package org.jboss.reliance.identity;

import java.io.IOException;
import java.security.Principal;
import java.security.acl.Group;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.jboss.beans.metadata.api.annotations.Inject;
import org.jboss.logging.Logger;

/* loaded from: input_file:org/jboss/reliance/identity/Identity.class */
public class Identity {
    protected static Logger log = Logger.getLogger(Identity.class);
    public static final String ROLES_GROUP = "Roles";
    private String username;
    private String password;
    private Principal principal;
    private Subject subject;
    private Configuration configuration;
    private String jaasConfigName = null;
    private boolean authenticating = false;
    private List<String> preAuthenticationRoles = new ArrayList();

    public void create() {
        this.subject = new Subject();
    }

    public boolean login() {
        try {
            authenticate();
            if (!log.isTraceEnabled()) {
                return true;
            }
            log.trace("Login successful for: " + getUsername());
            return true;
        } catch (LoginException e) {
            if (!log.isTraceEnabled()) {
                return false;
            }
            log.trace("Login failed for: " + getUsername(), e);
            return false;
        }
    }

    public void logout() {
        this.principal = null;
    }

    public boolean isCredentialsSet() {
        return (this.username == null || this.password == null) ? false : true;
    }

    public void quietLogin() {
        try {
            if (isCredentialsSet()) {
                authenticate();
            }
        } catch (LoginException e) {
        }
    }

    public void authenticate() throws LoginException {
        if (isLoggedIn()) {
            return;
        }
        authenticate(getLoginContext());
    }

    public void authenticate(LoginContext loginContext) throws LoginException {
        try {
            this.authenticating = true;
            preAuthenticate();
            loginContext.login();
            postAuthenticate();
            this.authenticating = false;
        } catch (Throwable th) {
            this.authenticating = false;
            throw th;
        }
    }

    protected void preAuthenticate() {
        unAuthenticate();
        this.preAuthenticationRoles.clear();
    }

    protected void postAuthenticate() {
        Iterator<Principal> it = getSubject().getPrincipals().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Principal next = it.next();
            if (!(next instanceof Group) && this.principal == null) {
                this.principal = next;
                break;
            }
        }
        if (!this.preAuthenticationRoles.isEmpty() && isLoggedIn()) {
            Iterator<String> it2 = this.preAuthenticationRoles.iterator();
            while (it2.hasNext()) {
                addRole(it2.next());
            }
            this.preAuthenticationRoles.clear();
        }
        this.password = null;
    }

    protected void unAuthenticate() {
        this.principal = null;
        for (Group group : getSubject().getPrincipals(Group.class)) {
            if (ROLES_GROUP.equals(group.getName())) {
                getSubject().getPrincipals().remove(group);
                return;
            }
        }
    }

    public boolean isLoggedIn() {
        return isLoggedIn(false);
    }

    public boolean isLoggedIn(boolean z) {
        if (!this.authenticating && z && getPrincipal() == null && isCredentialsSet()) {
            quietLogin();
        }
        return getPrincipal() != null;
    }

    public boolean hasRole(String str) {
        isLoggedIn(true);
        for (Group group : getSubject().getPrincipals(Group.class)) {
            if (ROLES_GROUP.equals(group.getName())) {
                return group.isMember(new SimplePrincipal(str));
            }
        }
        return false;
    }

    public boolean addRole(String str) {
        if (!isLoggedIn()) {
            this.preAuthenticationRoles.add(str);
            return false;
        }
        for (Group group : getSubject().getPrincipals(Group.class)) {
            if (ROLES_GROUP.equals(group.getName())) {
                return group.addMember(new SimplePrincipal(str));
            }
        }
        SimpleGroup simpleGroup = new SimpleGroup(ROLES_GROUP);
        simpleGroup.addMember(new SimplePrincipal(str));
        getSubject().getPrincipals().add(simpleGroup);
        return true;
    }

    public void removeRole(String str) {
        for (Group group : getSubject().getPrincipals(Group.class)) {
            if (ROLES_GROUP.equals(group.getName())) {
                Enumeration<? extends Principal> members = group.members();
                while (true) {
                    if (members.hasMoreElements()) {
                        Principal nextElement = members.nextElement();
                        if (nextElement.getName().equals(str)) {
                            group.removeMember(nextElement);
                            break;
                        }
                    }
                }
            }
        }
    }

    protected LoginContext getLoginContext() throws LoginException {
        return getJaasConfigName() != null ? new LoginContext(getJaasConfigName(), getSubject(), getDefaultCallbackHandler()) : new LoginContext("default", getSubject(), getDefaultCallbackHandler(), this.configuration.getConfiguration());
    }

    protected CallbackHandler getDefaultCallbackHandler() {
        return new CallbackHandler() { // from class: org.jboss.reliance.identity.Identity.1
            @Override // javax.security.auth.callback.CallbackHandler
            public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
                for (Callback callback : callbackArr) {
                    if (callback instanceof NameCallback) {
                        ((NameCallback) callback).setName(Identity.this.getUsername());
                    } else {
                        if (!(callback instanceof PasswordCallback)) {
                            throw new UnsupportedCallbackException(callback, "Unsupported callback");
                        }
                        ((PasswordCallback) callback).setPassword(Identity.this.getPassword() != null ? Identity.this.getPassword().toCharArray() : null);
                    }
                }
            }
        };
    }

    public String getUsername() {
        return this.username;
    }

    public void setUsername(String str) {
        this.username = str;
    }

    public String getPassword() {
        return this.password;
    }

    public void setPassword(String str) {
        this.password = str;
    }

    public Principal getPrincipal() {
        return this.principal;
    }

    public Subject getSubject() {
        return this.subject;
    }

    public String getJaasConfigName() {
        return this.jaasConfigName;
    }

    public void setJaasConfigName(String str) {
        this.jaasConfigName = str;
    }

    @Inject
    public void setConfiguration(Configuration configuration) {
        this.configuration = configuration;
    }
}
