package org.exoplatform.services.sso.cas2;

import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import org.apache.commons.logging.Log;
import org.exoplatform.container.ExoContainer;
import org.exoplatform.container.PortalContainer;
import org.exoplatform.container.RootContainer;
import org.exoplatform.container.component.ComponentRequestLifecycle;
import org.exoplatform.services.security.SecurityService;

/* loaded from: input_file:org/exoplatform/services/sso/cas2/CASLoginModule.class */
public class CASLoginModule implements LoginModule {
    private static final String DEFAULT_DOMAIN = "portal";
    private SecurityService securityService_;
    private boolean success_ = false;
    private String username_ = null;
    private Subject subject_;
    private String portalDomain_;
    private CallbackHandler callbackHandler_;
    private Map sharedState_;
    private Log log_;

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        this.subject_ = subject;
        this.callbackHandler_ = callbackHandler;
        this.sharedState_ = map;
    }

    public boolean login() throws LoginException {
        String substring;
        if (this.callbackHandler_ == null) {
            throw new LoginException("CallbackHandler null");
        }
        NameCallback[] nameCallbackArr = {new NameCallback("Username: "), new PasswordCallback("Ticket: ", false)};
        List list = null;
        try {
            try {
                this.callbackHandler_.handle(nameCallbackArr);
                this.username_ = nameCallbackArr[0].getName();
                String str = new String(((PasswordCallback) nameCallbackArr[1]).getPassword());
                int lastIndexOf = str.lastIndexOf("@");
                if (lastIndexOf == 0) {
                    substring = null;
                    this.portalDomain_ = str.substring(lastIndexOf + 1);
                } else {
                    if (lastIndexOf == -1) {
                        throw new LoginException("Cannot identify  the  portal container");
                    }
                    substring = str.substring(0, lastIndexOf);
                    this.portalDomain_ = str.substring(lastIndexOf + 1);
                }
                PortalContainer portalContainer = RootContainer.getInstance().getPortalContainer(this.portalDomain_);
                PortalContainer.setInstance(portalContainer);
                List componentInstancesOfType = portalContainer.getComponentInstancesOfType(ComponentRequestLifecycle.class);
                Iterator it = componentInstancesOfType.iterator();
                while (it.hasNext()) {
                    ((ComponentRequestLifecycle) it.next()).startRequest(portalContainer);
                }
                this.securityService_ = (SecurityService) portalContainer.getComponentInstanceOfType(SecurityService.class);
                this.log_ = this.securityService_.getLog();
                if (this.username_ == null) {
                    this.success_ = false;
                    if (portalContainer != null) {
                        Iterator it2 = componentInstancesOfType.iterator();
                        while (it2.hasNext()) {
                            ((ComponentRequestLifecycle) it2.next()).endRequest(portalContainer);
                        }
                        PortalContainer.setInstance((PortalContainer) null);
                    }
                    return false;
                }
                if (substring == null) {
                    this.success_ = false;
                    if (portalContainer != null) {
                        Iterator it3 = componentInstancesOfType.iterator();
                        while (it3.hasNext()) {
                            ((ComponentRequestLifecycle) it3.next()).endRequest(portalContainer);
                        }
                        PortalContainer.setInstance((PortalContainer) null);
                    }
                    return false;
                }
                this.sharedState_.put("javax.security.auth.login.name", this.username_);
                this.sharedState_.put("javax.security.auth.login.password", substring);
                ((PasswordCallback) nameCallbackArr[1]).clearPassword();
                this.success_ = true;
                if (!this.success_) {
                    this.log_.debug("Authentication failed");
                    throw new LoginException("Authentication failed");
                }
                this.subject_.getPrivateCredentials().add(substring);
                if (portalContainer != null) {
                    Iterator it4 = componentInstancesOfType.iterator();
                    while (it4.hasNext()) {
                        ((ComponentRequestLifecycle) it4.next()).endRequest(portalContainer);
                    }
                    PortalContainer.setInstance((PortalContainer) null);
                }
                return true;
            } catch (Exception e) {
                e.printStackTrace();
                this.log_.error("error while trying to login", e);
                throw new LoginException("Authentication failed");
            }
        } catch (Throwable th) {
            if (0 != 0) {
                Iterator it5 = list.iterator();
                while (it5.hasNext()) {
                    ((ComponentRequestLifecycle) it5.next()).endRequest((ExoContainer) null);
                }
                PortalContainer.setInstance((PortalContainer) null);
            }
            throw th;
        }
    }

    public boolean commit() throws LoginException {
        if (this.success_) {
            List list = null;
            PortalContainer portalContainer = null;
            try {
                try {
                    portalContainer = RootContainer.getInstance().getPortalContainer(this.portalDomain_);
                    PortalContainer.setInstance(portalContainer);
                    list = portalContainer.getComponentInstancesOfType(ComponentRequestLifecycle.class);
                    Iterator it = list.iterator();
                    while (it.hasNext()) {
                        ((ComponentRequestLifecycle) it.next()).startRequest(portalContainer);
                    }
                    this.securityService_.setUpAndCacheSubject(this.username_, this.subject_);
                    if (portalContainer != null) {
                        Iterator it2 = list.iterator();
                        while (it2.hasNext()) {
                            ((ComponentRequestLifecycle) it2.next()).startRequest(portalContainer);
                        }
                        PortalContainer.setInstance((PortalContainer) null);
                    }
                } catch (Exception e) {
                    throw new LoginException("error while filling subject with Principal in commit() of BasicLoginModule");
                }
            } catch (Throwable th) {
                if (portalContainer != null) {
                    Iterator it3 = list.iterator();
                    while (it3.hasNext()) {
                        ((ComponentRequestLifecycle) it3.next()).startRequest(portalContainer);
                    }
                    PortalContainer.setInstance((PortalContainer) null);
                }
                throw th;
            }
        }
        return this.success_;
    }

    public boolean abort() throws LoginException {
        this.log_.debug("call abort()");
        clear();
        return this.success_;
    }

    public boolean logout() throws LoginException {
        this.log_.debug("logout user: " + this.username_);
        this.securityService_.removeSubject(this.username_);
        clear();
        return true;
    }

    private void clear() {
        this.subject_.getPrincipals().clear();
        this.subject_.getPrivateCredentials().clear();
        this.subject_.getPublicCredentials().clear();
        this.username_ = null;
    }
}
