package flex.messaging.security;

import flex.messaging.FlexContext;
import flex.messaging.util.PropertyStringResourceLoader;
import java.security.Principal;
import java.util.List;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:lib/flex-messaging-opt-1.0.jar:flex/messaging/security/TomcatLoginCommand.class */
public class TomcatLoginCommand extends AppServerLoginCommand {
    private static final int NO_VALVE = 20000;

    @Override // flex.messaging.security.LoginCommand
    public Principal doAuthentication(String str, Object obj) throws SecurityException {
        TomcatLogin login = TomcatLoginHolder.getLogin();
        if (login == null) {
            SecurityException securityException = new SecurityException(new PropertyStringResourceLoader(PropertyStringResourceLoader.VENDORS_BUNDLE));
            securityException.setMessage(20000);
            throw securityException;
        }
        String extractPassword = extractPassword(obj);
        if (extractPassword != null) {
            return login.login(str, extractPassword, FlexContext.getHttpRequest());
        }
        return null;
    }

    @Override // flex.messaging.security.AppServerLoginCommand, flex.messaging.security.LoginCommand
    public boolean doAuthorization(Principal principal, List list) throws SecurityException {
        boolean authorize;
        HttpServletRequest httpRequest = FlexContext.getHttpRequest();
        if (FlexContext.getHttpResponse() == null || httpRequest == null || principal == null || !principal.equals(httpRequest.getUserPrincipal())) {
            TomcatLogin login = TomcatLoginHolder.getLogin();
            if (login == null) {
                SecurityException securityException = new SecurityException(new PropertyStringResourceLoader(PropertyStringResourceLoader.VENDORS_BUNDLE));
                securityException.setMessage(20000);
                throw securityException;
            }
            authorize = login.authorize(principal, list);
        } else {
            authorize = doAuthorization(principal, list, httpRequest);
        }
        return authorize;
    }

    @Override // flex.messaging.security.LoginCommand
    public boolean logout(Principal principal) throws SecurityException {
        TomcatLogin login;
        HttpServletRequest httpRequest = FlexContext.getHttpRequest();
        if (FlexContext.getHttpResponse() == null || httpRequest == null || (login = TomcatLoginHolder.getLogin()) == null) {
            return true;
        }
        return login.logout(httpRequest);
    }
}
