package org.jboss.security.plugins;

import java.security.Principal;
import java.util.HashMap;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import javax.security.auth.message.AuthException;
import javax.security.auth.message.AuthStatus;
import javax.security.auth.message.MessageInfo;
import javax.security.auth.message.config.AuthConfigFactory;
import javax.security.auth.message.config.RegistrationListener;
import javax.security.auth.message.config.ServerAuthContext;
import javax.security.jacc.PolicyContext;
import org.jboss.logging.Logger;
import org.jboss.security.AuthenticationManager;
import org.jboss.security.SecurityConstants;
import org.jboss.security.auth.callback.AppCallbackHandler;
import org.jboss.security.cache.JBossAuthenticationCache;
import org.jboss.security.cache.SecurityCache;
import org.jboss.security.cache.SecurityCacheException;

/* loaded from: input_file:org/jboss/security/plugins/JBossAuthenticationManager.class */
public class JBossAuthenticationManager implements AuthenticationManager {
    private static Logger log = Logger.getLogger(JBossAuthenticationManager.class);
    protected String securityDomain;
    protected CallbackHandler callbackHandler;
    private SecurityCache<Principal> sCache;
    private ThreadLocal<Subject> subjectLocal = new ThreadLocal<>();
    private boolean cacheValidation = false;

    public JBossAuthenticationManager(String str, CallbackHandler callbackHandler) {
        this.securityDomain = SecurityConstants.DEFAULT_APPLICATION_POLICY;
        this.callbackHandler = null;
        this.sCache = null;
        this.securityDomain = str;
        this.callbackHandler = callbackHandler;
        this.sCache = new JBossAuthenticationCache();
    }

    public JBossAuthenticationManager(String str, CallbackHandler callbackHandler, int i, float f, int i2) {
        this.securityDomain = SecurityConstants.DEFAULT_APPLICATION_POLICY;
        this.callbackHandler = null;
        this.sCache = null;
        this.securityDomain = str;
        this.callbackHandler = callbackHandler;
        this.sCache = new JBossAuthenticationCache(i, f, i2);
    }

    public void setSecurityCache(String str) {
        if (str == null) {
            throw new IllegalArgumentException("className is null");
        }
        try {
            this.sCache = (SecurityCache) SubjectActions.getContextClassLoader().loadClass(str).getConstructor(new Class[0]).newInstance(new Object[0]);
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public Subject getActiveSubject() {
        return this.subjectLocal.get();
    }

    public String getSecurityDomain() {
        return this.securityDomain;
    }

    public Principal getTargetPrincipal(Principal principal, Map<String, Object> map) {
        throw new RuntimeException("Unimplemented");
    }

    public boolean isValid(Principal principal, Object obj) {
        return isValid(principal, obj, new Subject());
    }

    public boolean isValid(Principal principal, Object obj, Subject subject) {
        Subject validateCache;
        if (subject == null) {
            throw new IllegalArgumentException("Subject is null");
        }
        HashMap hashMap = new HashMap();
        if (this.sCache.cacheHit(principal) && (validateCache = validateCache(principal, obj, subject)) != null) {
            this.subjectLocal.set(validateCache);
            return true;
        }
        try {
            this.cacheValidation = false;
            LoginContext loginContext = new LoginContext(this.securityDomain, subject, this.callbackHandler);
            loginContext.login();
            hashMap.put(SecurityConstants.CREDENTIAL, obj);
            hashMap.put(SecurityConstants.SUBJECT, subject);
            try {
                this.sCache.addCacheEntry(principal, hashMap);
                this.subjectLocal.set(loginContext.getSubject());
                return true;
            } catch (SecurityCacheException e) {
                throw new RuntimeException((Throwable) e);
            }
        } catch (LoginException e2) {
            log.trace("Login Failure:", e2);
            return false;
        }
    }

    public boolean isValid(MessageInfo messageInfo, Subject subject, String str) {
        AuthStatus authStatus = AuthStatus.FAILURE;
        try {
            String contextID = PolicyContext.getContextID();
            ServerAuthContext authContext = AuthConfigFactory.getFactory().getConfigProvider(str, contextID, (RegistrationListener) null).getServerAuthConfig(str, contextID, new AppCallbackHandler("DUMMY", "DUMMY".toCharArray())).getAuthContext(contextID, new Subject(), new HashMap());
            if (subject == null) {
                subject = new Subject();
            }
            authStatus = authContext.validateRequest(messageInfo, subject, new Subject());
            this.subjectLocal.set(subject);
        } catch (AuthException e) {
            log.trace("AuthException:", e);
        }
        return AuthStatus.SUCCESS == authStatus;
    }

    public boolean fromCache() {
        return this.cacheValidation;
    }

    private Subject validateCache(Principal principal, Object obj, Subject subject) {
        this.cacheValidation = false;
        HashMap hashMap = new HashMap();
        hashMap.put(SecurityConstants.CREDENTIAL, obj);
        try {
            this.sCache.cacheOperation(principal, hashMap);
            Object obj2 = this.sCache.get(principal);
            if (obj2 == null || !(obj2 instanceof Subject)) {
                return null;
            }
            Subject subject2 = (Subject) obj2;
            this.cacheValidation = true;
            return subject2;
        } catch (SecurityCacheException e) {
            return null;
        }
    }
}
