package org.ow2.jonas.web.jetty8.security;

import java.security.Principal;
import java.security.acl.Group;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import javax.security.auth.Subject;
import javax.security.auth.login.AccountExpiredException;
import javax.security.auth.login.CredentialExpiredException;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.eclipse.jetty.security.DefaultIdentityService;
import org.eclipse.jetty.security.IdentityService;
import org.eclipse.jetty.security.LoginService;
import org.eclipse.jetty.server.UserIdentity;
import org.eclipse.jetty.util.component.AbstractLifeCycle;
import org.ow2.jonas.lib.security.context.SecurityContext;
import org.ow2.jonas.lib.security.context.SecurityCurrent;
import org.ow2.jonas.security.auth.callback.NoInputCallbackHandler;
import org.ow2.util.log.Log;
import org.ow2.util.log.LogFactory;

/* loaded from: input_file:org/ow2/jonas/web/jetty8/security/JOnASLoginService.class */
public class JOnASLoginService extends AbstractLifeCycle implements LoginService {
    private static final String JAAS_CONFIG_NAME = "jetty";
    private Log logger;
    private String name;
    private IdentityService identityService;
    private Map<String, UserIdentity> users;

    public JOnASLoginService() {
        this("JOnAS Login Service");
    }

    public JOnASLoginService(String str) {
        this.logger = LogFactory.getLog(JOnASLoginService.class);
        this.users = null;
        this.users = new ConcurrentHashMap();
        setName(str);
    }

    protected void doStart() throws Exception {
        if (this.identityService == null) {
            this.identityService = new DefaultIdentityService();
        }
        super.doStart();
    }

    public UserIdentity login(String str, Object obj) {
        if (str == null) {
            return null;
        }
        if (getUsers().get(str) != null) {
            removeUser(str);
        }
        try {
            LoginContext loginContext = new LoginContext(JAAS_CONFIG_NAME, new NoInputCallbackHandler(str, (String) obj, (Certificate) null));
            try {
                loginContext.login();
                Subject subject = loginContext.getSubject();
                if (subject == null) {
                    this.logger.error("No Subject for user ''{0}''", new Object[]{str});
                    return null;
                }
                Iterator it = subject.getPrincipals(Principal.class).iterator();
                String str2 = null;
                while (it.hasNext() && str2 == null) {
                    Principal principal = (Principal) it.next();
                    if (!(principal instanceof Group)) {
                        str2 = principal.getName();
                    }
                }
                if (str2 == null) {
                    this.logger.error("No Username found in the subject", new Object[0]);
                    return null;
                }
                Set principals = subject.getPrincipals(Group.class);
                ArrayList arrayList = new ArrayList();
                Iterator it2 = principals.iterator();
                while (it2.hasNext()) {
                    Enumeration<? extends Principal> members = ((Group) it2.next()).members();
                    while (members.hasMoreElements()) {
                        arrayList.add(members.nextElement().getName());
                    }
                }
                JettyPrincipal jettyPrincipal = new JettyPrincipal(str2, arrayList);
                SecurityCurrent.getCurrent().setSecurityContext(new SecurityContext(str2, arrayList));
                UserIdentity newUserIdentity = this.identityService.newUserIdentity(subject, jettyPrincipal, (String[]) arrayList.toArray(new String[arrayList.size()]));
                addUser(str, newUserIdentity);
                return newUserIdentity;
            } catch (CredentialExpiredException e) {
                this.logger.error("Credential Expired for user ''{0}''", new Object[]{str, e});
                return null;
            } catch (AccountExpiredException e2) {
                this.logger.error("Account expired for user ''{0}''", new Object[]{str, e2});
                return null;
            } catch (FailedLoginException e3) {
                this.logger.error("Failed Login exception for user ''{0}''", new Object[]{str, e3});
                return null;
            } catch (LoginException e4) {
                this.logger.error("Login exception for user ''{0}''", new Object[]{str, e4});
                return null;
            }
        } catch (LoginException e5) {
            this.logger.error("Cannot create a login context for the user ''{0}''", new Object[]{str, e5});
            return null;
        }
    }

    public boolean validate(UserIdentity userIdentity) {
        return true;
    }

    protected Map<String, UserIdentity> getUsers() {
        return this.users;
    }

    protected void addUser(String str, UserIdentity userIdentity) {
        this.users.put(str, userIdentity);
    }

    protected void removeUser(String str) {
        this.users.remove(str);
    }

    public void logout(UserIdentity userIdentity) {
        SecurityCurrent.getCurrent().setSecurityContext(new SecurityContext());
    }

    public void setName(String str) {
        this.name = str;
    }

    public String getName() {
        return this.name;
    }

    public IdentityService getIdentityService() {
        return this.identityService;
    }

    public void setIdentityService(IdentityService identityService) {
        this.identityService = identityService;
    }
}
