package net.sf.jguard.ext.authentication.manager;

import java.security.Principal;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Random;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.Subject;
import net.sf.jguard.core.authentication.credentials.JGuardCredential;
import net.sf.jguard.core.principals.RolePrincipal;
import net.sf.jguard.core.principals.UserPrincipal;
import net.sf.jguard.ext.SecurityConstants;
import net.sf.jguard.ext.authentication.AuthenticationException;
import net.sf.jguard.ext.authentication.SubjectTemplate;
import net.sf.jguard.ext.principals.PrincipalUtils;

/* loaded from: input_file:net/sf/jguard/ext/authentication/manager/AbstractAuthenticationManager.class */
public abstract class AbstractAuthenticationManager implements AuthenticationManager {
    private static final Logger logger;
    protected static final String DEFAULT = "default";
    protected SubjectTemplate subjectTemplate;
    protected String applicationName;
    static Class class$net$sf$jguard$ext$authentication$manager$AbstractAuthenticationManager;
    static Class class$net$sf$jguard$core$principals$RolePrincipal;
    static Class class$net$sf$jguard$core$principals$UserPrincipal;
    static Class class$net$sf$jguard$core$authentication$credentials$JGuardCredential;
    protected boolean debug = false;
    protected Set localPrincipalsSet = new HashSet();
    protected Map localPrincipals = new HashMap();

    @Override // net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public Subject createUser(SubjectTemplate subjectTemplate) throws AuthenticationException {
        return createUser(subjectTemplate, this.subjectTemplate);
    }

    @Override // net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public Subject createUser(SubjectTemplate subjectTemplate, SubjectTemplate subjectTemplate2) throws AuthenticationException {
        Subject subject;
        if (subjectTemplate2 != null) {
            subjectTemplate2.validateUser(subjectTemplate);
            subject = subjectTemplate2.buildSubject(subjectTemplate);
        } else {
            subject = subjectTemplate.toSubject();
        }
        if (userAlreadyExists(subject)) {
            throw new AuthenticationException(" user already exists ");
        }
        persistUser(subject);
        logger.finest(" user persisted \n");
        return subject;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v13, types: [java.util.Set] */
    @Override // net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public void createUser(Subject subject) throws AuthenticationException {
        Class cls;
        HashSet validateRequiredCredentialsFromUser = this.subjectTemplate != null ? this.subjectTemplate.validateRequiredCredentialsFromUser(subject) : new HashSet();
        if (class$net$sf$jguard$core$principals$RolePrincipal == null) {
            cls = class$("net.sf.jguard.core.principals.RolePrincipal");
            class$net$sf$jguard$core$principals$RolePrincipal = cls;
        } else {
            cls = class$net$sf$jguard$core$principals$RolePrincipal;
        }
        subject.getPrincipals(cls).retainAll(this.localPrincipalsSet);
        if (validateRequiredCredentialsFromUser.size() != 0) {
            throw new AuthenticationException(new StringBuffer().append(" the user cannot be created :some credentials are missing ").append(validateRequiredCredentialsFromUser).toString());
        }
        persistUser(subject);
    }

    @Override // net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public void createPrincipal(Principal principal) throws AuthenticationException {
        if (this.localPrincipalsSet.contains(principal)) {
            return;
        }
        this.localPrincipalsSet.add(principal);
        this.localPrincipals.put(principal.getName(), principal);
        persistPrincipal(principal);
    }

    protected abstract void persistUser(Subject subject) throws AuthenticationException;

    protected abstract void persistPrincipal(Principal principal) throws AuthenticationException;

    @Override // net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public Set getLocalPrincipals() {
        return this.localPrincipalsSet;
    }

    @Override // net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public Principal getLocalPrincipal(String str) throws AuthenticationException {
        RolePrincipal rolePrincipal = (Principal) this.localPrincipals.get(str);
        if (rolePrincipal instanceof RolePrincipal) {
            return (Principal) rolePrincipal.clone();
        }
        return null;
    }

    @Override // net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public boolean userAlreadyExists(Subject subject) throws AuthenticationException {
        HashSet hashSet = new HashSet();
        hashSet.add(extractIdentityCredentialFromUser(subject));
        return findUsers(hashSet).size() > 0;
    }

    @Override // net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public void addPrincipalToUser(Subject subject, String str) throws AuthenticationException {
        Principal principal = (Principal) this.localPrincipals.get(str);
        if (principal == null) {
            throw new AuthenticationException(new StringBuffer().append(" role ").append(str).append(" does not exists in the current web application ").toString());
        }
        JGuardCredential extractIdentityCredentialFromUser = extractIdentityCredentialFromUser(subject);
        subject.getPrincipals().add(principal);
        updateUser(extractIdentityCredentialFromUser, subject);
    }

    @Override // net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public boolean hasPrincipal(Principal principal) throws AuthenticationException {
        return this.localPrincipalsSet.contains(principal);
    }

    @Override // net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public boolean hasPrincipal(String str) throws AuthenticationException {
        Iterator it = this.localPrincipalsSet.iterator();
        while (it.hasNext()) {
            if (((Principal) it.next()).getName().equals(str)) {
                return true;
            }
        }
        return false;
    }

    @Override // net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public void updateUser(JGuardCredential jGuardCredential, Subject subject) throws AuthenticationException {
        Class cls;
        Set<Principal> principals = subject.getPrincipals();
        if (class$net$sf$jguard$core$principals$UserPrincipal == null) {
            cls = class$("net.sf.jguard.core.principals.UserPrincipal");
            class$net$sf$jguard$core$principals$UserPrincipal = cls;
        } else {
            cls = class$net$sf$jguard$core$principals$UserPrincipal;
        }
        boolean z = false;
        Iterator it = subject.getPrincipals(cls).iterator();
        while (it.hasNext()) {
            principals.remove((Principal) it.next());
            z = true;
        }
        updateUserImpl(jGuardCredential, subject);
        if (z) {
            subject.getPrincipals().add(new UserPrincipal(subject));
        }
    }

    protected abstract void updateUserImpl(JGuardCredential jGuardCredential, Subject subject) throws AuthenticationException;

    @Override // net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public abstract Set findUsers(Collection collection) throws AuthenticationException;

    @Override // net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public SubjectTemplate getDefaultSubjectTemplate() throws AuthenticationException {
        if (this.subjectTemplate == null) {
            this.subjectTemplate = getSubjectTemplate(DEFAULT);
        }
        return this.subjectTemplate.unmodifiableSubjectTemplate();
    }

    @Override // net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public abstract Set getUsers() throws AuthenticationException;

    public void importAuthenticationManager(AuthenticationManager authenticationManager) {
        if (authenticationManager.isEmpty()) {
            logger.warning(" authManager to import is empty ");
            return;
        }
        Set set = null;
        try {
            set = authenticationManager.getAllPrincipalsSet();
        } catch (AuthenticationException e) {
            logger.log(Level.SEVERE, " principals cannot be grabbed : ", (Throwable) e);
        }
        Iterator it = set.iterator();
        while (it.hasNext()) {
            try {
                createPrincipal((Principal) it.next());
            } catch (AuthenticationException e2) {
                logger.log(Level.SEVERE, " principal cannot persisted : ", (Throwable) e2);
            }
        }
        try {
            Iterator it2 = authenticationManager.getUsers().iterator();
            while (it2.hasNext()) {
                persistUser((Subject) it2.next());
            }
            SubjectTemplate defaultSubjectTemplate = authenticationManager.getDefaultSubjectTemplate();
            persistSubjectTemplate(defaultSubjectTemplate);
            this.subjectTemplate = defaultSubjectTemplate;
        } catch (AuthenticationException e3) {
            logger.log(Level.SEVERE, " default subject template cannot be persisted : ", (Throwable) e3);
        }
    }

    protected Set extractCredentials(Set set, Set set2) {
        HashSet hashSet = new HashSet();
        Iterator it = set2.iterator();
        while (it.hasNext()) {
            JGuardCredential jGuardCredential = (JGuardCredential) it.next();
            String id = jGuardCredential.getId();
            Iterator it2 = set.iterator();
            while (it2.hasNext()) {
                if (((JGuardCredential) it2.next()).getId().equals(id)) {
                    hashSet.add(jGuardCredential);
                }
            }
        }
        return hashSet;
    }

    protected Set extractCredentialsFromSubject(Set set, Subject subject) {
        Class cls;
        Class cls2;
        HashSet hashSet = new HashSet();
        if (class$net$sf$jguard$core$authentication$credentials$JGuardCredential == null) {
            cls = class$("net.sf.jguard.core.authentication.credentials.JGuardCredential");
            class$net$sf$jguard$core$authentication$credentials$JGuardCredential = cls;
        } else {
            cls = class$net$sf$jguard$core$authentication$credentials$JGuardCredential;
        }
        hashSet.addAll(extractCredentials(set, subject.getPublicCredentials(cls)));
        if (class$net$sf$jguard$core$authentication$credentials$JGuardCredential == null) {
            cls2 = class$("net.sf.jguard.core.authentication.credentials.JGuardCredential");
            class$net$sf$jguard$core$authentication$credentials$JGuardCredential = cls2;
        } else {
            cls2 = class$net$sf$jguard$core$authentication$credentials$JGuardCredential;
        }
        hashSet.addAll(extractCredentials(set, subject.getPrivateCredentials(cls2)));
        return hashSet;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public JGuardCredential extractIdentityCredentialFromUser(Subject subject) throws AuthenticationException {
        HashSet hashSet = new HashSet();
        hashSet.add(this.subjectTemplate.getIdentityCredential());
        Set extractCredentialsFromSubject = extractCredentialsFromSubject(hashSet, subject);
        if (extractCredentialsFromSubject.size() > 1) {
            throw new IllegalArgumentException(" the user has got more than one identity argument ");
        }
        if (extractCredentialsFromSubject.size() < 1) {
            throw new IllegalArgumentException(" the user has'nt got  one identity argument ");
        }
        return (JGuardCredential) extractCredentialsFromSubject.iterator().next();
    }

    @Override // net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public Principal clonePrincipal(String str) throws AuthenticationException {
        return clonePrincipal(str, new StringBuffer().append(str).append(new Random().nextInt(99999)).toString());
    }

    @Override // net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public Principal clonePrincipal(String str, String str2) throws AuthenticationException {
        RolePrincipal principal;
        RolePrincipal rolePrincipal = (Principal) this.localPrincipals.get(str);
        if (rolePrincipal instanceof RolePrincipal) {
            principal = (RolePrincipal) rolePrincipal.clone();
            principal.setName(str2);
        } else {
            principal = PrincipalUtils.getPrincipal(rolePrincipal.getClass().getName(), str2);
        }
        createPrincipal(principal);
        return principal;
    }

    @Override // net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public void setActiveOnRolePrincipal(Subject subject, String str, String str2, boolean z) throws AuthenticationException {
        if (str.equals(SecurityConstants.GUEST)) {
            throw new AuthenticationException("guest 'active' property cannot be modified  ");
        }
        JGuardCredential extractIdentityCredentialFromUser = extractIdentityCredentialFromUser(subject);
        if (!z && !checkMultipleActiveRoleExists(subject)) {
            throw new AuthenticationException("only one role is active from the same application. user cannot inactivate it ");
        }
        getRole(subject, str, str2).setActive(z);
        updateUser(extractIdentityCredentialFromUser, subject);
    }

    public RolePrincipal getRole(Subject subject, String str, String str2) throws AuthenticationException {
        if (str == null || str.equals("")) {
            throw new AuthenticationException("roleName is null or empty");
        }
        if (str2 == null || str2.equals("")) {
            throw new AuthenticationException("applicationName is null or empty");
        }
        Iterator<Principal> it = subject.getPrincipals().iterator();
        RolePrincipal rolePrincipal = null;
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Principal next = it.next();
            if (next instanceof RolePrincipal) {
                RolePrincipal rolePrincipal2 = (RolePrincipal) next;
                if (str.equals(rolePrincipal2.getName()) && str2.equals(rolePrincipal2.getApplicationName())) {
                    rolePrincipal = rolePrincipal2;
                    break;
                }
            }
        }
        if (rolePrincipal == null) {
            throw new AuthenticationException("  role not found ");
        }
        return rolePrincipal;
    }

    private boolean checkMultipleActiveRoleExists(Subject subject) {
        Iterator<Principal> it = subject.getPrincipals().iterator();
        int i = 0;
        while (it.hasNext()) {
            RolePrincipal rolePrincipal = (Principal) it.next();
            if (rolePrincipal instanceof RolePrincipal) {
                RolePrincipal rolePrincipal2 = rolePrincipal;
                if (rolePrincipal2.isActive() && this.applicationName.equals(rolePrincipal2.getApplicationName())) {
                    i++;
                }
            }
        }
        return i > 1;
    }

    @Override // net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public Subject findUser(String str) {
        Iterator it;
        HashSet hashSet = new HashSet();
        JGuardCredential jGuardCredential = new JGuardCredential();
        jGuardCredential.setId("login");
        jGuardCredential.setValue(str);
        hashSet.add(jGuardCredential);
        Subject subject = null;
        try {
            it = findUsers(hashSet).iterator();
        } catch (AuthenticationException e) {
            logger.log(Level.WARNING, e.getLocalizedMessage());
        }
        if (!it.hasNext()) {
            throw new AuthenticationException(" no user found ");
        }
        subject = (Subject) it.next();
        return subject;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    @Override // net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public abstract void deletePrincipal(Principal principal) throws AuthenticationException;

    @Override // net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public abstract void updatePrincipal(String str, Principal principal) throws AuthenticationException;

    @Override // net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public abstract boolean isEmpty();

    @Override // net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public abstract SubjectTemplate getSubjectTemplate(String str) throws AuthenticationException;

    @Override // net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public abstract void deleteUser(Subject subject) throws AuthenticationException;

    @Override // net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public abstract void init(Map map);

    @Override // net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public abstract Set getAllPrincipalsSet() throws AuthenticationException;

    @Override // net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public abstract void persistSubjectTemplate(SubjectTemplate subjectTemplate) throws AuthenticationException;

    static {
        Class cls;
        if (class$net$sf$jguard$ext$authentication$manager$AbstractAuthenticationManager == null) {
            cls = class$("net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager");
            class$net$sf$jguard$ext$authentication$manager$AbstractAuthenticationManager = cls;
        } else {
            cls = class$net$sf$jguard$ext$authentication$manager$AbstractAuthenticationManager;
        }
        logger = Logger.getLogger(cls.getName());
    }
}
