package org.apache.catalina.authenticator.jaspic;

import java.io.IOException;
import java.security.Principal;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.message.callback.CallerPrincipalCallback;
import javax.security.auth.message.callback.GroupPrincipalCallback;
import javax.security.auth.message.callback.PasswordValidationCallback;
import org.apache.catalina.Realm;
import org.apache.tomcat.util.res.StringManager;

/* loaded from: input_file:org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.class */
public class JaspicCallbackHandler implements CallbackHandler {
    protected static final StringManager sm = StringManager.getManager(JaspicCallbackHandler.class);
    private Realm realm;

    public JaspicCallbackHandler(Realm realm) {
        this.realm = realm;
    }

    @Override // javax.security.auth.callback.CallbackHandler
    public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
        if (callbackArr == null) {
            return;
        }
        PrincipalGroupCallback principalGroupCallback = new PrincipalGroupCallback();
        for (Callback callback : callbackArr) {
            handleCallback(callback, principalGroupCallback);
        }
        principalGroupCallback.configureSubject();
    }

    private void handleCallback(Callback callback, PrincipalGroupCallback principalGroupCallback) {
        if (callback instanceof CallerPrincipalCallback) {
            principalGroupCallback.setCallerPrincipalCallback((CallerPrincipalCallback) callback);
        } else if (callback instanceof GroupPrincipalCallback) {
            principalGroupCallback.setGroupPrincipalCallback((GroupPrincipalCallback) callback);
        } else {
            if (!(callback instanceof PasswordValidationCallback)) {
                throw new IllegalStateException(sm.getString("authenticator.jaspic.unknownCallback", new Object[]{callback.getClass()}));
            }
            handlePasswordValidationCallback((PasswordValidationCallback) callback);
        }
    }

    private void handlePasswordValidationCallback(PasswordValidationCallback passwordValidationCallback) {
        Subject subject = passwordValidationCallback.getSubject();
        Principal authenticate = this.realm.authenticate(passwordValidationCallback.getUsername(), new String(passwordValidationCallback.getPassword()));
        passwordValidationCallback.setResult(authenticate != null);
        if (authenticate != null) {
            subject.getPrivateCredentials().add(authenticate);
        }
    }
}
