package org.jboss.web.tomcat.security.login;

import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.UUID;
import javax.servlet.http.Cookie;
import org.apache.catalina.Container;
import org.apache.catalina.Pipeline;
import org.apache.catalina.Session;
import org.apache.catalina.Valve;
import org.apache.catalina.authenticator.Constants;
import org.apache.catalina.authenticator.SingleSignOn;
import org.apache.catalina.connector.Request;
import org.jboss.web.tomcat.service.request.ActiveRequestResponseCacheValve;

/* loaded from: input_file:org/jboss/web/tomcat/security/login/WebAuthentication.class */
public class WebAuthentication {
    private static final String AUTH_TYPE = "PROGRAMMATIC_WEB_LOGIN";

    public boolean login(X509Certificate[] x509CertificateArr) {
        Request request = ActiveRequestResponseCacheValve.activeRequest.get();
        if (request == null) {
            throw new IllegalStateException("request is null");
        }
        Principal authenticate = request.getContext().getRealm().authenticate(x509CertificateArr);
        if (authenticate != null) {
            register(request, authenticate, null, null);
        }
        return authenticate != null;
    }

    public boolean login(String str, Object obj) {
        Request request = ActiveRequestResponseCacheValve.activeRequest.get();
        if (request == null) {
            throw new IllegalStateException("request is null");
        }
        Principal principal = null;
        if (obj instanceof String) {
            principal = request.getContext().getRealm().authenticate(str, (String) obj);
        } else if (obj instanceof byte[]) {
            principal = request.getContext().getRealm().authenticate(str, (byte[]) obj);
        }
        if (principal != null) {
            register(request, principal, str, obj);
        }
        return principal != null;
    }

    public void logout() {
        Request request = ActiveRequestResponseCacheValve.activeRequest.get();
        if (request == null) {
            throw new IllegalStateException("request is null");
        }
        unregister(request);
    }

    protected void register(Request request, Principal principal, String str, Object obj) {
        request.setAuthType(AUTH_TYPE);
        request.setUserPrincipal(principal);
        Session sessionInternal = request.getSessionInternal(false);
        if (sessionInternal != null) {
            sessionInternal.setAuthType(AUTH_TYPE);
            sessionInternal.setPrincipal(principal);
            if (str != null) {
                sessionInternal.setNote(Constants.SESS_USERNAME_NOTE, str);
            } else {
                sessionInternal.removeNote(Constants.SESS_USERNAME_NOTE);
            }
            if (obj != null) {
                sessionInternal.setNote(Constants.SESS_PASSWORD_NOTE, getPasswordAsString(obj));
            } else {
                sessionInternal.removeNote(Constants.SESS_PASSWORD_NOTE);
            }
        }
        SingleSignOn singleSignOn = getSingleSignOn(request);
        if (singleSignOn == null) {
            return;
        }
        String str2 = (String) request.getNote(Constants.REQ_SSOID_NOTE);
        if (str2 == null) {
            str2 = generateSessionId();
            Cookie cookie = new Cookie(Constants.SINGLE_SIGN_ON_COOKIE, str2);
            cookie.setMaxAge(-1);
            cookie.setPath("/");
            cookie.setSecure(request.isSecure());
            String cookieDomain = singleSignOn.getCookieDomain();
            if (cookieDomain != null) {
                cookie.setDomain(cookieDomain);
            }
            ActiveRequestResponseCacheValve.activeResponse.get().addCookie(cookie);
            singleSignOn.register(str2, principal, AUTH_TYPE, str, getPasswordAsString(obj));
            request.setNote(Constants.REQ_SSOID_NOTE, str2);
        } else {
            singleSignOn.update(str2, principal, AUTH_TYPE, str, getPasswordAsString(obj));
        }
        if (sessionInternal == null) {
            sessionInternal = request.getSessionInternal(true);
        }
        singleSignOn.associate(str2, sessionInternal);
    }

    protected void unregister(Request request) {
        request.setAuthType(null);
        request.setUserPrincipal(null);
        Session sessionInternal = request.getSessionInternal(false);
        if (sessionInternal != null) {
            sessionInternal.setAuthType(null);
            sessionInternal.setPrincipal(null);
            sessionInternal.removeNote(Constants.SESS_USERNAME_NOTE);
            sessionInternal.removeNote(Constants.SESS_PASSWORD_NOTE);
        }
        SingleSignOn singleSignOn = getSingleSignOn(request);
        if (singleSignOn != null) {
            singleSignOn.deregister((String) request.getNote(Constants.REQ_SSOID_NOTE));
        }
    }

    private String getPasswordAsString(Object obj) {
        String str = null;
        if (obj instanceof String) {
            str = (String) obj;
        } else if (obj instanceof byte[]) {
            str = new String((byte[]) obj);
        }
        return str;
    }

    private String generateSessionId() {
        UUID randomUUID = UUID.randomUUID();
        return (Long.toHexString(randomUUID.getMostSignificantBits()) + Long.toHexString(randomUUID.getLeastSignificantBits())).toUpperCase();
    }

    private SingleSignOn getSingleSignOn(Request request) {
        SingleSignOn singleSignOn = null;
        Container parent = request.getContext().getParent();
        while (singleSignOn == null && parent != null) {
            if (parent instanceof Pipeline) {
                Valve[] valves = ((Pipeline) parent).getValves();
                int i = 0;
                while (true) {
                    if (i >= valves.length) {
                        break;
                    }
                    if (valves[i] instanceof SingleSignOn) {
                        singleSignOn = (SingleSignOn) valves[i];
                        break;
                    }
                    i++;
                }
                if (singleSignOn == null) {
                    parent = parent.getParent();
                }
            } else {
                parent = parent.getParent();
            }
        }
        return singleSignOn;
    }
}
