package electric.security.jaas;

import electric.glue.IGLUELoggingConstants;
import electric.security.ICredentials;
import electric.security.IRealm;
import electric.security.basic.BasicPrincipal;
import electric.security.credentials.PasswordCredentials;
import electric.util.array.ArrayUtil;
import electric.util.classloader.ClassLoaders;
import electric.util.license.Enabler;
import electric.util.log.ILoggingConstants;
import electric.util.log.Log;
import electric.util.path.Paths;
import electric.util.product.Product;
import java.io.IOException;
import java.security.Principal;
import java.util.HashMap;
import java.util.Iterator;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.TextInputCallback;
import javax.security.auth.callback.TextOutputCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginContext;

/* loaded from: input_file:electric/security/jaas/JAASRealm.class */
public class JAASRealm implements IRealm, IGLUELoggingConstants {
    private static boolean enabled = false;
    private static boolean allowEnable = true;
    private String realmName;
    private HashMap nameToPrincipal;
    private HashMap nameToSubject;
    private HashMap promptsToResponses;
    private Class principalClass;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:electric/security/jaas/JAASRealm$MyCallbackHandler.class */
    public class MyCallbackHandler implements CallbackHandler {
        private String user;
        private String password;
        private HashMap promptsToTextInput = new HashMap();
        private final JAASRealm this$0;

        public MyCallbackHandler(JAASRealm jAASRealm, String str, String str2) {
            this.this$0 = jAASRealm;
            this.user = str;
            this.password = str2;
        }

        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
            for (Callback callback : callbackArr) {
                if (callback instanceof NameCallback) {
                    if (Log.isLogging(IGLUELoggingConstants.SECURITY_DEBUG_EVENT)) {
                        Log.log(IGLUELoggingConstants.SECURITY_DEBUG_EVENT, ((NameCallback) callback).getPrompt());
                    }
                    ((NameCallback) callback).setName(this.user);
                } else if (callback instanceof PasswordCallback) {
                    if (Log.isLogging(IGLUELoggingConstants.SECURITY_DEBUG_EVENT)) {
                        Log.log(IGLUELoggingConstants.SECURITY_DEBUG_EVENT, ((PasswordCallback) callback).getPrompt());
                    }
                    ((PasswordCallback) callback).setPassword(this.password.toCharArray());
                } else if (!(callback instanceof TextOutputCallback)) {
                    if (!(callback instanceof TextInputCallback)) {
                        throw new UnsupportedCallbackException(callback);
                    }
                    String prompt = ((TextInputCallback) callback).getPrompt();
                    if (Log.isLogging(IGLUELoggingConstants.SECURITY_DEBUG_EVENT)) {
                        Log.log(IGLUELoggingConstants.SECURITY_DEBUG_EVENT, new StringBuffer().append("TextInputCallback with the prompt: {").append(prompt).append("}").toString());
                    }
                    String str = (String) this.promptsToTextInput.get(prompt);
                    if (str == null) {
                        throw new UnsupportedCallbackException(callback);
                    }
                    ((TextInputCallback) callback).setText(str);
                } else if (Log.isLogging(IGLUELoggingConstants.SECURITY_DEBUG_EVENT)) {
                    Log.log(IGLUELoggingConstants.SECURITY_DEBUG_EVENT, ((TextOutputCallback) callback).getMessage());
                }
            }
        }
    }

    public JAASRealm(String str) {
        this.nameToPrincipal = new HashMap();
        this.nameToSubject = new HashMap();
        this.promptsToResponses = new HashMap();
        this.realmName = str;
        if (!enabled) {
            throw new IllegalStateException("JAAS is available for GLUE Professional only");
        }
        if (System.getSecurityManager() == null) {
            throw new SecurityException("Cannot create JAAS realm without a Java2 Security Manager in place");
        }
    }

    public JAASRealm(String str, String str2) {
        this.nameToPrincipal = new HashMap();
        this.nameToSubject = new HashMap();
        this.promptsToResponses = new HashMap();
        this.realmName = str;
        if (!enabled) {
            throw new IllegalStateException("JAAS is available for GLUE Professional only");
        }
        if (System.getSecurityManager() == null) {
            throw new SecurityException("Cannot create JAAS realm without a Java2 Security Manager in place");
        }
        try {
            System.setProperty("java.security.auth.login.config", Paths.normalizePath(str2));
        } catch (SecurityException e) {
            if (Log.isLogging(ILoggingConstants.SECURITY_EVENT)) {
                Log.log(ILoggingConstants.SECURITY_EVENT, "JAAS Realm cannot be created.  No permission to access the property \"java.security.auth.login.config\"");
            }
            throw e;
        }
    }

    public JAASRealm(String str, String str2, String str3) throws ClassNotFoundException {
        this(str, str2);
        setPrincipalClass(ClassLoaders.loadClass(str3));
    }

    @Override // electric.security.IRealm
    public String getName() {
        return this.realmName;
    }

    @Override // electric.security.IRealm
    public Principal getPrincipal(String str) {
        return (Principal) this.nameToPrincipal.get(str);
    }

    @Override // electric.security.IRealm
    public String getPassword(String str) {
        return null;
    }

    @Override // electric.security.IRealm
    public String[] getRoles(String str) {
        String[] strArr = new String[0];
        Subject subject = (Subject) this.nameToSubject.get(str);
        if (subject == null || this.principalClass == null) {
            return strArr;
        }
        Iterator it = subject.getPrincipals(this.principalClass).iterator();
        while (it.hasNext()) {
            strArr = (String[]) ArrayUtil.addElement(strArr, ((Principal) it.next()).getName());
        }
        return strArr;
    }

    @Override // electric.security.IRealm
    public boolean isUserInRole(String str, String[] strArr) {
        for (String str2 : getRoles(str)) {
            for (String str3 : strArr) {
                if (str2.equals(str3)) {
                    return true;
                }
            }
        }
        return false;
    }

    public void addCallback(String str, String str2) {
        this.promptsToResponses.put(str, str2);
    }

    public void setPrincipalClass(Class cls) {
        this.principalClass = cls;
    }

    @Override // electric.security.IRealm
    public boolean authenticate(ICredentials iCredentials) throws SecurityException {
        if (iCredentials == null) {
            return false;
        }
        if (iCredentials instanceof PasswordCredentials) {
            return authenticateBasic((PasswordCredentials) iCredentials);
        }
        throw new SecurityException("JAASRealm requires PasswordCredentials");
    }

    public boolean authenticateBasic(PasswordCredentials passwordCredentials) {
        try {
            String userName = passwordCredentials.getUserName();
            Subject subject = (Subject) this.nameToSubject.get(userName);
            if (subject == null) {
                subject = new Subject();
            }
            MyCallbackHandler myCallbackHandler = new MyCallbackHandler(this, userName, passwordCredentials.password);
            myCallbackHandler.promptsToTextInput = this.promptsToResponses;
            new LoginContext(getName(), subject, myCallbackHandler).login();
            this.nameToSubject.put(userName, subject);
            for (Principal principal : subject.getPrincipals()) {
                if (principal.getName().equals(userName)) {
                    this.nameToPrincipal.put(userName, principal);
                    return true;
                }
            }
            this.nameToPrincipal.put(userName, new BasicPrincipal(userName));
            return true;
        } catch (Exception e) {
            if (!Log.isLogging(ILoggingConstants.SECURITY_EVENT)) {
                return false;
            }
            Log.log(ILoggingConstants.SECURITY_EVENT, (Throwable) e);
            return false;
        }
    }

    public static void enable() {
        if (enabled) {
            return;
        }
        if (!allowEnable) {
            throw new IllegalStateException("JAAS cannot be enabled once it is disabled");
        }
        enabled = Enabler.enable();
    }

    public static boolean isEnabled() {
        return enabled;
    }

    public static void disable() {
        enabled = false;
        allowEnable = false;
        Log.log(ILoggingConstants.WARNING_EVENT, "JAAS integration feature disabled");
    }

    static {
        Product.startup();
    }
}
