package org.jboss.security.auth.spi;

import java.security.acl.Group;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginException;
import org.jboss.security.SecurityConstants;
import org.jboss.security.SimpleGroup;
import org.jboss.security.SimplePrincipal;
import org.jboss.security.plugins.HostThreadLocal;

/* loaded from: input_file:WEB-INF/lib/picketbox-4.0.7.Final.jar:org/jboss/security/auth/spi/RemoteHostTrustLoginModule.class */
public class RemoteHostTrustLoginModule extends UsernamePasswordLoginModule {
    private static final String OPTION_TRUSTED_HOSTS = "trustedHosts";
    private static final String OPTION_ROLES = "roles";
    List<String> trustedHosts;
    private String roleNames;

    @Override // org.jboss.security.auth.spi.UsernamePasswordLoginModule, org.jboss.security.auth.spi.AbstractServerLoginModule
    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        super.initialize(subject, callbackHandler, map, map2);
        boolean isTraceEnabled = this.log.isTraceEnabled();
        this.trustedHosts = Arrays.asList(parseHosts((String) map2.get(OPTION_TRUSTED_HOSTS)));
        this.roleNames = (String) map2.get("roles");
        if (isTraceEnabled) {
            String str = "roleNames: " + this.roleNames + "\ntrusted hosts {";
            Iterator<String> it = this.trustedHosts.iterator();
            while (it.hasNext()) {
                str = str + "\n" + it.next();
            }
            this.log.trace(str + "\n}");
        }
    }

    private String[] parseHosts(String str) {
        return str.split("\\,");
    }

    @Override // org.jboss.security.auth.spi.UsernamePasswordLoginModule
    protected boolean validatePassword(String str, String str2) {
        String realHost = getRealHost();
        if (this.log.isTraceEnabled()) {
            this.log.trace("real host for trust is " + realHost);
        }
        if (this.trustedHosts.contains(realHost)) {
            return true;
        }
        if (!this.log.isTraceEnabled()) {
            return false;
        }
        this.log.trace("real host for trust is " + realHost);
        return false;
    }

    @Override // org.jboss.security.auth.spi.UsernamePasswordLoginModule
    protected String getUsersPassword() throws LoginException {
        return "trustme";
    }

    protected String getRealHost() {
        return HostThreadLocal.get();
    }

    @Override // org.jboss.security.auth.spi.AbstractServerLoginModule
    protected Group[] getRoleSets() throws LoginException {
        SimpleGroup simpleGroup = new SimpleGroup(SecurityConstants.ROLES_IDENTIFIER);
        Group[] groupArr = {simpleGroup};
        if (this.roleNames != null) {
            String[] split = this.roleNames.split(",");
            int length = split.length;
            for (int i = 0; i < length; i++) {
                String str = split[i];
                simpleGroup.addMember(new SimplePrincipal(str != null ? str.trim() : str));
            }
        }
        return groupArr;
    }
}
