package org.exoplatform.services.security.impl;

import java.security.Principal;
import java.util.Collection;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import javax.security.auth.Subject;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.exoplatform.services.exception.ExoServiceException;
import org.exoplatform.services.log.LogService;
import org.exoplatform.services.organization.Group;
import org.exoplatform.services.organization.OrganizationService;
import org.exoplatform.services.security.SecurityService;
import org.exoplatform.services.security.SubjectEventListener;
import org.exoplatform.services.security.jaas.JAASGroup;

/* loaded from: input_file:org/exoplatform/services/security/impl/SecurityServiceImpl.class */
public class SecurityServiceImpl implements SecurityService {
    private Map subjects = new HashMap();
    private Log log_;
    private OrganizationService orgService_;
    static Class class$java$security$acl$Group;

    public SecurityServiceImpl(LogService logService, OrganizationService organizationService) {
        this.log_ = logService.getLog("org.exoplatform.services.security");
        this.orgService_ = organizationService;
    }

    public boolean authenticate(String str, String str2) throws Exception {
        if (str2 != null && !"".equals(str2)) {
            return this.orgService_.authenticate(str, str2);
        }
        this.log_.debug("password must not be null or empty");
        throw new ExoServiceException("password must not be null or empty");
    }

    public void setUpAndCacheSubject(String str, Subject subject) throws ExoServiceException {
        this.log_.debug(new StringBuffer().append("setUpAndCacheSubject for user ").append(str).toString());
        subject.getPrincipals().add(new UserPrincipalImpl(str));
        try {
            Collection findGroupsOfUser = this.orgService_.findGroupsOfUser(str);
            HashSet<String> hashSet = new HashSet(5);
            Iterator it = findGroupsOfUser.iterator();
            while (it.hasNext()) {
                hashSet.add(StringUtils.split(((Group) it.next()).getId(), "/")[0]);
            }
            JAASGroup jAASGroup = new JAASGroup(JAASGroup.ROLES);
            for (String str2 : hashSet) {
                jAASGroup.addMember(new RolePrincipalImpl(str2));
                this.log_.debug(new StringBuffer().append("add role : ").append(str2).toString());
            }
            subject.getPrincipals().add(jAASGroup);
            this.subjects.put(str, subject);
        } catch (Exception e) {
            this.log_.error("error occured in findUserRoles of OrganizationService", e);
            throw new ExoServiceException(e);
        }
    }

    public boolean isUserInRole(String str, String str2) {
        Class cls;
        Subject subject = (Subject) this.subjects.get(str);
        if (subject == null) {
            return false;
        }
        if (class$java$security$acl$Group == null) {
            cls = class$("java.security.acl.Group");
            class$java$security$acl$Group = cls;
        } else {
            cls = class$java$security$acl$Group;
        }
        Iterator it = subject.getPrincipals(cls).iterator();
        while (it.hasNext()) {
            Enumeration<? extends Principal> members = ((java.security.acl.Group) it.next()).members();
            while (members.hasMoreElements()) {
                if (members.nextElement().getName().equals(str2)) {
                    return true;
                }
            }
        }
        return false;
    }

    public Subject getSubject(String str) {
        this.log_.debug(new StringBuffer().append("get subject for user ").append(str).toString());
        return (Subject) this.subjects.get(str);
    }

    public void removeSubject(String str) {
        this.log_.debug(new StringBuffer().append("remove subject for user ").append(str).toString());
        this.subjects.remove(str);
    }

    public void addSubjectEvenetListener(SubjectEventListener subjectEventListener) {
    }

    public Log getLog() {
        return this.log_;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }
}
