package net.sf.jguard.ext.authentication.loginmodules;

import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.CredentialException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import net.sf.jguard.core.PolicyEnforcementPointOptions;
import net.sf.jguard.core.authentication.AuthenticationException;
import net.sf.jguard.core.authentication.credentials.JGuardCredential;
import net.sf.jguard.core.authentication.manager.AuthenticationManager;
import net.sf.jguard.core.authentication.manager.AuthenticationManagerFactory;
import net.sf.jguard.ext.SecurityConstants;
import net.sf.jguard.ext.authentication.manager.XmlAuthenticationManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/sf/jguard/ext/authentication/loginmodules/XmlLoginModule.class */
public class XmlLoginModule extends UserLoginModule implements LoginModule {
    private static final Logger logger = LoggerFactory.getLogger(XmlLoginModule.class.getName());
    private Set users;

    @Override // net.sf.jguard.ext.authentication.loginmodules.UserLoginModule
    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        super.initialize(subject, callbackHandler, map, map2);
        if (AuthenticationManagerFactory.getAuthenticationManager() == null) {
            HashMap hashMap = new HashMap();
            hashMap.putAll(map2);
            if (map2.get(PolicyEnforcementPointOptions.APPLICATION_NAME.getLabel()) != null) {
                hashMap.put(PolicyEnforcementPointOptions.APPLICATION_NAME.getLabel(), map2.get(PolicyEnforcementPointOptions.APPLICATION_NAME.getLabel()));
            } else {
                String property = System.getProperty(SecurityConstants.JGUARD_APPLICATION_NAME);
                if (property != null) {
                    hashMap.put(PolicyEnforcementPointOptions.APPLICATION_NAME.getLabel(), property);
                } else {
                    String property2 = System.getProperty(SecurityConstants.COM_SUN_APPLICATION_NAME);
                    if (property2 != null) {
                        logger.warn("Using JMX config for application name! If you're not running JMX, prefer XmlLoginModule options or net.sf.jguard.applicationName vmarg");
                        hashMap.put(PolicyEnforcementPointOptions.APPLICATION_NAME.getLabel(), property2);
                    } else {
                        hashMap.put(PolicyEnforcementPointOptions.APPLICATION_NAME.getLabel(), "other");
                    }
                }
            }
            try {
                AuthenticationManagerFactory.setAuthenticationManager(AuthenticationManagerFactory.createAuthenticationManager(XmlAuthenticationManager.class, hashMap));
            } catch (AuthenticationException e) {
                logger.error(" initialize ", e);
            }
        }
        try {
            this.users = AuthenticationManagerFactory.getAuthenticationManager().getUsers();
        } catch (AuthenticationException e2) {
            logger.error(" initialize ", e2);
        }
    }

    @Override // net.sf.jguard.ext.authentication.loginmodules.UserLoginModule
    public boolean login() throws LoginException {
        super.login();
        if (this.skipPasswordCheck || this.password == null) {
            return false;
        }
        AuthenticationManager authenticationManager = AuthenticationManagerFactory.getAuthenticationManager();
        JGuardCredential jGuardCredential = new JGuardCredential();
        jGuardCredential.setName(authenticationManager.getCredentialId());
        jGuardCredential.setValue(this.login);
        JGuardCredential jGuardCredential2 = new JGuardCredential();
        jGuardCredential2.setName(authenticationManager.getCredentialPassword());
        jGuardCredential2.setValue(new String(this.password));
        Iterator it = this.users.iterator();
        boolean z = false;
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Subject subject = (Subject) it.next();
            Set<Object> privateCredentials = subject.getPrivateCredentials();
            if (privateCredentials.contains(jGuardCredential)) {
                if (privateCredentials.contains(jGuardCredential2) || this.skipPasswordCheck) {
                    this.globalPrincipals = subject.getPrincipals();
                    this.globalPrivateCredentials = subject.getPrivateCredentials();
                    this.globalPublicCredentials = subject.getPublicCredentials();
                    z = true;
                }
            }
        }
        if (z) {
            return true;
        }
        this.loginOK = false;
        throw new CredentialException("login.error");
    }
}
