.getPublicCredentials().clear();
        return true;
    }

    public boolean abort() throws LoginException {
        if (this.subject != null) {
            this.subject.getPrincipals().clear();
            this.subject.getPrivateCredentials().clear();
            this.subject.getPublicCredentials().clear();
        }
        if (this.globalPrivateCredentials != null) {
            this.globalPrivateCredentials.clear();
        }
        if (this.globalPublicCredentials != null) {
            this.globalPublicCredentials.clear();
        }
        if (this.globalPrincipals == null) {
            return true;
        }
        this.globalPrincipals.clear();
        return true;
    }

    protected abstract List<Callback> getCallbacks();

    private Callback getCallback(List<Callback> list, Class cls) {
        for (Callback callback : list) {
            if (cls.equals(callback.getClass())) {
                return callback;
            }
        }
        return null;
    }

    public boolean login() throws LoginException {
        if (!this.skipPasswordCheck) {
            this.skipPasswordCheck = Boolean.valueOf((String) this.sharedState.get(SKIP_CREDENTIAL_CHECK)).booleanValue();
        }
        if (this.callbackHandler == null) {
            throw new LoginException("there is no CallbackHandler to authenticate the user");
        }
        List<Callback> callbacks = getCallbacks();
        callbacks.add(new AuthenticationSchemeHandlerCallback());
        try {
            this.callbacks = (Callback[]) callbacks.toArray(new Callback[callbacks.size()]);
            this.callbackHandler.handle(this.callbacks);
            this.authenticationSchemeHandlerName = ((AuthenticationSchemeHandlerCallback) getCallback(callbacks, AuthenticationSchemeHandlerCallback.class)).getAuthenticationSchemeHandlerName();
            return true;
        } catch (IOException e) {
            throw new LoginException(e.toString());
        } catch (AsynchronousCallbackException e2) {
            throw new AuthenticationChallengeException(e2.getMessage());
        } catch (UnsupportedCallbackException e3) {
            throw new LoginException("Callback error : " + e3.getCallback().toString() + " not available to authenticate the user");
        }
    }

    public boolean commit() throws LoginException {
        if (!this.loginOK) {
            return false;
        }
        Set<Principal> principals = this.subject.getPrincipals();
        if (this.globalPrincipals != null) {
            principals.addAll(this.globalPrincipals);
        }
        Set<Object> privateCredentials = this.subject.getPrivateCredentials();
        if (this.globalPrivateCredentials != null) {
            privateCredentials.addAll(this.globalPrivateCredentials);
        }
        Set<Object> publicCredentials = this.subject.getPublicCredentials();
        if (this.globalPublicCredentials != null) {
            publicCredentials.addAll(this.globalPublicCredentials);
        }
        publicCredentials.add(new JGuardCredential(AUTHENTICATION_SCHEME_HANDLER_NAME, this.authenticationSchemeHandlerName));
        return true;
    }
}
