package org.exoplatform.services.security.jaas;

import com.lowagie.text.pdf.PdfBoolean;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.login.LoginException;
import org.exoplatform.services.log.ExoLogger;
import org.exoplatform.services.log.Log;
import org.exoplatform.services.security.Authenticator;
import org.exoplatform.services.security.Credential;
import org.exoplatform.services.security.Identity;
import org.exoplatform.services.security.IdentityRegistry;
import org.exoplatform.services.security.PasswordCredential;
import org.exoplatform.services.security.UsernameCredential;

/* loaded from: input_file:exo-jcr.rar:exo.core.component.security.core-2.3.8-GA.jar:org/exoplatform/services/security/jaas/DefaultLoginModule.class */
public class DefaultLoginModule extends AbstractLoginModule {
    protected Log log = ExoLogger.getLogger("exo.core.component.security.core.DefaultLoginModule");
    protected Identity identity;
    protected boolean singleLogin;

    @Override // org.exoplatform.services.security.jaas.AbstractLoginModule
    public void afterInitialize() {
        String str = (String) this.options.get("singleLogin");
        this.singleLogin = str != null && (str.equalsIgnoreCase("yes") || str.equalsIgnoreCase(PdfBoolean.TRUE));
    }

    public boolean login() throws LoginException {
        if (this.log.isDebugEnabled()) {
            this.log.debug("In login of DefaultLoginModule.");
        }
        try {
            if (this.sharedState.containsKey("exo.security.identity")) {
                if (this.log.isDebugEnabled()) {
                    this.log.debug("Use Identity from previous LoginModule");
                }
                this.identity = (Identity) this.sharedState.get("exo.security.identity");
                return true;
            }
            if (this.log.isDebugEnabled()) {
                this.log.debug("Try create identity");
            }
            NameCallback[] nameCallbackArr = {new NameCallback("Username"), new PasswordCallback("Password", false)};
            this.callbackHandler.handle(nameCallbackArr);
            String name = nameCallbackArr[0].getName();
            String str = new String(((PasswordCallback) nameCallbackArr[1]).getPassword());
            ((PasswordCallback) nameCallbackArr[1]).clearPassword();
            if (name == null || str == null) {
                return false;
            }
            Authenticator authenticator = (Authenticator) getContainer().getComponentInstanceOfType(Authenticator.class);
            if (authenticator == null) {
                throw new LoginException("No Authenticator component found, check your configuration");
            }
            String validateUser = authenticator.validateUser(new Credential[]{new UsernameCredential(name), new PasswordCredential(str)});
            this.identity = authenticator.createIdentity(validateUser);
            this.sharedState.put("javax.security.auth.login.name", validateUser);
            this.subject.getPrivateCredentials().add(str);
            this.subject.getPublicCredentials().add(new UsernameCredential(name));
            return true;
        } catch (Throwable th) {
            if (this.log.isDebugEnabled()) {
                this.log.debug(th.getMessage());
            }
            throw new LoginException(th.getMessage());
        }
    }

    public boolean commit() throws LoginException {
        try {
            IdentityRegistry identityRegistry = (IdentityRegistry) getContainer().getComponentInstanceOfType(IdentityRegistry.class);
            if (this.singleLogin && identityRegistry.getIdentity(this.identity.getUserId()) != null) {
                throw new LoginException("User " + this.identity.getUserId() + " already logined.");
            }
            this.identity.setSubject(this.subject);
            identityRegistry.register(this.identity);
            return true;
        } catch (Throwable th) {
            this.log.error(th.getLocalizedMessage());
            throw new LoginException(th.getMessage());
        }
    }

    public boolean abort() throws LoginException {
        if (!this.log.isDebugEnabled()) {
            return true;
        }
        this.log.debug("In abort of DefaultLoginModule.");
        return true;
    }

    public boolean logout() throws LoginException {
        if (!this.log.isDebugEnabled()) {
            return true;
        }
        this.log.debug("In logout of DefaultLoginModule.");
        return true;
    }

    @Override // org.exoplatform.services.security.jaas.AbstractLoginModule
    protected Log getLogger() {
        return this.log;
    }
}
