package org.jboss.security;

import java.io.IOException;
import java.security.Principal;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import org.jboss.logging.Logger;

/* loaded from: input_file:org/jboss/security/ClientLoginModule.class */
public class ClientLoginModule implements LoginModule {
    private static Logger log = Logger.getLogger(ClientLoginModule.class);
    private Subject subject;
    private CallbackHandler callbackHandler;
    private Principal loginPrincipal;
    private Object loginCredential;
    private Map<String, ?> sharedState;
    private boolean useFirstPass;
    private boolean restoreLoginIdentity;
    private boolean trace;
    private SecurityContext cachedSecurityContext;

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> map, Map<String, ?> map2) {
        this.trace = log.isTraceEnabled();
        this.subject = subject;
        this.callbackHandler = callbackHandler;
        this.sharedState = map;
        if (this.trace) {
            log.trace("Security domain: " + ((String) map2.get("jboss.security.security_domain")));
        }
        if (Boolean.valueOf((String) map2.get("multi-threaded")).booleanValue()) {
            if (this.trace) {
                log.trace("Enabling multi-threaded mode");
            }
            SecurityAssociationActions.setServer();
        }
        this.restoreLoginIdentity = Boolean.valueOf((String) map2.get("restore-login-identity")).booleanValue();
        if (this.trace) {
            log.trace("Enabling restore-login-identity mode");
        }
        this.useFirstPass = ((String) map2.get("password-stacking")) != null;
        if (this.trace && this.useFirstPass) {
            log.trace("Enabling useFirstPass mode");
        }
    }

    public boolean login() throws LoginException {
        if (this.trace) {
            log.trace("Begin login");
        }
        if (this.useFirstPass) {
            try {
                Object obj = this.sharedState.get("javax.security.auth.login.name");
                if (obj instanceof Principal) {
                    this.loginPrincipal = (Principal) obj;
                } else {
                    this.loginPrincipal = new SimplePrincipal(obj != null ? obj.toString() : "");
                }
                this.loginCredential = this.sharedState.get("javax.security.auth.login.password");
                return true;
            } catch (Exception e) {
                log.debug("Failed to obtain shared state", e);
            }
        }
        if (this.callbackHandler == null) {
            throw new LoginException("Error: no CallbackHandler available to garner authentication information from the user");
        }
        PasswordCallback passwordCallback = new PasswordCallback("Password: ", false);
        Callback nameCallback = new NameCallback("User name: ", "guest");
        try {
            char[] cArr = null;
            this.callbackHandler.handle(new Callback[]{nameCallback, passwordCallback});
            this.loginPrincipal = new SimplePrincipal(nameCallback.getName());
            char[] password = passwordCallback.getPassword();
            if (password != null) {
                cArr = new char[password.length];
                System.arraycopy(password, 0, cArr, 0, password.length);
                passwordCallback.clearPassword();
            }
            this.loginCredential = cArr;
            if (this.trace) {
                log.trace("Obtained login: " + this.loginPrincipal + ", credential.class: " + (this.loginCredential != null ? this.loginCredential.getClass().getName() : "null"));
            }
            if (!this.trace) {
                return true;
            }
            log.trace("End login");
            return true;
        } catch (IOException e2) {
            LoginException loginException = new LoginException(e2.toString());
            loginException.initCause(e2);
            throw loginException;
        } catch (UnsupportedCallbackException e3) {
            LoginException loginException2 = new LoginException("Error: " + e3.getCallback().toString() + ", not able to use this callback for username/password");
            loginException2.initCause(e3);
            throw loginException2;
        }
    }

    public boolean commit() throws LoginException {
        if (this.trace) {
            log.trace("commit, subject=" + this.subject);
        }
        this.cachedSecurityContext = SecurityAssociationActions.getSecurityContext();
        SecurityAssociationActions.pushSecurityContext(this.loginPrincipal, this.loginCredential, this.subject, "CLIENT_LOGIN_MODULE");
        Set<Principal> principals = this.subject.getPrincipals();
        if (principals.contains(this.loginPrincipal)) {
            return true;
        }
        principals.add(this.loginPrincipal);
        return true;
    }

    public boolean abort() throws LoginException {
        if (this.trace) {
            log.trace("abort");
        }
        if (this.restoreLoginIdentity) {
            SecurityAssociationActions.setSecurityContext(this.cachedSecurityContext);
            return true;
        }
        SecurityAssociationActions.setSecurityContext(null);
        return true;
    }

    public boolean logout() throws LoginException {
        if (this.trace) {
            log.trace("logout");
        }
        if (this.restoreLoginIdentity) {
            SecurityAssociationActions.setSecurityContext(this.cachedSecurityContext);
        } else {
            SecurityAssociationActions.setSecurityContext(null);
        }
        this.subject.getPrincipals().remove(this.loginPrincipal);
        return true;
    }
}
