package org.gatein.sso.spnego;

import java.security.Principal;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.exoplatform.services.security.jaas.UserPrincipal;
import org.jboss.security.negotiation.common.NegotiationContext;

/* loaded from: input_file:org/gatein/sso/spnego/SPNEGOLoginModule.class */
public class SPNEGOLoginModule extends org.jboss.security.negotiation.spnego.SPNEGOLoginModule {
    private String usernamePasswordDomain;

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        super.initialize(subject, callbackHandler, map, map2);
        this.usernamePasswordDomain = (String) map2.get("usernamePasswordDomain");
    }

    protected Object innerLogin() throws LoginException {
        if (NegotiationContext.getCurrentNegotiationContext() != null) {
            return super.innerLogin();
        }
        if (this.usernamePasswordDomain == null) {
            throw new LoginException("No NegotiationContext and no usernamePasswordDomain defined.");
        }
        return usernamePasswordLogin();
    }

    private Object usernamePasswordLogin() throws LoginException {
        this.log.debug("Falling back to username/password authentication");
        LoginContext loginContext = new LoginContext(this.usernamePasswordDomain, this.callbackHandler);
        loginContext.login();
        setIdentity(getIdentityFromSubject(loginContext.getSubject()));
        return Boolean.TRUE;
    }

    protected Principal getIdentityFromSubject(Subject subject) throws LoginException {
        Set principals = subject.getPrincipals(UserPrincipal.class);
        if (principals.isEmpty()) {
            throw new LoginException("No UserPrincipals returned after login.");
        }
        if (principals.size() > 1) {
            this.log.warn("Multiple UserPrincipals returned, using first principal in set.");
        }
        return (Principal) principals.iterator().next();
    }
}
