package org.apache.qpid.server.security.auth.manager;

import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.Principal;
import javax.security.auth.login.AccountNotFoundException;
import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;
import org.apache.qpid.server.configuration.IllegalConfigurationException;
import org.apache.qpid.server.security.auth.AuthenticationResult;
import org.apache.qpid.server.security.auth.UsernamePrincipal;
import org.apache.qpid.server.security.auth.database.PrincipalDatabase;

/* loaded from: input_file:org/apache/qpid/server/security/auth/manager/PrincipalDatabaseAuthenticationManager.class */
public class PrincipalDatabaseAuthenticationManager implements AuthenticationManager {
    private final PrincipalDatabase _principalDatabase;
    private final String _passwordFile;

    public PrincipalDatabaseAuthenticationManager(PrincipalDatabase principalDatabase, String str) {
        this._principalDatabase = principalDatabase;
        this._passwordFile = str;
    }

    @Override // org.apache.qpid.server.security.auth.manager.AuthenticationManager
    public void initialise() {
        try {
            this._principalDatabase.open(new File(this._passwordFile));
        } catch (FileNotFoundException e) {
            throw new IllegalConfigurationException("Exception opening password database: " + e.getMessage(), e);
        } catch (IOException e2) {
            throw new IllegalConfigurationException("Cannot use password database at :" + this._passwordFile, e2);
        }
    }

    @Override // org.apache.qpid.server.security.auth.manager.AuthenticationManager
    public String getMechanisms() {
        return this._principalDatabase.getMechanisms();
    }

    @Override // org.apache.qpid.server.security.auth.manager.AuthenticationManager
    public SaslServer createSaslServer(String str, String str2, Principal principal) throws SaslException {
        return this._principalDatabase.createSaslServer(str, str2, principal);
    }

    @Override // org.apache.qpid.server.security.auth.manager.AuthenticationManager
    public AuthenticationResult authenticate(SaslServer saslServer, byte[] bArr) {
        byte[] bArr2;
        if (bArr != null) {
            bArr2 = bArr;
        } else {
            try {
                bArr2 = new byte[0];
            } catch (SaslException e) {
                return new AuthenticationResult(AuthenticationResult.AuthenticationStatus.ERROR, (Exception) e);
            }
        }
        return saslServer.isComplete() ? new AuthenticationResult(new UsernamePrincipal(saslServer.getAuthorizationID())) : new AuthenticationResult(saslServer.evaluateResponse(bArr2), AuthenticationResult.AuthenticationStatus.CONTINUE);
    }

    @Override // org.apache.qpid.server.security.auth.manager.AuthenticationManager
    public AuthenticationResult authenticate(String str, String str2) {
        try {
            return this._principalDatabase.verifyPassword(str, str2.toCharArray()) ? new AuthenticationResult(new UsernamePrincipal(str)) : new AuthenticationResult(AuthenticationResult.AuthenticationStatus.CONTINUE);
        } catch (AccountNotFoundException e) {
            return new AuthenticationResult(AuthenticationResult.AuthenticationStatus.CONTINUE);
        }
    }

    public void close() {
    }

    public PrincipalDatabase getPrincipalDatabase() {
        return this._principalDatabase;
    }

    @Override // org.apache.qpid.server.security.auth.manager.AuthenticationManager
    public void onCreate() {
        try {
            File file = new File(this._passwordFile);
            if (!file.exists()) {
                file.createNewFile();
            } else if (!file.canRead()) {
                throw new IllegalConfigurationException("Cannot read password file" + this._passwordFile + ". Check permissions.");
            }
        } catch (IOException e) {
            throw new IllegalConfigurationException("Cannot use password database at :" + this._passwordFile, e);
        }
    }

    @Override // org.apache.qpid.server.security.auth.manager.AuthenticationManager
    public void onDelete() {
        File file = new File(this._passwordFile);
        if (file.exists() && file.isFile()) {
            file.delete();
        }
    }
}
