package org.jboss.identity.federation.core.wstrust.auth;

import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import org.apache.log4j.Logger;
import org.jboss.identity.federation.core.exceptions.ParsingException;
import org.jboss.identity.federation.core.wstrust.STSClient;
import org.jboss.identity.federation.core.wstrust.STSClientConfig;
import org.jboss.identity.federation.core.wstrust.STSClientFactory;
import org.jboss.identity.federation.core.wstrust.SamlCredential;
import org.w3c.dom.Element;

/* loaded from: input_file:org/jboss/identity/federation/core/wstrust/auth/AbstractSTSLoginModule.class */
public abstract class AbstractSTSLoginModule implements LoginModule {
    private Logger log = Logger.getLogger(AbstractSTSLoginModule.class);
    public static final String SHARED_TOKEN = "org.jboss.identity.federation.core.wstrust.lm.stsToken";
    public static final String STS_CONFIG_FILE = "configFile";
    private Subject subject;
    private CallbackHandler callbackHandler;
    private Element samlToken;
    private boolean success;
    private Map<String, ?> options;
    private Map<String, ?> sharedState;

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> map, Map<String, ?> map2) {
        this.subject = subject;
        this.callbackHandler = callbackHandler;
        this.options = map2;
        this.sharedState = map;
    }

    public abstract boolean login() throws LoginException;

    public boolean commit() throws LoginException {
        if (!this.success) {
            return false;
        }
        SamlCredential samlCredential = new SamlCredential(this.samlToken);
        if (!this.subject.getPublicCredentials().add(samlCredential) || !this.log.isDebugEnabled()) {
            return true;
        }
        this.log.debug("Added Credential :" + samlCredential);
        return true;
    }

    public boolean abort() throws LoginException {
        this.success = false;
        clearState();
        return true;
    }

    public boolean logout() throws LoginException {
        clearState();
        return true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public STSClientConfig getConfiguration(Map<String, ?> map) {
        return new STSClientConfig.Builder(getRequiredOption(map, STS_CONFIG_FILE)).build();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public STSClient createWSTrustClient(STSClientConfig sTSClientConfig) {
        try {
            return STSClientFactory.getInstance().create(sTSClientConfig);
        } catch (ParsingException e) {
            throw new IllegalStateException("Could not create WSTrustClient:", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getRequiredOption(Map<String, ?> map, String str) {
        String str2 = (String) map.get(str);
        if (str2 == null) {
            throw new IllegalArgumentException("Required option '" + str + "' was missing from the login modules configuration");
        }
        return str2;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isSuccess() {
        return this.success;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setSuccess(boolean z) {
        this.success = z;
    }

    protected Subject getSubject() {
        return this.subject;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public CallbackHandler getCallbackHandler() {
        return this.callbackHandler;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setSamlToken(Element element) {
        this.samlToken = element;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setSharedToken(Object obj) {
        if (this.sharedState == null) {
            return;
        }
        this.sharedState.put(SHARED_TOKEN, obj);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Object getSharedToken() {
        if (this.sharedState == null) {
            return null;
        }
        return this.sharedState.get(SHARED_TOKEN);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Map<String, ?> getOptions() {
        return this.options;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getSharedUsername() {
        if (this.sharedState == null) {
            return null;
        }
        return (String) this.sharedState.get("javax.security.auth.login.name");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public char[] getSharedPassword() {
        if (this.sharedState == null) {
            return null;
        }
        return (char[]) this.sharedState.get("javax.security.auth.login.password");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isUseFirstPass() {
        if (this.options == null) {
            return false;
        }
        return "useFirstPass".equals((String) this.options.get("password-stacking"));
    }

    private void clearState() {
        removeAllSamlCredentials(this.subject);
        this.samlToken = null;
    }

    private void removeAllSamlCredentials(Subject subject) {
        Set publicCredentials = subject.getPublicCredentials(SamlCredential.class);
        if (publicCredentials.isEmpty()) {
            return;
        }
        subject.getPublicCredentials().removeAll(publicCredentials);
    }
}
