package org.exoplatform.web.security;

import java.lang.reflect.Method;
import javax.security.auth.login.LoginException;
import javax.servlet.http.HttpServletRequest;
import org.exoplatform.container.ExoContainer;
import org.exoplatform.services.log.ExoLogger;
import org.exoplatform.services.log.Log;
import org.exoplatform.services.security.Authenticator;
import org.exoplatform.services.security.UsernameCredential;
import org.exoplatform.services.security.jaas.AbstractLoginModule;
import org.gatein.wci.security.Credentials;

/* loaded from: input_file:org/exoplatform/web/security/PortalLoginModule.class */
public class PortalLoginModule extends AbstractLoginModule {
    private static final Log log = ExoLogger.getLogger(PortalLoginModule.class);
    private static final Method getContextMethod;
    public static final String AUTHENTICATED_CREDENTIALS = "authenticatedCredentials";
    private static final String LOGIN_ON_DIFFERENT_NODE = "PortalLoginModule.loginOnDifferentNode";

    public boolean login() throws LoginException {
        if (getContextMethod == null) {
            return true;
        }
        try {
            HttpServletRequest currentHttpServletRequest = getCurrentHttpServletRequest();
            if (currentHttpServletRequest == null) {
                log.debug("Unable to find HTTPServletRequest.");
                return false;
            }
            Credentials credentials = (Credentials) currentHttpServletRequest.getSession().getAttribute(AUTHENTICATED_CREDENTIALS);
            if (credentials != null) {
                Authenticator authenticator = (Authenticator) getContainer().getComponentInstanceOfType(Authenticator.class);
                if (authenticator == null) {
                    throw new LoginException("No Authenticator component found, check your configuration");
                }
                String username = credentials.getUsername();
                this.sharedState.put("exo.security.identity", authenticator.createIdentity(username));
                this.sharedState.put("javax.security.auth.login.name", username);
                this.subject.getPublicCredentials().add(new UsernameCredential(username));
                this.subject.getPrivateCredentials().add("");
                this.sharedState.remove("javax.security.auth.login.password");
                this.sharedState.put(LOGIN_ON_DIFFERENT_NODE, true);
            }
            return true;
        } catch (Exception e) {
            log.error(this, e);
            LoginException loginException = new LoginException(e.getMessage());
            loginException.initCause(e);
            throw loginException;
        }
    }

    public boolean commit() throws LoginException {
        if (getContextMethod == null || !isClusteredSSO() || !this.sharedState.containsKey("javax.security.auth.login.name") || !this.sharedState.containsKey("javax.security.auth.login.password") || this.sharedState.get(LOGIN_ON_DIFFERENT_NODE) != null) {
            return true;
        }
        Credentials credentials = new Credentials((String) this.sharedState.get("javax.security.auth.login.name"), "");
        try {
            HttpServletRequest currentHttpServletRequest = getCurrentHttpServletRequest();
            if (currentHttpServletRequest == null) {
                log.debug("Unable to find HTTPServletRequest.");
            } else {
                currentHttpServletRequest.getSession().setAttribute(AUTHENTICATED_CREDENTIALS, credentials);
                handleCredentialsRemoving(currentHttpServletRequest);
            }
            return true;
        } catch (Exception e) {
            log.error(this, e);
            log.error("LoginModule error. Turn off session credentials checking with proper configuration option of LoginModule set to false");
            return true;
        }
    }

    public boolean abort() throws LoginException {
        return true;
    }

    public boolean logout() throws LoginException {
        return true;
    }

    protected Log getLogger() {
        return log;
    }

    protected static boolean isClusteredSSO() {
        return ExoContainer.getProfiles().contains("cluster");
    }

    protected void handleCredentialsRemoving(HttpServletRequest httpServletRequest) {
    }

    private HttpServletRequest getCurrentHttpServletRequest() {
        HttpServletRequest httpServletRequest = null;
        try {
            if (getContextMethod != null) {
                httpServletRequest = (HttpServletRequest) getContextMethod.invoke(null, "javax.servlet.http.HttpServletRequest");
            }
        } catch (Exception e) {
            log.debug("Exception when trying to obtain HTTPServletRequest.", e);
        }
        return httpServletRequest;
    }

    static {
        Method method = null;
        log.debug("About to configure PortalLoginModule");
        try {
            method = Thread.currentThread().getContextClassLoader().loadClass("javax.security.jacc.PolicyContext").getDeclaredMethod("getContext", String.class);
        } catch (ClassNotFoundException e) {
            log.debug("JACC not found ignoring it", e);
        } catch (Exception e2) {
            log.error("Could not obtain JACC get context method", e2);
        }
        getContextMethod = method;
    }
}
