package org.exoplatform.web.security;

import java.lang.reflect.Method;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.login.LoginException;
import javax.servlet.http.HttpServletRequest;
import org.exoplatform.container.ExoContainer;
import org.exoplatform.services.log.ExoLogger;
import org.exoplatform.services.log.Log;
import org.exoplatform.services.security.jaas.AbstractLoginModule;
import org.exoplatform.web.login.InitiateLoginServlet;
import org.exoplatform.web.security.security.CookieTokenService;
import org.exoplatform.web.security.security.TransientTokenService;

/* loaded from: input_file:org/exoplatform/web/security/PortalLoginModule.class */
public class PortalLoginModule extends AbstractLoginModule {
    private static final Log log = ExoLogger.getLogger(PortalLoginModule.class);
    private static final Method getContextMethod;
    public static final String AUTHENTICATED_CREDENTIALS = "authenticatedCredentials";

    public boolean login() throws LoginException {
        Callback[] callbackArr = {new NameCallback("Username"), new PasswordCallback("Password", false)};
        try {
            this.callbackHandler.handle(callbackArr);
            String str = new String(((PasswordCallback) callbackArr[1]).getPassword());
            ExoContainer container = getContainer();
            Object validateToken = ((TransientTokenService) container.getComponentInstanceOfType(TransientTokenService.class)).validateToken(str, true);
            if (validateToken == null) {
                validateToken = ((CookieTokenService) container.getComponentInstanceOfType(CookieTokenService.class)).validateToken(str, false);
            }
            if (validateToken == null && getContextMethod != null && str.startsWith(InitiateLoginServlet.COOKIE_NAME)) {
                try {
                    validateToken = ((HttpServletRequest) getContextMethod.invoke(null, "javax.servlet.http.HttpServletRequest")).getSession().getAttribute(AUTHENTICATED_CREDENTIALS);
                } catch (Throwable th) {
                    log.error(this, th);
                    log.error("LoginModule error. Turn off session credentials checking with proper configuration option of LoginModule set to false");
                }
            }
            if (!(validateToken instanceof Credentials)) {
                return true;
            }
            Credentials credentials = (Credentials) validateToken;
            this.sharedState.put("javax.security.auth.login.name", credentials.getUsername());
            this.sharedState.put("javax.security.auth.login.password", credentials.getPassword());
            return true;
        } catch (Exception e) {
            LoginException loginException = new LoginException();
            loginException.initCause(e);
            throw loginException;
        }
    }

    public boolean commit() throws LoginException {
        if (getContextMethod == null || !this.sharedState.containsKey("javax.security.auth.login.name") || !this.sharedState.containsKey("javax.security.auth.login.password")) {
            return true;
        }
        try {
            ((HttpServletRequest) getContextMethod.invoke(null, "javax.servlet.http.HttpServletRequest")).getSession().setAttribute(AUTHENTICATED_CREDENTIALS, new Credentials((String) this.sharedState.get("javax.security.auth.login.name"), (String) this.sharedState.get("javax.security.auth.login.password")));
            return true;
        } catch (Exception e) {
            log.error(this, e);
            log.error("LoginModule error. Turn off session credentials checking with proper configuration option of LoginModule set to false");
            return true;
        }
    }

    public boolean abort() throws LoginException {
        return true;
    }

    public boolean logout() throws LoginException {
        return true;
    }

    protected Log getLogger() {
        return log;
    }

    protected static boolean isClusteredSSO() {
        return ExoContainer.getProfiles().contains("cluster");
    }

    static {
        Method method = null;
        if (isClusteredSSO()) {
            log.debug("About to configure clustered SSO");
            try {
                method = Thread.currentThread().getContextClassLoader().loadClass("javax.security.jacc.PolicyContext").getDeclaredMethod("getContext", String.class);
            } catch (ClassNotFoundException e) {
                log.debug("JACC not found ignoring it", e);
            } catch (Exception e2) {
                log.error("Could not obtain JACC get context method", e2);
            }
        }
        getContextMethod = method;
    }
}
