package org.apache.catalina.authenticator.jaspic.provider;

import java.util.HashMap;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.message.AuthException;
import javax.security.auth.message.MessageInfo;
import javax.security.auth.message.config.ServerAuthConfig;
import javax.security.auth.message.config.ServerAuthContext;
import javax.servlet.http.HttpServletRequest;
import org.apache.catalina.Context;
import org.apache.catalina.Realm;
import org.apache.catalina.authenticator.Constants;
import org.apache.catalina.authenticator.jaspic.provider.modules.BasicAuthModule;
import org.apache.catalina.authenticator.jaspic.provider.modules.DigestAuthModule;
import org.apache.catalina.authenticator.jaspic.provider.modules.FormAuthModule;
import org.apache.catalina.authenticator.jaspic.provider.modules.NonLoginAuthModule;
import org.apache.catalina.authenticator.jaspic.provider.modules.SSLAuthModule;
import org.apache.catalina.authenticator.jaspic.provider.modules.SpnegoAuthModule;
import org.apache.catalina.authenticator.jaspic.provider.modules.TomcatAuthModule;
import org.apache.catalina.filters.CorsFilter;
import org.apache.tomcat.util.descriptor.web.LoginConfig;
import org.apache.tomcat.util.res.StringManager;

/* loaded from: input_file:org/apache/catalina/authenticator/jaspic/provider/TomcatAuthConfig.class */
public class TomcatAuthConfig implements ServerAuthConfig {
    protected static final StringManager sm = StringManager.getManager((Class<?>) TomcatAuthConfig.class);
    private String messageLayer;
    private String appContext;
    private CallbackHandler handler;
    private TomcatServerAuthContext tomcatServerAuthContext;
    private Context context;
    private LoginConfig loginConfig;
    private Realm realm;
    private Map<String, String> properties;

    public TomcatAuthConfig(String str, String str2, CallbackHandler callbackHandler, Context context, Map<String, String> map) throws AuthException {
        this.messageLayer = str;
        this.appContext = str2;
        this.handler = callbackHandler;
        this.context = context;
        this.properties = map;
        this.realm = context.getRealm();
        this.loginConfig = context.getLoginConfig();
        initializeAuthContext(map);
    }

    @Override // javax.security.auth.message.config.AuthConfig
    public String getMessageLayer() {
        return this.messageLayer;
    }

    @Override // javax.security.auth.message.config.AuthConfig
    public String getAppContext() {
        return this.appContext;
    }

    @Override // javax.security.auth.message.config.AuthConfig
    public String getAuthContextID(MessageInfo messageInfo) {
        return messageInfo.toString();
    }

    @Override // javax.security.auth.message.config.AuthConfig
    public synchronized void refresh() {
        this.tomcatServerAuthContext = null;
    }

    @Override // javax.security.auth.message.config.AuthConfig
    public boolean isProtected() {
        return false;
    }

    @Override // javax.security.auth.message.config.ServerAuthConfig
    public synchronized ServerAuthContext getAuthContext(String str, Subject subject, Map map) throws AuthException {
        if (this.tomcatServerAuthContext == null) {
            initializeAuthContext(map);
        }
        return this.tomcatServerAuthContext;
    }

    private void initializeAuthContext(Map<String, String> map) throws AuthException {
        TomcatAuthModule module = getModule();
        module.initialize(null, null, this.handler, getMergedProperties(map));
        this.tomcatServerAuthContext = new TomcatServerAuthContext(module);
    }

    private Map<String, String> getMergedProperties(Map map) {
        HashMap hashMap = new HashMap(this.properties);
        hashMap.put(TomcatAuthModule.REALM_NAME, getRealmName());
        if (map != null) {
            hashMap.putAll(map);
        }
        return hashMap;
    }

    private TomcatAuthModule getModule() throws AuthException {
        String authMethod = getAuthMethod();
        boolean z = -1;
        switch (authMethod.hashCode()) {
            case -1842473796:
                if (authMethod.equals(Constants.SPNEGO_METHOD)) {
                    z = 4;
                    break;
                }
                break;
            case 2163908:
                if (authMethod.equals("FORM")) {
                    z = 2;
                    break;
                }
                break;
            case 2402104:
                if (authMethod.equals(org.apache.catalina.realm.Constants.NONE_TRANSPORT)) {
                    z = 3;
                    break;
                }
                break;
            case 62970894:
                if (authMethod.equals(HttpServletRequest.BASIC_AUTH)) {
                    z = false;
                    break;
                }
                break;
            case 1962140390:
                if (authMethod.equals("CLIENT-CERT")) {
                    z = 5;
                    break;
                }
                break;
            case 2016383428:
                if (authMethod.equals(HttpServletRequest.DIGEST_AUTH)) {
                    z = true;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return new BasicAuthModule(this.context);
            case true:
                return new DigestAuthModule(this.context);
            case true:
                return new FormAuthModule(this.context);
            case true:
                return new NonLoginAuthModule(this.context);
            case true:
                return new SpnegoAuthModule(this.context);
            case true:
                return new SSLAuthModule(this.context);
            default:
                throw new AuthException(sm.getString("authenticator.jaspic.unknownAuthType", authMethod));
        }
    }

    private String getRealmName() {
        return this.loginConfig.getRealmName();
    }

    private String getAuthMethod() {
        return this.loginConfig.getAuthMethod().replace("JASPIC-", CorsFilter.DEFAULT_EXPOSED_HEADERS);
    }
}
