package net.sf.jguard.core.util;

import java.security.Principal;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.security.auth.Subject;
import net.sf.jguard.core.authentication.callbacks.GuestCallbacksProvider;
import net.sf.jguard.core.authentication.credentials.JGuardCredential;
import net.sf.jguard.core.authentication.manager.AuthenticationManager;
import net.sf.jguard.core.principals.Organization;
import net.sf.jguard.core.principals.PrincipalUtils;
import net.sf.jguard.core.principals.RolePrincipal;
import net.sf.jguard.core.principals.UserPrincipal;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/sf/jguard/core/util/SubjectUtils.class */
public final class SubjectUtils {
    private static final Logger logger = LoggerFactory.getLogger(SubjectUtils.class.getName());
    private static final String USER_PRINCIPAL = "userPrincipal";
    public static final String GUEST_SUBJECT = "guestSubject";

    private SubjectUtils() {
    }

    private static Set getCredentialValues(Subject subject, boolean z, String str) {
        Set<JGuardCredential> privateCredentials;
        HashSet hashSet = new HashSet();
        if (z) {
            privateCredentials = subject.getPublicCredentials(JGuardCredential.class);
        } else {
            try {
                privateCredentials = subject.getPrivateCredentials(JGuardCredential.class);
            } catch (SecurityException e) {
                logger.debug(" you don't have the permission to grab private credentials ");
                return hashSet;
            }
        }
        for (JGuardCredential jGuardCredential : privateCredentials) {
            if ((jGuardCredential instanceof JGuardCredential) && jGuardCredential.getName().equals(str)) {
                hashSet.add(jGuardCredential.getValue());
            }
        }
        return hashSet;
    }

    public static Organization getOrganization(Subject subject) {
        Set principals = subject.getPrincipals(Organization.class);
        if (principals.size() > 1) {
            throw new IllegalStateException(" a Subject object must contains only one organization in the principal set . ");
        }
        if (principals.size() == 0) {
            throw new IllegalStateException(" if no organization is set in the principal set of the subject, the default 'system' organization is used  ");
        }
        return (Organization) principals.iterator().next();
    }

    public static String getCredentialValueAsString(Subject subject, boolean z, String str) {
        Set privateCredentials;
        String str2 = "";
        if (z) {
            privateCredentials = subject.getPublicCredentials(JGuardCredential.class);
        } else {
            try {
                privateCredentials = subject.getPrivateCredentials(JGuardCredential.class);
            } catch (SecurityException e) {
                logger.debug(" you don't have the permission to grab private credentials ");
                return str2;
            }
        }
        Iterator it = privateCredentials.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            JGuardCredential jGuardCredential = (JGuardCredential) it.next();
            if (jGuardCredential.getName().equals(str)) {
                str2 = jGuardCredential.getValue().toString();
                break;
            }
        }
        return str2;
    }

    public static void setCredentialValue(Subject subject, boolean z, String str, Object obj, boolean z2) {
        Set<Object> privateCredentials;
        boolean z3 = false;
        if (z) {
            privateCredentials = subject.getPublicCredentials();
        } else {
            try {
                privateCredentials = subject.getPrivateCredentials();
            } catch (SecurityException e) {
                logger.debug(" you don't have the permission to grab private credentials ");
                return;
            }
        }
        Iterator<Object> it = privateCredentials.iterator();
        JGuardCredential jGuardCredential = null;
        JGuardCredential jGuardCredential2 = null;
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Object next = it.next();
            if (next instanceof JGuardCredential) {
                jGuardCredential = (JGuardCredential) next;
                if (jGuardCredential.getName().equals(str)) {
                    jGuardCredential2 = new JGuardCredential(str, obj);
                    z3 = true;
                    break;
                }
            }
        }
        if (!z3) {
            jGuardCredential2 = new JGuardCredential(str, obj);
        }
        privateCredentials.remove(jGuardCredential);
        privateCredentials.add(jGuardCredential2);
    }

    public static JGuardCredential getIdentityCredential(Subject subject, AuthenticationManager authenticationManager) {
        String credentialId = authenticationManager.getCredentialId();
        if (subject == null) {
            throw new IllegalArgumentException("'subject' parameter is null");
        }
        return getIdentityCredentialValue(subject, credentialId);
    }

    public static JGuardCredential getIdentityCredentialValue(Subject subject, String str) {
        Set<JGuardCredential> publicCredentials = subject.getPublicCredentials(JGuardCredential.class);
        HashSet hashSet = new HashSet();
        for (JGuardCredential jGuardCredential : publicCredentials) {
            if (str.equals(jGuardCredential.getName())) {
                hashSet.add(jGuardCredential);
            }
        }
        if (hashSet.isEmpty()) {
            return null;
        }
        if (hashSet.size() > 1) {
            throw new IllegalStateException(hashSet.size() + " values found. there must be only one value for identity credential.");
        }
        return (JGuardCredential) hashSet.iterator().next();
    }

    public static Set getEnabledPrincipals(Set<Principal> set) {
        HashSet hashSet = new HashSet();
        UserPrincipal userPrincipal = null;
        Iterator<Principal> it = set.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Principal next = it.next();
            if (next instanceof UserPrincipal) {
                userPrincipal = (UserPrincipal) next;
                break;
            }
        }
        for (Principal principal : set) {
            if (principal instanceof RolePrincipal) {
                RolePrincipal rolePrincipal = (RolePrincipal) principal;
                if (!USER_PRINCIPAL.equals(rolePrincipal.getLocalName()) && PrincipalUtils.evaluatePrincipal(rolePrincipal, userPrincipal)) {
                    hashSet.add(rolePrincipal);
                }
            }
        }
        return hashSet;
    }

    public static Subject getGuestSubject(AuthenticationManager authenticationManager) {
        Subject subject = new Subject();
        subject.getPrivateCredentials().add(new JGuardCredential(authenticationManager.getCredentialId(), GuestCallbacksProvider.GUEST));
        subject.getPrivateCredentials().add(new JGuardCredential(authenticationManager.getCredentialPassword(), GuestCallbacksProvider.GUEST));
        return subject;
    }
}
