package org.acegisecurity.adapters.jboss;

import java.io.IOException;
import java.security.Principal;
import java.security.acl.Group;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.CredentialExpiredException;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import org.acegisecurity.AccountExpiredException;
import org.acegisecurity.Authentication;
import org.acegisecurity.AuthenticationException;
import org.acegisecurity.AuthenticationManager;
import org.acegisecurity.CredentialsExpiredException;
import org.acegisecurity.adapters.PrincipalAcegiUserToken;
import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import org.jboss.security.SimpleGroup;
import org.jboss.security.SimplePrincipal;
import org.jboss.security.auth.spi.AbstractServerLoginModule;
import org.springframework.beans.factory.access.SingletonBeanFactoryLocator;
import org.springframework.context.ApplicationContext;
import org.springframework.context.support.ClassPathXmlApplicationContext;

/* loaded from: input_file:org/acegisecurity/adapters/jboss/JbossAcegiLoginModule.class */
public class JbossAcegiLoginModule extends AbstractServerLoginModule {
    private AuthenticationManager authenticationManager;
    private Principal identity;
    private String key;
    private char[] credential;
    static Class class$org$acegisecurity$AuthenticationManager;

    protected Principal getIdentity() {
        return this.identity;
    }

    protected Group[] getRoleSets() throws LoginException {
        Group simpleGroup = new SimpleGroup("Roles");
        Group[] groupArr = {simpleGroup};
        if (this.identity instanceof Authentication) {
            Authentication authentication = this.identity;
            for (int i = 0; i < authentication.getAuthorities().length; i++) {
                simpleGroup.addMember(new SimplePrincipal(authentication.getAuthorities()[i].getAuthority()));
            }
        }
        return groupArr;
    }

    protected String[] getUsernameAndPassword() throws LoginException {
        String[] strArr = {null, null};
        if (this.callbackHandler == null) {
            throw new LoginException("Error: no CallbackHandler available to collect authentication information");
        }
        Callback nameCallback = new NameCallback("User name: ", "guest");
        PasswordCallback passwordCallback = new PasswordCallback("Password: ", false);
        String str = null;
        try {
            this.callbackHandler.handle(new Callback[]{nameCallback, passwordCallback});
            String name = nameCallback.getName();
            char[] password = passwordCallback.getPassword();
            if (password != null) {
                this.credential = new char[password.length];
                System.arraycopy(password, 0, this.credential, 0, password.length);
                passwordCallback.clearPassword();
                str = new String(this.credential);
            }
            strArr[0] = name;
            strArr[1] = str;
            return strArr;
        } catch (IOException e) {
            throw new LoginException(e.toString());
        } catch (UnsupportedCallbackException e2) {
            throw new LoginException(new StringBuffer().append("CallbackHandler does not support: ").append(e2.getCallback()).toString());
        }
    }

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        ApplicationContext classPathXmlApplicationContext;
        Class cls;
        super.initialize(subject, callbackHandler, map, map2);
        if (((AbstractServerLoginModule) this).log.isInfoEnabled()) {
            ((AbstractServerLoginModule) this).log.info("initializing jboss login module");
        }
        this.key = (String) map2.get("key");
        if (this.key == null || "".equals(this.key)) {
            throw new IllegalArgumentException("key must be defined");
        }
        String str = (String) map2.get("singletonId");
        String str2 = (String) map2.get("appContextLocation");
        if (((str == null || "".equals(str)) && str2 == null) || "".equals(str2)) {
            throw new IllegalArgumentException("appContextLocation must be defined");
        }
        String str3 = (String) map2.get("authenticationManager");
        if ((str == null || "".equals(str)) && Thread.currentThread().getContextClassLoader().getResource(str2) == null) {
            if (((AbstractServerLoginModule) this).log.isInfoEnabled()) {
                ((AbstractServerLoginModule) this).log.info(new StringBuffer().append("cannot locate ").append(str2).toString());
            }
            throw new IllegalArgumentException(new StringBuffer().append("Cannot locate ").append(str2).toString());
        }
        if (str == null || "".equals(str)) {
            try {
                classPathXmlApplicationContext = new ClassPathXmlApplicationContext(str2);
            } catch (Exception e) {
                if (((AbstractServerLoginModule) this).log.isInfoEnabled()) {
                    ((AbstractServerLoginModule) this).log.info(new StringBuffer().append("error loading spring context ").append(str2).append(" ").append(e).toString());
                }
                throw new IllegalArgumentException(new StringBuffer().append("error loading spring context ").append(str2).append(" ").append(e).toString());
            }
        } else {
            if (((AbstractServerLoginModule) this).log.isInfoEnabled()) {
                ((AbstractServerLoginModule) this).log.debug(new StringBuffer().append("retrieving singleton instance ").append(str).toString());
            }
            classPathXmlApplicationContext = (ApplicationContext) SingletonBeanFactoryLocator.getInstance().useBeanFactory(str).getFactory();
            if (classPathXmlApplicationContext == null) {
                if (((AbstractServerLoginModule) this).log.isInfoEnabled()) {
                    ((AbstractServerLoginModule) this).log.info(new StringBuffer().append("singleton ").append(str3).append(" does not exists").toString());
                }
                throw new IllegalArgumentException(new StringBuffer().append("singleton ").append(str).append(" does not exists").toString());
            }
        }
        if (str3 == null || "".equals(str3)) {
            try {
                ApplicationContext applicationContext = classPathXmlApplicationContext;
                if (class$org$acegisecurity$AuthenticationManager == null) {
                    cls = class$("org.acegisecurity.AuthenticationManager");
                    class$org$acegisecurity$AuthenticationManager = cls;
                } else {
                    cls = class$org$acegisecurity$AuthenticationManager;
                }
                Map beansOfType = applicationContext.getBeansOfType(cls, true, true);
                if (beansOfType.size() == 0) {
                    throw new IllegalArgumentException("Bean context must contain at least one bean of type AuthenticationManager");
                }
                str3 = (String) beansOfType.keySet().iterator().next();
            } catch (Exception e2) {
                if (((AbstractServerLoginModule) this).log.isInfoEnabled()) {
                    ((AbstractServerLoginModule) this).log.info(new StringBuffer().append("exception in getBeansOfType ").append(e2).toString());
                }
                throw new IllegalStateException("spring error in get beans by class");
            }
        }
        this.authenticationManager = (AuthenticationManager) classPathXmlApplicationContext.getBean(str3);
        if (((AbstractServerLoginModule) this).log.isInfoEnabled()) {
            ((AbstractServerLoginModule) this).log.info("Successfully started JbossSpringLoginModule");
        }
    }

    public boolean login() throws LoginException {
        ((AbstractServerLoginModule) this).loginOk = false;
        String[] usernameAndPassword = getUsernameAndPassword();
        String str = usernameAndPassword[0];
        String str2 = usernameAndPassword[1];
        if (str == null && str2 == null) {
            this.identity = null;
            ((AbstractServerLoginModule) this).log.trace(new StringBuffer().append("Authenticating as unauthenticatedIdentity=").append(this.identity).toString());
        }
        if (str == null) {
            str = "";
        }
        if (str2 == null) {
            str2 = "";
        }
        if (((AbstractServerLoginModule) this).log.isDebugEnabled()) {
            ((AbstractServerLoginModule) this).log.debug("checking identity");
        }
        if (this.identity == null) {
            ((AbstractServerLoginModule) this).log.debug("creating usernamepassword token");
            UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(str, str2);
            try {
                if (((AbstractServerLoginModule) this).log.isDebugEnabled()) {
                    ((AbstractServerLoginModule) this).log.debug("attempting authentication");
                }
                Authentication authenticate = this.authenticationManager.authenticate(usernamePasswordAuthenticationToken);
                if (((AbstractServerLoginModule) this).log.isDebugEnabled()) {
                    ((AbstractServerLoginModule) this).log.debug("authentication succeded");
                }
                ((AbstractServerLoginModule) this).log.debug("user is logged. redirecting to jaas classes");
                this.identity = new PrincipalAcegiUserToken(this.key, authenticate.getName(), authenticate.getCredentials().toString(), authenticate.getAuthorities(), authenticate.getPrincipal());
            } catch (AuthenticationException e) {
                if (((AbstractServerLoginModule) this).log.isDebugEnabled()) {
                    ((AbstractServerLoginModule) this).log.debug(new StringBuffer().append("Bad password for username=").append(str).toString());
                }
                throw new FailedLoginException("Password Incorrect/Password Required");
            } catch (CredentialsExpiredException e2) {
                if (((AbstractServerLoginModule) this).log.isDebugEnabled()) {
                    ((AbstractServerLoginModule) this).log.debug("Credential has expired");
                }
                throw new CredentialExpiredException("The credential used to identify the user has expired");
            } catch (AccountExpiredException e3) {
                if (((AbstractServerLoginModule) this).log.isDebugEnabled()) {
                    ((AbstractServerLoginModule) this).log.debug("Account has expired, throwing jaas exception");
                }
                throw new javax.security.auth.login.AccountExpiredException("The account specified in login has expired");
            }
        }
        if (getUseFirstPass()) {
            this.sharedState.put("javax.security.auth.login.name", str);
            this.sharedState.put("javax.security.auth.login.password", this.credential);
        }
        ((AbstractServerLoginModule) this).loginOk = true;
        ((AbstractServerLoginModule) this).log.trace(new StringBuffer().append("User '").append(this.identity).append("' authenticated, loginOk=").append(this.loginOk).toString());
        return true;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }
}
