package org.apache.geronimo.security.realm.providers;

import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.io.PrintWriter;
import java.nio.channels.FileLock;
import java.text.DateFormat;
import java.text.SimpleDateFormat;
import java.util.Arrays;
import java.util.Collections;
import java.util.Date;
import java.util.List;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.geronimo.security.jaas.JaasLoginModuleUse;
import org.apache.geronimo.security.jaas.WrappingLoginModule;
import org.apache.geronimo.system.serverinfo.ServerInfo;

/* loaded from: input_file:org/apache/geronimo/security/realm/providers/FileAuditLoginModule.class */
public class FileAuditLoginModule implements LoginModule {
    private static Log log = LogFactory.getLog(FileAuditLoginModule.class);
    public static final String LOG_FILE_OPTION = "file";
    public static final List<String> supportedOptions = Collections.unmodifiableList(Arrays.asList(LOG_FILE_OPTION));
    private static final DateFormat DATE_FORMAT = new SimpleDateFormat("MM/dd/yyyy HH:mm:ss");
    private File logFile;
    private CallbackHandler handler;
    private String username;

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        for (Object obj : map2.keySet()) {
            if (!supportedOptions.contains(obj) && !JaasLoginModuleUse.supportedOptions.contains(obj) && !WrappingLoginModule.supportedOptions.contains(obj)) {
                log.warn("Ignoring option: " + obj + ". Not supported.");
            }
        }
        this.logFile = ((ServerInfo) map2.get(JaasLoginModuleUse.SERVERINFO_LM_OPTION)).resolve((String) map2.get(LOG_FILE_OPTION));
        this.handler = callbackHandler;
    }

    public boolean login() throws LoginException {
        NameCallback[] nameCallbackArr = {new NameCallback("User name:")};
        try {
            this.handler.handle(nameCallbackArr);
            if (nameCallbackArr.length != 1) {
                throw new IllegalStateException("Number of callbacks changed by server!");
            }
            this.username = nameCallbackArr[0].getName();
            writeToFile("Authentication attempt");
            return false;
        } catch (Exception e) {
            throw ((LoginException) new LoginException("Unable to process callback: " + e.getMessage()).initCause(e));
        }
    }

    private synchronized void writeToFile(String str) {
        Date date = new Date();
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(this.logFile, true);
            FileLock lock = fileOutputStream.getChannel().lock(0L, Long.MAX_VALUE, false);
            PrintWriter printWriter = new PrintWriter((OutputStream) fileOutputStream, false);
            printWriter.println(DATE_FORMAT.format(date) + " - " + str + " - " + this.username);
            printWriter.flush();
            printWriter.close();
            if (lock.isValid()) {
                lock.release();
            }
        } catch (IOException e) {
            throw new RuntimeException("Unable to write to authentication log file", e);
        }
    }

    public boolean commit() throws LoginException {
        if (this.username == null) {
            return false;
        }
        writeToFile("Authentication succeeded");
        return false;
    }

    public boolean abort() throws LoginException {
        if (this.username == null) {
            return false;
        }
        writeToFile("Authentication failed");
        this.username = null;
        return false;
    }

    public boolean logout() throws LoginException {
        if (this.username == null) {
            return false;
        }
        writeToFile("Explicit logout");
        this.username = null;
        return false;
    }
}
