package net.sf.jguard.ext.authentication;

import java.io.IOException;
import java.net.URL;
import java.security.AccessControlContext;
import java.security.CodeSource;
import java.security.Permission;
import java.security.Permissions;
import java.security.PrivilegedExceptionAction;
import java.security.ProtectionDomain;
import java.security.cert.Certificate;
import java.util.logging.Logger;
import javax.security.auth.Subject;
import net.sf.jguard.core.authorization.domaincombiners.RestrictDomainCombiner;
import net.sf.jguard.ext.AccessContext;

/* loaded from: input_file:net/sf/jguard/ext/authentication/AuthenticationLifeCycle.class */
public class AuthenticationLifeCycle {
    public static final Logger logger;
    private AuthenticationPhases phases;
    private Permission authenticationFailed;
    private Permission logon;
    private Permission logonProcess;
    private Permission logoff;
    private Permissions authenticationPermissions;
    private AccessControlContext accessControlContext;
    static Class class$net$sf$jguard$ext$authentication$AuthenticationLifeCycle;

    public AuthenticationLifeCycle(AuthenticationPhases authenticationPhases) {
        this.phases = null;
        this.authenticationFailed = null;
        this.logon = null;
        this.logonProcess = null;
        this.logoff = null;
        this.authenticationPermissions = null;
        this.accessControlContext = null;
        this.phases = authenticationPhases;
        this.authenticationFailed = authenticationPhases.getAuthenticationFailedPermission();
        this.logon = authenticationPhases.getLogonPermission();
        this.logonProcess = authenticationPhases.getLogonProcessPermission();
        this.logoff = authenticationPhases.getLogoffPermission();
        this.authenticationPermissions = new Permissions();
        this.authenticationPermissions.add(this.authenticationFailed);
        if (this.logon != null) {
            this.authenticationPermissions.add(this.logon);
        }
        this.authenticationPermissions.add(this.logonProcess);
        this.authenticationPermissions.add(this.logoff);
        this.accessControlContext = new AccessControlContext(new ProtectionDomain[]{new ProtectionDomain(new CodeSource((URL) null, (Certificate[]) null), this.authenticationPermissions)});
    }

    public void process(AccessContext accessContext) {
        Permission permissionRequested = this.phases.getPermissionRequested(accessContext);
        Subject subject = this.phases.getSubject(accessContext);
        if (subject == null) {
            logger.finest(new StringBuffer().append("LAST_ACCESS_DENIED_PERMISSION=").append(permissionRequested).toString());
            this.phases.setLastAccessDeniedPermission(accessContext, permissionRequested);
            logger.finest(" subject is null  logonProcess phase ");
            this.phases.logonProcess(accessContext);
            return;
        }
        if (this.authenticationFailed.implies(permissionRequested)) {
            logger.finest(" access authorized ");
            process(subject, accessContext);
            return;
        }
        if (this.logon.implies(permissionRequested)) {
            logger.finest(" logon phase ");
            process(subject, accessContext);
        } else if (this.logonProcess.implies(permissionRequested)) {
            logger.finest(" logonProcess phase ");
            this.phases.logonProcess(accessContext);
        } else {
            if (!this.logoff.implies(permissionRequested)) {
                process(subject, accessContext);
                return;
            }
            logger.finest(" logoff phase ");
            this.phases.logoff(accessContext);
            process(subject, accessContext);
        }
    }

    private void process(Subject subject, AccessContext accessContext) {
        try {
            Subject.doAsPrivileged(subject, new PrivilegedExceptionAction(this, this.phases, accessContext) { // from class: net.sf.jguard.ext.authentication.AuthenticationLifeCycle.1
                private final AuthenticationPhases val$phases;
                private final AccessContext val$context;
                private final AuthenticationLifeCycle this$0;

                {
                    this.this$0 = this;
                    this.val$phases = r5;
                    this.val$context = accessContext;
                }

                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws IOException {
                    try {
                        this.val$phases.process(this.val$context);
                        return null;
                    } catch (Throwable th) {
                        AuthenticationLifeCycle.logger.severe(th.getMessage());
                        throw new RuntimeException(th.getMessage());
                    }
                }
            }, new AccessControlContext(this.accessControlContext, new RestrictDomainCombiner()));
        } catch (Throwable th) {
            logger.severe(th.getMessage());
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$net$sf$jguard$ext$authentication$AuthenticationLifeCycle == null) {
            cls = class$("net.sf.jguard.ext.authentication.AuthenticationLifeCycle");
            class$net$sf$jguard$ext$authentication$AuthenticationLifeCycle = cls;
        } else {
            cls = class$net$sf$jguard$ext$authentication$AuthenticationLifeCycle;
        }
        logger = Logger.getLogger(cls.getName());
    }
}
