package org.jboss.security.auth.spi;

import java.security.Principal;
import java.security.acl.Group;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import org.jboss.logging.Logger;
import org.jboss.security.NestableGroup;
import org.jboss.security.SecurityConstants;
import org.jboss.security.SimpleGroup;
import org.jboss.security.SimplePrincipal;

/* loaded from: input_file:WEB-INF/lib/picketbox-4.0.0.Beta4.jar:org/jboss/security/auth/spi/AbstractServerLoginModule.class */
public abstract class AbstractServerLoginModule implements LoginModule {
    protected Subject subject;
    protected CallbackHandler callbackHandler;
    protected Map sharedState;
    protected Map options;
    protected Logger log;
    protected boolean trace = false;
    protected boolean useFirstPass;
    protected boolean loginOk;
    protected String principalClassName;
    protected Principal unauthenticatedIdentity;

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> map, Map<String, ?> map2) {
        this.subject = subject;
        this.callbackHandler = callbackHandler;
        this.sharedState = map;
        this.options = map2;
        this.log = Logger.getLogger(getClass());
        this.trace = this.log.isTraceEnabled();
        if (this.trace) {
            this.log.trace("initialize");
            this.log.trace("Security domain: " + ((String) map2.get(SecurityConstants.SECURITY_DOMAIN_OPTION)));
        }
        String str = (String) map2.get("password-stacking");
        if (str != null && str.equalsIgnoreCase("useFirstPass")) {
            this.useFirstPass = true;
        }
        this.principalClassName = (String) map2.get("principalClass");
        String str2 = (String) map2.get("unauthenticatedIdentity");
        if (str2 != null) {
            try {
                this.unauthenticatedIdentity = createIdentity(str2);
                if (this.trace) {
                    this.log.trace("Saw unauthenticatedIdentity=" + str2);
                }
            } catch (Exception e) {
                this.log.warn("Failed to create custom unauthenticatedIdentity", e);
            }
        }
    }

    public boolean login() throws LoginException {
        if (this.trace) {
            this.log.trace("login");
        }
        this.loginOk = false;
        if (!this.useFirstPass) {
            return false;
        }
        try {
            Object obj = this.sharedState.get("javax.security.auth.login.name");
            Object obj2 = this.sharedState.get("javax.security.auth.login.password");
            if (obj == null || obj2 == null) {
                return false;
            }
            this.loginOk = true;
            return true;
        } catch (Exception e) {
            this.log.error("login failed", e);
            return false;
        }
    }

    public boolean commit() throws LoginException {
        if (this.trace) {
            this.log.trace("commit, loginOk=" + this.loginOk);
        }
        if (!this.loginOk) {
            return false;
        }
        Set<Principal> principals = this.subject.getPrincipals();
        principals.add(getIdentity());
        for (Group group : getRoleSets()) {
            Group createGroup = createGroup(group.getName(), principals);
            if (createGroup instanceof NestableGroup) {
                SimpleGroup simpleGroup = new SimpleGroup(SecurityConstants.ROLES_IDENTIFIER);
                createGroup.addMember(simpleGroup);
                createGroup = simpleGroup;
            }
            Enumeration<? extends Principal> members = group.members();
            while (members.hasMoreElements()) {
                createGroup.addMember(members.nextElement());
            }
        }
        return true;
    }

    public boolean abort() throws LoginException {
        if (!this.trace) {
            return true;
        }
        this.log.trace("abort");
        return true;
    }

    public boolean logout() throws LoginException {
        if (this.trace) {
            this.log.trace("logout");
        }
        this.subject.getPrincipals().remove(getIdentity());
        return true;
    }

    protected abstract Principal getIdentity();

    protected abstract Group[] getRoleSets() throws LoginException;

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean getUseFirstPass() {
        return this.useFirstPass;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Principal getUnauthenticatedIdentity() {
        return this.unauthenticatedIdentity;
    }

    protected Group createGroup(String str, Set<Principal> set) {
        Group group = null;
        Iterator<Principal> it = set.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Principal next = it.next();
            if (next instanceof Group) {
                Group group2 = (Group) next;
                if (group2.getName().equals(str)) {
                    group = group2;
                    break;
                }
            }
        }
        if (group == null) {
            group = new SimpleGroup(str);
            set.add(group);
        }
        return group;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Principal createIdentity(String str) throws Exception {
        return this.principalClassName == null ? new SimplePrincipal(str) : (Principal) SecurityActions.getContextClassLoader().loadClass(this.principalClassName).getConstructor(String.class).newInstance(str);
    }
}
