package net.sf.jguard.ext.authentication.loginmodules;

import java.text.MessageFormat;
import java.util.Hashtable;
import java.util.Map;
import java.util.Set;
import java.util.logging.Logger;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import net.sf.jguard.ext.SecurityConstants;
import net.sf.jguard.ext.util.JNDIUtils;

/* loaded from: input_file:net/sf/jguard/ext/authentication/loginmodules/JNDILoginModule.class */
public class JNDILoginModule extends UserLoginModule implements LoginModule {
    private static final Logger logger;
    private String[] returningAttributes;
    static Class class$net$sf$jguard$ext$authentication$loginmodules$JNDILoginModule;
    private DirContext initDirCtx = null;
    private DirContext userCtxt = null;
    private int searchScope = -1;
    private int timeLimit = -1;
    private long countLimit = -1;
    private boolean derefLinkFlag = false;
    private boolean returningObjFlag = false;
    private String searchContextName = null;
    private String searchFilterExpression = "";
    private String searchFiterArgs = null;
    private boolean pathToUserKnown = true;
    private String userPath = null;
    private String rolePath = null;
    private Set credentials = null;
    private int ppalAppNameLevel = 2;
    private String ppalNameAttribute = "cn";
    private String organizationlaRoleAttribute = "organizationalRole";
    private String userPasswordAttribute = "userPassword";

    @Override // net.sf.jguard.ext.authentication.loginmodules.UserLoginModule
    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        super.initialize(subject, callbackHandler, map, map2);
        if (((String) map2.get(SecurityConstants.DIRECTORY_PATH_TO_USER)) != null) {
            this.pathToUserKnown = Boolean.valueOf((String) map2.get(SecurityConstants.DIRECTORY_PATH_TO_USER)).booleanValue();
        }
        if (((String) map2.get(SecurityConstants.DIRECTORY_SEARCH_SCOPE)) != null) {
            this.searchScope = Integer.parseInt((String) map2.get(SecurityConstants.DIRECTORY_SEARCH_SCOPE));
        }
        if (((String) map2.get(SecurityConstants.DIRECTORY_TIME_LIMIT)) != null) {
            this.timeLimit = Integer.parseInt((String) map2.get(SecurityConstants.DIRECTORY_TIME_LIMIT));
        }
        if (((String) map2.get(SecurityConstants.DIRECTORY_COUNT_LIMIT)) != null) {
            this.countLimit = Long.parseLong((String) map2.get(SecurityConstants.DIRECTORY_COUNT_LIMIT));
        }
        if (((String) map2.get(SecurityConstants.DIRECTORY_DEREF_LINK_FLAG)) != null) {
            this.derefLinkFlag = Boolean.valueOf((String) map2.get(SecurityConstants.DIRECTORY_DEREF_LINK_FLAG)).booleanValue();
        }
        if (((String) map2.get(SecurityConstants.DIRECTORY_RETURNING_ATTRIBUTES)) != null) {
            this.returningAttributes = ((String) map2.get(SecurityConstants.DIRECTORY_RETURNING_ATTRIBUTES)).split(",");
        }
        if (((String) map2.get(SecurityConstants.DIRECTORY_RETURNING_OBJ_FLAG)) != null) {
            this.returningObjFlag = Boolean.valueOf((String) map2.get(SecurityConstants.DIRECTORY_RETURNING_OBJ_FLAG)).booleanValue();
        }
        if (((String) map2.get(SecurityConstants.DIRECTORY_SEARCH_CONTEXT_NAME)) != null) {
            this.searchContextName = (String) map2.get(SecurityConstants.DIRECTORY_SEARCH_CONTEXT_NAME);
        }
        if (((String) map2.get(SecurityConstants.DIRECTORY_SEARCH_FILTER_EXPRESSION)) != null) {
            this.searchFilterExpression = (String) map2.get(SecurityConstants.DIRECTORY_SEARCH_FILTER_EXPRESSION);
        }
        if (((String) map2.get("userPath")) != null) {
            this.userPath = (String) map2.get("userPath");
        }
        if (((String) map2.get("rolePath")) != null) {
            this.rolePath = (String) map2.get("rolePath");
        }
        if (((Integer) map2.get("ppalAppNameAttribute")) != null) {
            this.ppalAppNameLevel = ((Integer) map2.get("ppalAppNameAttribute")).intValue();
        }
        if (((String) map2.get("ppalNameAttribute")) != null) {
            this.ppalNameAttribute = (String) map2.get("ppalNameAttribute");
        }
        if (((String) map2.get("organizationlaRoleAttribute")) != null) {
            this.organizationlaRoleAttribute = (String) map2.get("organizationlaRoleAttribute");
        }
        if (((String) map2.get("userPasswordAttribute")) != null) {
            this.userPasswordAttribute = (String) map2.get("userPasswordAttribute");
        }
        Hashtable hashtable = new Hashtable();
        for (Map.Entry entry : map2.entrySet()) {
            if (entry.getValue() != null) {
                hashtable.put(entry.getKey(), entry.getValue());
            }
        }
        try {
            this.initDirCtx = new InitialDirContext(hashtable);
        } catch (NamingException e) {
            logger.severe(e.getMessage());
        }
    }

    @Override // net.sf.jguard.ext.authentication.loginmodules.UserLoginModule
    public boolean login() throws LoginException {
        String login = super.getLogin();
        String password = super.getPassword();
        NamingEnumeration namingEnumeration = null;
        this.userPath = MessageFormat.format(this.userPath, login);
        this.userPath = JNDIUtils.escapeDn(this.userPath);
        if (this.userPath != null) {
            try {
                if (!equals("")) {
                    try {
                        this.userCtxt = (DirContext) this.initDirCtx.lookup(this.userPath);
                        Attributes attributes = this.userCtxt.getAttributes("");
                        String str = new String((byte[]) attributes.get(this.userPasswordAttribute).get());
                        if (str == null || !str.equals(password)) {
                            throw new LoginException("passsword does not match");
                        }
                        NamingEnumeration all = attributes.getAll();
                        this.credentials = JNDIUtils.grabCredentialsFromJNDIAttributes(all);
                        try {
                            all.close();
                            this.userCtxt.close();
                            return true;
                        } catch (NamingException e) {
                            throw new LoginException(e.getMessage());
                        }
                    } catch (NamingException e2) {
                        throw new LoginException(e2.getMessage());
                    }
                }
            } catch (Throwable th) {
                try {
                    namingEnumeration.close();
                    this.userCtxt.close();
                    throw th;
                } catch (NamingException e3) {
                    throw new LoginException(e3.getMessage());
                }
            }
        }
        globalSearch();
        return true;
    }

    private NamingEnumeration globalSearch() {
        NamingEnumeration namingEnumeration = null;
        SearchControls searchControls = new SearchControls();
        if (this.searchScope != -1) {
            searchControls.setSearchScope(this.searchScope);
        }
        if (this.countLimit != -1) {
            searchControls.setCountLimit(this.countLimit);
        }
        searchControls.setDerefLinkFlag(this.derefLinkFlag);
        if (this.returningAttributes.length > 0) {
            searchControls.setReturningAttributes(this.returningAttributes);
        }
        searchControls.setReturningObjFlag(this.returningObjFlag);
        if (this.timeLimit != -1) {
            searchControls.setTimeLimit(this.timeLimit);
        }
        try {
            if (this.searchFiterArgs != null) {
                namingEnumeration = this.initDirCtx.search(this.searchContextName, this.searchFilterExpression, this.searchFiterArgs.split("#"), searchControls);
            } else {
                namingEnumeration = this.initDirCtx.search(this.searchContextName, this.searchFilterExpression, searchControls);
            }
        } catch (NamingException e) {
            logger.severe(new StringBuffer().append(" bad JNDI name ").append(this.searchContextName).append(" ").append(this.searchFilterExpression).append(" ").append(searchControls).toString());
        }
        return namingEnumeration;
    }

    @Override // net.sf.jguard.ext.authentication.loginmodules.UserLoginModule
    public boolean commit() throws LoginException {
        try {
            BasicAttributes basicAttributes = new BasicAttributes(true);
            basicAttributes.put(new BasicAttribute("objectClass", this.organizationlaRoleAttribute));
            StringBuffer append = new StringBuffer(this.rolePath).append(",").append(this.userPath);
            logger.finest(new StringBuffer().append("search path=").append((Object) append).toString());
            NamingEnumeration search = this.initDirCtx.search(append.toString(), basicAttributes);
            Set grabPrincipalsFromUser = JNDIUtils.grabPrincipalsFromUser(search, this.ppalNameAttribute, this.ppalAppNameLevel);
            logger.finest(new StringBuffer().append(grabPrincipalsFromUser.size()).append(" principals have been found").toString());
            this.subject.getPrincipals().addAll(grabPrincipalsFromUser);
            this.subject.getPrivateCredentials().addAll(this.credentials);
            try {
                search.close();
                this.userCtxt.close();
                this.initDirCtx.close();
                return true;
            } catch (NamingException e) {
                throw new LoginException(e.getMessage());
            }
        } catch (NamingException e2) {
            throw new LoginException(e2.getMessage());
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$net$sf$jguard$ext$authentication$loginmodules$JNDILoginModule == null) {
            cls = class$("net.sf.jguard.ext.authentication.loginmodules.JNDILoginModule");
            class$net$sf$jguard$ext$authentication$loginmodules$JNDILoginModule = cls;
        } else {
            cls = class$net$sf$jguard$ext$authentication$loginmodules$JNDILoginModule;
        }
        logger = Logger.getLogger(cls.getName());
    }
}
