package io.hawt.web.tomcat;

import java.io.File;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import javax.xml.parsers.DocumentBuilderFactory;
import org.eclipse.aether.repository.AuthenticationContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:WEB-INF/lib/hawtio-system-1.4.0.redhat-630329-05.jar:io/hawt/web/tomcat/TomcatUserDatabaseLoginContext.class */
public class TomcatUserDatabaseLoginContext implements LoginModule {
    private static final transient Logger LOG = LoggerFactory.getLogger(TomcatUserDatabaseLoginContext.class);
    private Subject subject;
    private CallbackHandler callbackHandler;
    private String fileName = "conf/tomcat-users.xml";
    private File file;

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> map, Map<String, ?> map2) {
        this.subject = subject;
        this.callbackHandler = callbackHandler;
        String property = System.getProperty("catalina.base", ".");
        LOG.debug("Using base directory: {}", property);
        this.file = new File(property, this.fileName);
        if (this.file.exists()) {
            return;
        }
        String str = "Cannot find Apache Tomcat user database file: " + this.file;
        LOG.warn(str);
        throw new IllegalStateException(str);
    }

    public boolean login() throws LoginException {
        NameCallback[] nameCallbackArr = {new NameCallback(AuthenticationContext.USERNAME), new PasswordCallback("password", false)};
        try {
            this.callbackHandler.handle(nameCallbackArr);
            String name = nameCallbackArr[0].getName();
            String str = new String(((PasswordCallback) nameCallbackArr[1]).getPassword());
            ((PasswordCallback) nameCallbackArr[1]).clearPassword();
            LOG.debug("Getting user details for username {}", name);
            String[] userPasswordRole = getUserPasswordRole(name);
            if (userPasswordRole == null) {
                LOG.trace("Login denied due user not found");
                return false;
            }
            if (!str.equals(userPasswordRole[1])) {
                LOG.trace("Login denied due password did not match");
                return false;
            }
            for (String str2 : userPasswordRole[2].split(",")) {
                LOG.trace("User {} has role {}", name, str2);
                this.subject.getPrincipals().add(new TomcatPrincipal(str2));
            }
            return true;
        } catch (UnsupportedCallbackException e) {
            LoginException loginException = new LoginException("Error: " + e.getCallback().toString() + " not available to gather authentication information from the user");
            loginException.initCause(e);
            throw loginException;
        } catch (Exception e2) {
            LoginException loginException2 = new LoginException(e2.toString());
            loginException2.initCause(e2);
            throw loginException2;
        }
    }

    public boolean commit() throws LoginException {
        return true;
    }

    public boolean abort() throws LoginException {
        return true;
    }

    public boolean logout() throws LoginException {
        this.subject = null;
        this.callbackHandler = null;
        return true;
    }

    protected String[] getUserPasswordRole(String str) throws Exception {
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setNamespaceAware(true);
        NodeList elementsByTagName = newInstance.newDocumentBuilder().parse(this.file).getElementsByTagName("user");
        for (int i = 0; i < elementsByTagName.getLength(); i++) {
            Node item = elementsByTagName.item(i);
            String nodeValue = item.getAttributes().getNamedItem(AuthenticationContext.USERNAME).getNodeValue();
            String nodeValue2 = item.getAttributes().getNamedItem("password").getNodeValue();
            String nodeValue3 = item.getAttributes().getNamedItem("roles").getNodeValue();
            if (str.equals(nodeValue)) {
                return new String[]{str, nodeValue2, nodeValue3};
            }
        }
        return null;
    }
}
