package net.sf.jguard.core.authentication;

import java.security.AccessControlContext;
import java.security.AccessController;
import java.util.Collection;
import java.util.Iterator;
import javax.security.auth.Subject;
import javax.security.auth.login.Configuration;
import javax.security.auth.login.LoginException;
import net.sf.jguard.core.authentication.callbackhandler.JGuardCallbackHandler;
import net.sf.jguard.core.authentication.exception.AuthenticationContinueException;
import net.sf.jguard.core.authentication.exception.AuthenticationException;
import net.sf.jguard.core.authentication.loginmodules.AuthenticationChallengeException;
import net.sf.jguard.core.authentication.schemes.AuthenticationSchemeHandler;
import net.sf.jguard.core.lifecycle.Request;
import net.sf.jguard.core.lifecycle.Response;
import net.sf.jguard.core.technology.ImpersonationScopes;
import net.sf.jguard.core.technology.Scopes;
import net.sf.jguard.core.util.SubjectUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/sf/jguard/core/authentication/AbstractAuthenticationServicePoint.class */
public abstract class AbstractAuthenticationServicePoint<Req, Res> implements AuthenticationServicePoint<Req, Res> {
    private static final Logger logger = LoggerFactory.getLogger(AbstractAuthenticationServicePoint.class.getName());
    private Configuration configuration;
    private Configuration guestConfiguration;
    private Collection<AuthenticationSchemeHandler<Req, Res>> authenticationSchemeHandlers;
    private String applicationName;
    private Scopes scopes;
    private JGuardCallbackHandler guestCallbackHandler;
    private static final String AUTHENTICATION_SUCCEEDED = "authenticationSucceededDuringThisRequest";
    private static final String LOGIN_EXCEPTION_CLASS = "LoginExceptionClass";
    private static final String LOGIN_EXCEPTION_MESSAGE = "LoginExceptionMessage";
    private static final String REGISTRATION_DONE = "registrationDone";

    public AbstractAuthenticationServicePoint(Configuration configuration, Configuration configuration2, Collection<AuthenticationSchemeHandler<Req, Res>> collection, String str, Scopes scopes, JGuardCallbackHandler jGuardCallbackHandler) {
        this.configuration = configuration;
        this.guestConfiguration = configuration2;
        this.authenticationSchemeHandlers = collection;
        this.applicationName = str;
        this.scopes = scopes;
        this.guestCallbackHandler = jGuardCallbackHandler;
    }

    @Override // net.sf.jguard.core.authentication.AuthenticationServicePoint
    public LoginContextWrapper authenticate(Request<Req> request, Response<Res> response, JGuardCallbackHandler<Req, Res> jGuardCallbackHandler) {
        return authenticate(request, response, this.configuration, this.scopes, jGuardCallbackHandler);
    }

    private LoginContextWrapper authenticate(Request<Req> request, Response<Res> response, Configuration configuration, Scopes scopes, JGuardCallbackHandler<Req, Res> jGuardCallbackHandler) throws AuthenticationException {
        scopes.setRequestAttribute(REGISTRATION_DONE, Boolean.FALSE);
        LoginContextWrapper loginContextWrapper = null;
        try {
            loginContextWrapper = getLoginContextWrapper(scopes);
            loginContextWrapper.login(jGuardCallbackHandler, configuration);
            authenticationSucceed(loginContextWrapper);
            jGuardCallbackHandler.authenticationSucceed(loginContextWrapper.getSubject(), request, response);
            loginContextWrapper.setStatus(AuthenticationStatus.SUCCESS);
            return loginContextWrapper;
        } catch (AuthenticationContinueException e) {
            logger.debug("authentication is not yet complete. a new exchange between client and server is required " + e.getMessage());
            loginContextWrapper.setStatus(AuthenticationStatus.CONTINUE);
            return loginContextWrapper;
        } catch (AuthenticationChallengeException e2) {
            logger.debug("authentication challenge built. a new exchange between client and server is required " + e2.getMessage());
            loginContextWrapper.setStatus(AuthenticationStatus.FAILURE);
            return loginContextWrapper;
        } catch (LoginException e3) {
            logger.debug("authentication failed " + e3.getMessage(), e3);
            scopes.setRequestAttribute(LOGIN_EXCEPTION_MESSAGE, e3.getLocalizedMessage());
            scopes.setRequestAttribute(LOGIN_EXCEPTION_CLASS, e3.getClass());
            jGuardCallbackHandler.authenticationFailed(request, response);
            loginContextWrapper.setStatus(AuthenticationStatus.FAILURE);
            return loginContextWrapper;
        }
    }

    protected void authenticationSucceed(LoginContextWrapper loginContextWrapper) {
    }

    @Override // net.sf.jguard.core.authentication.AuthenticationServicePoint
    public LoginContextWrapper impersonateAsGuest(Request<Req> request, Response<Res> response, ImpersonationScopes impersonationScopes) {
        return authenticate(request, response, this.guestConfiguration, impersonationScopes, this.guestCallbackHandler);
    }

    @Override // net.sf.jguard.core.authentication.AuthenticationServicePoint
    public boolean answerToChallenge(Request<Req> request, Response<Res> response) {
        Iterator<AuthenticationSchemeHandler<Req, Res>> it = this.authenticationSchemeHandlers.iterator();
        while (it.hasNext()) {
            if (it.next().answerToChallenge(request, response)) {
                return true;
            }
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Collection<AuthenticationSchemeHandler<Req, Res>> getAuthenticationSchemeHandlers() {
        return this.authenticationSchemeHandlers;
    }

    @Override // net.sf.jguard.core.authentication.AuthenticationServicePoint
    public Subject getCurrentSubject() {
        Subject subjectInAccessControlContext = getSubjectInAccessControlContext();
        if (subjectInAccessControlContext == null) {
            subjectInAccessControlContext = (Subject) this.scopes.getApplicationAttribute(SubjectUtils.GUEST_SUBJECT);
        }
        return subjectInAccessControlContext;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static Subject getSubjectInAccessControlContext() {
        AccessControlContext context = AccessController.getContext();
        if (context == null) {
            return null;
        }
        return Subject.getSubject(context);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public LoginContextWrapper getLoginContextWrapper(Scopes scopes) {
        if (scopes == null) {
            throw new IllegalArgumentException("scopes is null");
        }
        return new LoginContextWrapperImpl(this.applicationName);
    }

    @Override // net.sf.jguard.core.authentication.AuthenticationServicePoint
    public Subject getGuestSubject(Request<Req> request, Response<Res> response, ImpersonationScopes impersonationScopes, JGuardCallbackHandler jGuardCallbackHandler) {
        LoginContextWrapper impersonateAsGuest = impersonateAsGuest(request, response, impersonationScopes);
        if (impersonateAsGuest == null) {
            throw new IllegalStateException(" authenticationUtils is null in the Authenticationbindings");
        }
        if (AuthenticationStatus.SUCCESS.equals(impersonateAsGuest.getStatus())) {
            return impersonateAsGuest.getSubject();
        }
        throw new AuthenticationException("authentication of the guest user does not return a SUCCESS authentication status but " + impersonateAsGuest.getStatus().toString());
    }

    @Override // net.sf.jguard.core.authentication.AuthenticationServicePoint
    public boolean authenticationSucceededDuringThisRequest(Request<Req> request, Response<Res> response) {
        String str = (String) this.scopes.getRequestAttribute(AUTHENTICATION_SUCCEEDED);
        if (null == str) {
            return false;
        }
        return Boolean.parseBoolean(str);
    }
}
