package org.apache.geode.internal.security.shiro;

import java.util.Collections;
import java.util.Map;
import java.util.Properties;
import java.util.concurrent.ConcurrentHashMap;
import javax.management.Notification;
import javax.management.NotificationListener;
import javax.management.remote.JMXAuthenticator;
import javax.management.remote.JMXConnectionNotification;
import javax.management.remote.JMXPrincipal;
import org.apache.geode.internal.security.SecurityService;
import org.apache.geode.management.internal.security.ResourceConstants;
import org.apache.geode.security.AuthenticationFailedException;
import org.apache.shiro.subject.Subject;

/* loaded from: input_file:org/apache/geode/internal/security/shiro/JMXShiroAuthenticator.class */
public class JMXShiroAuthenticator implements JMXAuthenticator, NotificationListener {
    private final SecurityService securityService;
    private final Map<String, Subject> connectedUsers = new ConcurrentHashMap();

    public JMXShiroAuthenticator(SecurityService securityService) {
        this.securityService = securityService;
    }

    public javax.security.auth.Subject authenticate(Object obj) {
        String str;
        Properties properties = new Properties();
        if (obj instanceof String[]) {
            String[] strArr = (String[]) obj;
            str = strArr[0];
            properties.setProperty("security-username", strArr[0]);
            properties.setProperty("security-password", strArr[1]);
        } else {
            if (!(obj instanceof String)) {
                throw new AuthenticationFailedException(ResourceConstants.MISSING_CREDENTIALS_MESSAGE);
            }
            str = "token-" + obj.hashCode();
            properties.setProperty("security-token", (String) obj);
        }
        Subject login = this.securityService.login(properties);
        return new javax.security.auth.Subject(true, Collections.singleton(login == null ? new JMXPrincipal(str) : new ShiroPrincipal(login)), Collections.emptySet(), Collections.emptySet());
    }

    public void handleNotification(Notification notification, Object obj) {
        if (notification instanceof JMXConnectionNotification) {
            JMXConnectionNotification jMXConnectionNotification = (JMXConnectionNotification) notification;
            String type = jMXConnectionNotification.getType();
            String connectionId = jMXConnectionNotification.getConnectionId();
            if ("jmx.remote.connection.opened".equals(type)) {
                this.connectedUsers.put(connectionId, this.securityService.getSubject());
            } else if ("jmx.remote.connection.closed".equals(type)) {
                this.securityService.bindSubject(this.connectedUsers.remove(connectionId));
                this.securityService.logout();
            }
        }
    }
}
