package org.apache.zeppelin.realm;

import java.util.LinkedHashSet;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.jvnet.libpam.PAM;
import org.jvnet.libpam.PAMException;

/* loaded from: input_file:org/apache/zeppelin/realm/PamRealm.class */
public class PamRealm extends AuthorizingRealm {
    private String service;

    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        UserPrincipal userPrincipal = (UserPrincipal) principalCollection.oneByType(UserPrincipal.class);
        if (userPrincipal != null) {
            linkedHashSet.addAll(userPrincipal.getUnixUser().getGroups());
        }
        return new SimpleAuthorizationInfo(linkedHashSet);
    }

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) authenticationToken;
        try {
            return new SimpleAuthenticationInfo(new UserPrincipal(new PAM(getService()).authenticate(usernamePasswordToken.getUsername(), new String(usernamePasswordToken.getPassword()))), usernamePasswordToken.getCredentials(), getName());
        } catch (PAMException e) {
            throw new AuthenticationException("Authentication failed for PAM.", e);
        }
    }

    public String getService() {
        return this.service;
    }

    public void setService(String str) {
        this.service = str;
    }
}
