package com.sun.enterprise.security.auth.realm.certificate;

import com.sun.enterprise.security.BaseRealm;
import com.sun.enterprise.security.SecurityContext;
import com.sun.enterprise.security.auth.login.DistinguishedPrincipalCredential;
import com.sun.enterprise.security.auth.realm.BadRealmException;
import com.sun.enterprise.security.auth.realm.InvalidOperationException;
import com.sun.enterprise.security.auth.realm.NoSuchRealmException;
import com.sun.enterprise.security.auth.realm.NoSuchUserException;
import java.security.Principal;
import java.util.Arrays;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.Properties;
import java.util.Set;
import java.util.logging.Level;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.x500.X500Principal;
import org.glassfish.security.common.Group;
import org.jvnet.hk2.annotations.Service;

@Service
/* loaded from: input_file:MICRO-INF/runtime/security.jar:com/sun/enterprise/security/auth/realm/certificate/CertificateRealm.class */
public final class CertificateRealm extends BaseRealm {
    public static final String AUTH_TYPE = "certificate";
    private LinkedList<String> defaultGroups = new LinkedList<>();

    /* loaded from: input_file:MICRO-INF/runtime/security.jar:com/sun/enterprise/security/auth/realm/certificate/CertificateRealm$AppContextCallback.class */
    public static final class AppContextCallback implements Callback {
        private String moduleID;

        public String getModuleID() {
            return this.moduleID;
        }

        public void setModuleID(String str) {
            this.moduleID = str;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.sun.enterprise.security.auth.realm.Realm
    public void init(Properties properties) throws BadRealmException, NoSuchRealmException {
        super.init(properties);
        String[] addAssignGroups = addAssignGroups(null);
        if (addAssignGroups != null && addAssignGroups.length > 0) {
            this.defaultGroups.addAll(Arrays.asList(addAssignGroups));
        }
        String property = properties.getProperty(BaseRealm.JAAS_CONTEXT_PARAM);
        if (property != null) {
            setProperty(BaseRealm.JAAS_CONTEXT_PARAM, property);
        }
    }

    @Override // com.sun.enterprise.security.auth.realm.Realm
    public String getAuthType() {
        return "certificate";
    }

    @Override // com.sun.enterprise.security.auth.realm.Realm
    public Enumeration getGroupNames(String str) throws NoSuchUserException, InvalidOperationException {
        return Collections.enumeration(this.defaultGroups);
    }

    public void authenticate(Subject subject, X500Principal x500Principal) {
        String name = x500Principal.getName();
        if (_logger.isLoggable(Level.FINEST)) {
            _logger.log(Level.FINEST, "Certificate realm setting up security context for: {0}", name);
        }
        if (this.defaultGroups != null) {
            Set<Principal> principals = subject.getPrincipals();
            Iterator<String> it = this.defaultGroups.iterator();
            while (it.hasNext()) {
                principals.add(new Group(it.next()));
            }
        }
        if (!subject.getPrincipals().isEmpty()) {
            subject.getPublicCredentials().add(new DistinguishedPrincipalCredential(x500Principal));
        }
        SecurityContext.setCurrent(new SecurityContext(name, subject));
    }
}
