package net.sf.jguard.authentication.http;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpSessionActivationListener;
import javax.servlet.http.HttpSessionBindingEvent;
import javax.servlet.http.HttpSessionBindingListener;
import javax.servlet.http.HttpSessionEvent;
import net.sf.jguard.authentication.callbacks.jee.HttpCallbackHandler;
import net.sf.jguard.core.authentication.credentials.JGuardCredential;
import net.sf.jguard.core.principals.UserPrincipal;
import net.sf.jguard.ext.authentication.AuthenticationException;
import net.sf.jguard.ext.authentication.JGuardLoginException;
import net.sf.jguard.ext.authentication.SubjectUtils;
import net.sf.jguard.ext.authentication.manager.AuthenticationManager;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:net/sf/jguard/authentication/http/HttpAuthenticationUtils.class */
public class HttpAuthenticationUtils implements HttpSessionActivationListener, HttpSessionBindingListener {
    private static final Log logger;
    private LoginContext loginContext;
    static Class class$net$sf$jguard$authentication$http$HttpAuthenticationUtils;
    private boolean loggedOut = false;
    private Subject subject = null;
    private HttpSession session = null;

    private void useLoginContext(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, boolean z) throws LoginException {
        this.session = httpServletRequest.getSession();
        String str = (String) this.session.getServletContext().getAttribute("applicationName");
        HttpCallbackHandler httpCallbackHandler = new HttpCallbackHandler(httpServletRequest, httpServletResponse, (String) this.session.getServletContext().getAttribute(HttpConstants.AUTH_SCHEME));
        httpCallbackHandler.setAfterRegistration(z);
        try {
            this.loginContext = new LoginContext(str, httpCallbackHandler);
            try {
                this.loginContext.login();
                this.subject = this.loginContext.getSubject();
                if (this.subject != null) {
                    this.subject.getPrincipals().add(new UserPrincipal(this.subject));
                }
            } catch (LoginException e) {
                logger.error(new StringBuffer().append("authentication failed.LoginException ").append(e.getMessage()).toString(), e);
                throw e;
            }
        } catch (SecurityException e2) {
            logger.error(new StringBuffer().append("LoginContext cannot be created. ").append(e2.getMessage()).toString(), e2);
            throw new LoginException(e2.getLocalizedMessage());
        }
    }

    public Subject getSubject() {
        return this.subject;
    }

    public void logout() {
        if (this.loggedOut) {
            return;
        }
        try {
            if (this.loginContext != null) {
                this.loginContext.logout();
                this.loggedOut = true;
            } else {
                logger.debug(" user is not logged, so we don't logout him ");
            }
        } catch (LoginException e) {
            logger.error(" error raised when the user logout ", e);
        }
    }

    public static HttpAuthenticationUtils getHttpAuthenticationUtils(HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession(true);
        HttpAuthenticationUtils httpAuthenticationUtils = (HttpAuthenticationUtils) session.getAttribute(HttpConstants.AUTH_UTILS);
        if (httpAuthenticationUtils != null && httpAuthenticationUtils.getSubject() == null) {
            logger.debug(" subject into HttpAuthenticationUtils is null ");
            httpAuthenticationUtils.logout();
            session.removeAttribute(HttpConstants.AUTH_UTILS);
            httpAuthenticationUtils = null;
        }
        if (httpAuthenticationUtils == null) {
            httpAuthenticationUtils = new HttpAuthenticationUtils();
            session.setAttribute(HttpConstants.AUTH_UTILS, httpAuthenticationUtils);
        }
        return httpAuthenticationUtils;
    }

    public static boolean authenticate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, boolean z) throws IOException {
        HttpAuthenticationUtils httpAuthenticationUtils = getHttpAuthenticationUtils(httpServletRequest);
        HttpSession session = httpServletRequest.getSession(true);
        boolean z2 = true;
        try {
            httpAuthenticationUtils.useLoginContext(httpServletRequest, httpServletResponse, z);
            Subject subject = httpAuthenticationUtils.getSubject();
            if (logger.isDebugEnabled()) {
                logger.debug(new StringBuffer().append("subject retrieved=").append(subject).toString());
            }
        } catch (LoginException e) {
            z2 = false;
            session.setAttribute(HttpConstants.LOGIN_EXCEPTION_MESSAGE, e instanceof JGuardLoginException ? e.getLocalizedMessage(httpServletRequest.getLocale()) : e.getMessage());
            session.setAttribute(HttpConstants.LOGIN_EXCEPTION_CLASS, e.getClass());
        }
        return z2;
    }

    public void sessionWillPassivate(HttpSessionEvent httpSessionEvent) {
        logout();
        HttpAuthenticationUtils httpAuthenticationUtils = (HttpAuthenticationUtils) httpSessionEvent.getSession().getAttribute(HttpConstants.AUTH_UTILS);
        if (httpAuthenticationUtils != null) {
            httpAuthenticationUtils.logout();
        }
        httpSessionEvent.getSession().removeAttribute(HttpConstants.AUTH_UTILS);
    }

    public void sessionDidActivate(HttpSessionEvent httpSessionEvent) {
    }

    public void refreshUser(JGuardCredential jGuardCredential) throws AuthenticationException {
        AuthenticationManager authenticationManager = (AuthenticationManager) this.session.getServletContext().getAttribute("authenticationManager");
        JGuardCredential identityCredential = SubjectUtils.getIdentityCredential(this.subject, authenticationManager.getDefaultSubjectTemplate());
        if (identityCredential.equals(jGuardCredential)) {
            ArrayList arrayList = new ArrayList();
            arrayList.add(identityCredential);
            Set findUsers = authenticationManager.findUsers(arrayList);
            if (findUsers.size() > 1) {
                logger.error("user cannot be updated because identity credential maps to multiple users or none ");
                throw new AuthenticationException("user cannot be updated because identity credential maps to multiple users");
            }
            if (findUsers.size() == 0) {
                this.subject = null;
            } else {
                this.subject = (Subject) findUsers.iterator().next();
            }
        }
    }

    public void valueBound(HttpSessionBindingEvent httpSessionBindingEvent) {
        ((Collection) httpSessionBindingEvent.getSession().getServletContext().getAttribute(HttpConstants.USERS_IN_SESSION)).add(this);
    }

    public void valueUnbound(HttpSessionBindingEvent httpSessionBindingEvent) {
        ((Collection) httpSessionBindingEvent.getSession().getServletContext().getAttribute(HttpConstants.USERS_IN_SESSION)).remove(this);
    }

    public static void refreshUsers(Subject subject, ServletContext servletContext) throws AuthenticationException {
        refreshUsers(SubjectUtils.getIdentityCredential(subject, ((AuthenticationManager) servletContext.getAttribute("authenticationManager")).getDefaultSubjectTemplate()), servletContext);
    }

    public static void refreshUsers(JGuardCredential jGuardCredential, ServletContext servletContext) throws AuthenticationException {
        Iterator it = ((Collection) servletContext.getAttribute(HttpConstants.USERS_IN_SESSION)).iterator();
        while (it.hasNext()) {
            ((HttpAuthenticationUtils) it.next()).refreshUser(jGuardCredential);
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$net$sf$jguard$authentication$http$HttpAuthenticationUtils == null) {
            cls = class$("net.sf.jguard.authentication.http.HttpAuthenticationUtils");
            class$net$sf$jguard$authentication$http$HttpAuthenticationUtils = cls;
        } else {
            cls = class$net$sf$jguard$authentication$http$HttpAuthenticationUtils;
        }
        logger = LogFactory.getLog(cls);
    }
}
