package com.caucho.server.security;

import com.caucho.config.Config;
import com.caucho.config.ConfigException;
import com.caucho.config.types.InitParam;
import com.rc.retroweaver.runtime.ClassLiteral;
import java.io.IOException;
import java.security.Principal;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Set;
import java.util.logging.Level;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/caucho/server/security/JaasAuthenticator.class */
public class JaasAuthenticator extends AbstractAuthenticator {
    private Class _loginModuleClass;
    private HashMap<String, String> _options = new HashMap<>();

    /* loaded from: input_file:com/caucho/server/security/JaasAuthenticator$Handler.class */
    static class Handler implements CallbackHandler {
        private String _userName;
        private String _password;

        Handler(String str, String str2) {
            this._userName = str;
            this._password = str2;
        }

        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
            for (Callback callback : callbackArr) {
                if (callback instanceof NameCallback) {
                    ((NameCallback) callback).setName(this._userName);
                } else if (callback instanceof PasswordCallback) {
                    ((PasswordCallback) callback).setPassword(this._password.toCharArray());
                }
            }
        }
    }

    public void setLoginModule(Class cls) throws ConfigException {
        this._loginModuleClass = cls;
        Config.checkCanInstantiate(cls);
        if (!ClassLiteral.getClass("javax/security/auth/spi/LoginModule").isAssignableFrom(cls)) {
            throw new ConfigException(L.l("`{0}' must implement javax.security.auth.spi.LoginModule", cls.getName()));
        }
    }

    public void setInitParam(InitParam initParam) {
        this._options.putAll(initParam.getParameters());
    }

    @Override // com.caucho.server.security.AbstractAuthenticator, com.caucho.server.security.ServletAuthenticator
    public synchronized void init() throws ServletException {
        super.init();
        if (this._loginModuleClass == null) {
            throw new ServletException(L.l("JaasAuthenticator requires login-module-class"));
        }
    }

    @Override // com.caucho.server.security.AbstractAuthenticator
    protected Principal loginImpl(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ServletContext servletContext, String str, String str2) throws ServletException {
        try {
            LoginModule loginModule = (LoginModule) this._loginModuleClass.newInstance();
            Subject subject = new Subject();
            HashMap hashMap = new HashMap();
            hashMap.put("javax.security.auth.login.name", str);
            hashMap.put("javax.security.auth.login.password", str2);
            loginModule.initialize(subject, new Handler(str, str2), hashMap, this._options);
            try {
                loginModule.login();
            } catch (Exception e) {
                loginModule.abort();
            }
            loginModule.commit();
            Set<Principal> principals = subject.getPrincipals();
            if (principals == null || principals.size() == 0) {
                return null;
            }
            Iterator<Principal> it = principals.iterator();
            if (it.hasNext()) {
                return it.next();
            }
            return null;
        } catch (LoginException e2) {
            log.log(Level.FINE, e2.toString(), (Throwable) e2);
            return null;
        } catch (Throwable th) {
            log.log(Level.WARNING, th.toString(), th);
            return null;
        }
    }

    @Override // com.caucho.server.security.AbstractAuthenticator, com.caucho.server.security.ServletAuthenticator
    public boolean isUserInRole(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ServletContext servletContext, Principal principal, String str) throws ServletException {
        return principal != null;
    }
}
