package org.apache.karaf.jaas.command;

import java.io.IOException;
import java.security.PrivilegedExceptionAction;
import java.util.List;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginContext;
import org.apache.karaf.main.lock.GenericJDBCLock;
import org.apache.karaf.shell.api.action.Action;
import org.apache.karaf.shell.api.action.Argument;
import org.apache.karaf.shell.api.action.Command;
import org.apache.karaf.shell.api.action.Option;
import org.apache.karaf.shell.api.action.lifecycle.Reference;
import org.apache.karaf.shell.api.action.lifecycle.Service;
import org.apache.karaf.shell.api.console.Session;
import org.apache.karaf.util.jaas.JaasHelper;
import org.fusesource.jansi.AnsiRenderer;

@Service
@Command(scope = "jaas", name = "sudo", description = "Execute a command as another user")
/* loaded from: input_file:WEB-INF/karaf/system/org/apache/karaf/jaas/org.apache.karaf.jaas.command/4.0.8.redhat-000056/org.apache.karaf.jaas.command-4.0.8.redhat-000056.jar:org/apache/karaf/jaas/command/SudoCommand.class */
public class SudoCommand implements Action {

    @Option(name = "--realm")
    String realm = GenericJDBCLock.DEFAULT_CLUSTERNAME;

    @Option(name = "--user")
    String user = GenericJDBCLock.DEFAULT_CLUSTERNAME;

    @Argument(multiValued = true)
    List<String> command;

    @Reference
    Session session;

    @Override // org.apache.karaf.shell.api.action.Action
    public Object execute() throws Exception {
        Subject subject = new Subject();
        LoginContext loginContext = new LoginContext(this.realm, subject, new CallbackHandler() { // from class: org.apache.karaf.jaas.command.SudoCommand.1
            @Override // javax.security.auth.callback.CallbackHandler
            public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
                for (Callback callback : callbackArr) {
                    if (callback instanceof NameCallback) {
                        ((NameCallback) callback).setName(SudoCommand.this.user);
                    } else {
                        if (!(callback instanceof PasswordCallback)) {
                            throw new UnsupportedCallbackException(callback);
                        }
                        ((PasswordCallback) callback).setPassword(SudoCommand.this.session.readLine("Password: ", '*').toCharArray());
                    }
                }
            }
        });
        loginContext.login();
        final StringBuilder sb = new StringBuilder();
        for (String str : this.command) {
            if (sb.length() > 0) {
                sb.append(AnsiRenderer.CODE_TEXT_SEPARATOR);
            }
            sb.append(str);
        }
        JaasHelper.doAs(subject, new PrivilegedExceptionAction<Object>() { // from class: org.apache.karaf.jaas.command.SudoCommand.2
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                return SudoCommand.this.session.execute(sb);
            }
        });
        loginContext.logout();
        return null;
    }
}
