package org.wildfly.iiop.openjdk.security;

import java.io.IOException;
import java.io.InputStream;
import java.security.Principal;
import java.security.acl.Group;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import org.jboss.iiop.csiv2.SASCurrent;
import org.jboss.security.auth.callback.SecurityAssociationCallback;
import org.jboss.security.auth.spi.AbstractServerLoginModule;

/* loaded from: input_file:wildfly-10.1.0.Final/modules/system/layers/base/org/wildfly/iiop-openjdk/main/wildfly-iiop-openjdk-10.1.0.Final.jar:org/wildfly/iiop/openjdk/security/TrustedIdentityTokenLoginModule.class */
public class TrustedIdentityTokenLoginModule extends AbstractServerLoginModule {
    private Principal identity;
    private SASCurrent credential;

    @Override // org.jboss.security.auth.spi.AbstractServerLoginModule
    public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> map, Map<String, ?> map2) {
        super.initialize(subject, callbackHandler, map, map2);
    }

    @Override // org.jboss.security.auth.spi.AbstractServerLoginModule
    public boolean login() throws LoginException {
        if (super.login()) {
            Object obj = this.sharedState.get("javax.security.auth.login.name");
            if (obj instanceof Principal) {
                this.identity = (Principal) obj;
                return true;
            }
            try {
                this.identity = createIdentity(obj.toString());
                return true;
            } catch (Exception e) {
                LoginException loginException = new LoginException();
                loginException.initCause(e);
                throw loginException;
            }
        }
        this.loginOk = false;
        if (this.callbackHandler == null) {
            throw new LoginException();
        }
        SecurityAssociationCallback securityAssociationCallback = new SecurityAssociationCallback();
        try {
            this.callbackHandler.handle(new Callback[]{securityAssociationCallback});
            String name = securityAssociationCallback.getPrincipal().getName();
            Object credential = securityAssociationCallback.getCredential();
            if (!(credential instanceof SASCurrent)) {
                return false;
            }
            this.credential = (SASCurrent) credential;
            validateCredential(name, this.credential);
            if (name == null) {
                return false;
            }
            if (this.identity == null) {
                try {
                    this.identity = createIdentity(name);
                } catch (Exception e2) {
                    LoginException loginException2 = new LoginException();
                    loginException2.initCause(e2);
                    throw loginException2;
                }
            }
            if (getUseFirstPass()) {
                this.sharedState.put("javax.security.auth.login.name", this.identity);
                this.sharedState.put("javax.security.auth.login.password", this.credential);
            }
            this.loginOk = true;
            return true;
        } catch (IOException e3) {
            LoginException loginException3 = new LoginException();
            loginException3.initCause(e3);
            throw loginException3;
        } catch (UnsupportedCallbackException e4) {
            LoginException loginException4 = new LoginException();
            loginException4.initCause(e4);
            throw loginException4;
        }
    }

    protected void validateCredential(String str, SASCurrent sASCurrent) throws LoginException {
        if (sASCurrent.get_incoming_principal_name() == null || sASCurrent.get_incoming_principal_name().length == 0) {
            throw new LoginException();
        }
    }

    @Override // org.jboss.security.auth.spi.AbstractServerLoginModule
    protected Principal getIdentity() {
        return this.identity;
    }

    @Override // org.jboss.security.auth.spi.AbstractServerLoginModule
    protected Group[] getRoleSets() throws LoginException {
        return new Group[0];
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.jboss.security.auth.spi.AbstractServerLoginModule
    public Principal getUnauthenticatedIdentity() {
        return this.unauthenticatedIdentity;
    }

    protected String getUsername() {
        String str = null;
        if (getIdentity() != null) {
            str = getIdentity().getName();
        }
        return str;
    }

    protected void safeClose(InputStream inputStream) {
        if (inputStream != null) {
            try {
                inputStream.close();
            } catch (Exception e) {
            }
        }
    }
}
