package org.openejb.corba.security.config.tss;

import javax.security.auth.Subject;
import org.apache.geronimo.security.PrimaryRealmPrincipal;
import org.apache.geronimo.security.RealmPrincipal;
import org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal;
import org.omg.CSI.GSS_NT_ExportedNameHelper;
import org.omg.CSI.IdentityToken;
import org.omg.GSSUP.GSSUPMechOID;
import org.omg.IOP.CodecPackage.FormatMismatch;
import org.omg.IOP.CodecPackage.TypeMismatch;
import org.openejb.corba.security.SASException;
import org.openejb.corba.util.Util;

/* loaded from: input_file:repository/openejb/jars/openejb-core-2.0-G1M4.jar:org/openejb/corba/security/config/tss/TSSITTPrincipalNameGSSUP.class */
public class TSSITTPrincipalNameGSSUP extends TSSSASIdentityToken {
    public static final String OID = GSSUPMechOID.value.substring(4);
    private final String realmName;

    public TSSITTPrincipalNameGSSUP(String str) {
        this.realmName = str;
    }

    @Override // org.openejb.corba.security.config.tss.TSSSASIdentityToken
    public short getType() {
        return (short) 2;
    }

    @Override // org.openejb.corba.security.config.tss.TSSSASIdentityToken
    public String getOID() {
        return OID;
    }

    @Override // org.openejb.corba.security.config.tss.TSSSASIdentityToken
    public Subject check(IdentityToken identityToken) throws SASException {
        try {
            GeronimoUserPrincipal geronimoUserPrincipal = new GeronimoUserPrincipal(Util.decodeGSSExportName(GSS_NT_ExportedNameHelper.extract(Util.getCodec().decode_value(identityToken.principal_name(), GSS_NT_ExportedNameHelper.type()))));
            RealmPrincipal realmPrincipal = new RealmPrincipal(this.realmName, geronimoUserPrincipal);
            PrimaryRealmPrincipal primaryRealmPrincipal = new PrimaryRealmPrincipal(this.realmName, geronimoUserPrincipal);
            Subject subject = new Subject();
            subject.getPrincipals().add(geronimoUserPrincipal);
            subject.getPrincipals().add(realmPrincipal);
            subject.getPrincipals().add(primaryRealmPrincipal);
            return subject;
        } catch (FormatMismatch e) {
            throw new SASException(1, e);
        } catch (TypeMismatch e2) {
            throw new SASException(1, e2);
        }
    }
}
