package org.jboss.security.auth.message.config;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.message.AuthException;
import javax.security.auth.message.AuthStatus;
import javax.security.auth.message.MessageInfo;
import javax.security.auth.message.config.ServerAuthContext;
import javax.security.auth.message.module.ServerAuthModule;
import org.jboss.logging.Logger;
import org.jboss.security.config.ControlFlag;

/* loaded from: input_file:eap6/api-jars/picketbox-4.0.7.Final.jar:org/jboss/security/auth/message/config/JBossServerAuthContext.class */
public class JBossServerAuthContext implements ServerAuthContext {
    protected static Logger log = Logger.getLogger((Class<?>) JBossServerAuthContext.class);
    private List<ServerAuthModule> modules;
    private Map<String, Map> moduleOptionsByName;
    protected boolean trace = log.isTraceEnabled();
    protected List<ControlFlag> controlFlags = new ArrayList();

    public JBossServerAuthContext(List<ServerAuthModule> list, Map<String, Map> map, CallbackHandler callbackHandler) throws AuthException {
        this.modules = new ArrayList();
        this.moduleOptionsByName = new HashMap();
        this.modules = list;
        this.moduleOptionsByName = map;
        for (ServerAuthModule serverAuthModule : list) {
            serverAuthModule.initialize(null, null, callbackHandler, this.moduleOptionsByName.get(serverAuthModule.getClass().getName()));
        }
    }

    public void setControlFlags(List<ControlFlag> list) {
        this.controlFlags = list;
    }

    @Override // javax.security.auth.message.ServerAuth
    public void cleanSubject(MessageInfo messageInfo, Subject subject) throws AuthException {
        Iterator<ServerAuthModule> it = this.modules.iterator();
        while (it.hasNext()) {
            it.next().cleanSubject(messageInfo, subject);
        }
    }

    @Override // javax.security.auth.message.ServerAuth
    public AuthStatus secureResponse(MessageInfo messageInfo, Subject subject) throws AuthException {
        AuthStatus authStatus = null;
        Iterator<ServerAuthModule> it = this.modules.iterator();
        while (it.hasNext()) {
            authStatus = it.next().secureResponse(messageInfo, subject);
        }
        return authStatus;
    }

    @Override // javax.security.auth.message.ServerAuth
    public AuthStatus validateRequest(MessageInfo messageInfo, Subject subject, Subject subject2) throws AuthException {
        ArrayList arrayList = new ArrayList();
        Class<?> cls = messageInfo.getRequestMessage().getClass();
        List asList = Arrays.asList(cls.getInterfaces());
        for (ServerAuthModule serverAuthModule : this.modules) {
            List asList2 = Arrays.asList(serverAuthModule.getSupportedMessageTypes());
            Iterator it = asList.iterator();
            while (it.hasNext()) {
                if (asList2.contains((Class) it.next()) && !arrayList.contains(serverAuthModule)) {
                    arrayList.add(serverAuthModule);
                }
            }
            if (asList2.contains(Object.class) || asList2.contains(cls)) {
                if (!arrayList.contains(serverAuthModule)) {
                    arrayList.add(serverAuthModule);
                }
            }
        }
        if (arrayList.size() == 0) {
            throw new RuntimeException("PB00019: Processing Failed:No ServerAuthModule configured to support type:" + cls);
        }
        return invokeModules(messageInfo, subject, subject2);
    }

    private AuthStatus invokeModules(MessageInfo messageInfo, Subject subject, Subject subject2) throws AuthException {
        AuthStatus authStatus;
        boolean z = false;
        boolean z2 = false;
        AuthException authException = null;
        AuthStatus authStatus2 = AuthStatus.FAILURE;
        int size = this.modules.size();
        for (int i = 0; i < size; i++) {
            ServerAuthModule serverAuthModule = this.modules.get(i);
            ControlFlag controlFlag = this.controlFlags.get(i);
            AuthStatus authStatus3 = AuthStatus.FAILURE;
            try {
                authStatus = serverAuthModule.validateRequest(messageInfo, subject, subject2);
            } catch (Exception e) {
                authStatus = AuthStatus.FAILURE;
                if (authException == null) {
                    authException = new AuthException(e.getMessage());
                }
            }
            if (authStatus == AuthStatus.SUCCESS) {
                authStatus2 = AuthStatus.SUCCESS;
                if (controlFlag == ControlFlag.SUFFICIENT && !z) {
                    return AuthStatus.SUCCESS;
                }
            } else {
                if (controlFlag == ControlFlag.REQUISITE) {
                    if (this.trace) {
                        log.trace("REQUISITE failed for " + serverAuthModule);
                    }
                    if (authException != null) {
                        throw authException;
                    }
                    authException = new AuthException("Auth  failed");
                }
                if (controlFlag == ControlFlag.REQUIRED) {
                    if (this.trace) {
                        log.trace("REQUIRED failed for " + serverAuthModule);
                    }
                    if (!z) {
                        z = true;
                    }
                }
                if (controlFlag == ControlFlag.OPTIONAL) {
                    z2 = true;
                }
            }
        }
        String additionalErrorMessage = getAdditionalErrorMessage(authException);
        if (z) {
            throw new AuthException("PB00019: Processing Failed:Auth Failed:" + additionalErrorMessage);
        }
        if (authStatus2 == AuthStatus.FAILURE && z2) {
            throw new AuthException("PB00019: Processing Failed:Auth Failed:" + additionalErrorMessage);
        }
        if (authStatus2 == AuthStatus.FAILURE) {
            throw new AuthException("PB00019: Processing Failed:Auth Failed:Denied.");
        }
        return AuthStatus.SUCCESS;
    }

    private String getAdditionalErrorMessage(Exception exc) {
        StringBuilder sb = new StringBuilder(" ");
        if (exc != null) {
            sb.append(exc.getLocalizedMessage());
        }
        return sb.toString();
    }
}
