package org.exoplatform.services.jcr.impl.core.access;

import java.util.HashSet;
import javax.jcr.Credentials;
import javax.jcr.LoginException;
import javax.jcr.SimpleCredentials;
import javax.security.auth.login.LoginContext;
import org.exoplatform.services.jcr.config.RepositoryEntry;
import org.exoplatform.services.jcr.core.CredentialsImpl;
import org.exoplatform.services.security.ConversationState;
import org.exoplatform.services.security.Identity;
import org.exoplatform.services.security.IdentityConstants;
import org.exoplatform.services.security.IdentityRegistry;
import org.exoplatform.services.security.jaas.BasicCallbackHandler;

/* loaded from: input_file:APP-INF/lib/exo.jcr.component.core-1.15.5-GA.jar:org/exoplatform/services/jcr/impl/core/access/JAASAuthenticator.class */
public class JAASAuthenticator extends BaseAuthenticator {
    public JAASAuthenticator(RepositoryEntry repositoryEntry, IdentityRegistry identityRegistry) {
        super(repositoryEntry, identityRegistry);
    }

    @Override // org.exoplatform.services.jcr.access.AuthenticationPolicy
    public final ConversationState authenticate(Credentials credentials) throws LoginException {
        CredentialsImpl credentialsImpl;
        if (credentials instanceof CredentialsImpl) {
            credentialsImpl = (CredentialsImpl) credentials;
        } else {
            if (!(credentials instanceof SimpleCredentials)) {
                throw new LoginException("Credentials for the authentication should be CredentialsImpl or SimpleCredentials type");
            }
            credentialsImpl = new CredentialsImpl(((SimpleCredentials) credentials).getUserID(), ((SimpleCredentials) credentials).getPassword());
        }
        if (credentialsImpl.getUserID().equals(IdentityConstants.SYSTEM)) {
            return new ConversationState(new Identity(IdentityConstants.SYSTEM, new HashSet()));
        }
        try {
            new LoginContext(this.config.getSecurityDomain(), new BasicCallbackHandler(credentialsImpl.getUserID(), credentialsImpl.getPassword())).login();
            if (log.isDebugEnabled()) {
                log.debug("Logged " + credentialsImpl.getUserID());
            }
            Identity identity = this.identityRegistry.getIdentity(credentialsImpl.getUserID());
            if (identity == null) {
                throw new LoginException("Identity not found, check Loginmodule, userId " + credentialsImpl.getUserID());
            }
            ConversationState conversationState = new ConversationState(identity);
            for (String str : credentialsImpl.getAttributeNames()) {
                conversationState.setAttribute(str, credentialsImpl.getAttribute(str));
            }
            ConversationState.setCurrent(conversationState);
            return conversationState;
        } catch (javax.security.auth.login.LoginException e) {
            throw new LoginException("Login failed for " + credentialsImpl.getUserID() + " " + e);
        }
    }
}
