package org.jboss.gravia.container.tomcat.extension;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import org.apache.catalina.Role;
import org.apache.catalina.User;
import org.apache.catalina.UserDatabase;
import org.apache.catalina.users.MemoryUserDatabase;

/* loaded from: input_file:WEB-INF/lib/gravia-container-tomcat-extension-1.1.3.jar:org/jboss/gravia/container/tomcat/extension/UserDatabaseLoginModule.class */
public class UserDatabaseLoginModule implements LoginModule {
    private UserDatabase userDatabase;
    private CallbackHandler callbackHandler;
    private UserPrincipal userPrincipal;
    private RolePrincipal rolePrincipal;
    private Subject subject;
    private String login;
    private List<String> userGroups;

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> map, Map<String, ?> map2) {
        this.callbackHandler = callbackHandler;
        this.subject = subject;
        try {
            this.userDatabase = new MemoryUserDatabase();
            this.userDatabase.open();
        } catch (Exception e) {
            throw new IllegalStateException("Cannot open user database", e);
        }
    }

    public boolean login() throws LoginException {
        NameCallback[] nameCallbackArr = {new NameCallback("login"), new PasswordCallback("password", true)};
        this.userGroups = new ArrayList();
        try {
            this.callbackHandler.handle(nameCallbackArr);
            String name = nameCallbackArr[0].getName();
            String valueOf = String.valueOf(((PasswordCallback) nameCallbackArr[1]).getPassword());
            User findUser = this.userDatabase.findUser(name);
            if (findUser == null || !findUser.getPassword().equals(valueOf)) {
                throw new LoginException("Authentication failed");
            }
            this.login = name;
            Iterator roles = findUser.getRoles();
            while (roles.hasNext()) {
                this.userGroups.add(((Role) roles.next()).getName());
            }
            return true;
        } catch (IOException e) {
            throw new LoginException(e.getMessage());
        } catch (UnsupportedCallbackException e2) {
            throw new LoginException(e2.getMessage());
        }
    }

    public boolean commit() throws LoginException {
        if (this.login == null || this.userGroups.isEmpty()) {
            return false;
        }
        this.userPrincipal = new UserPrincipal(this.login);
        this.subject.getPrincipals().add(this.userPrincipal);
        Iterator<String> it = this.userGroups.iterator();
        while (it.hasNext()) {
            this.rolePrincipal = new RolePrincipal(it.next());
            this.subject.getPrincipals().add(this.rolePrincipal);
        }
        return true;
    }

    public boolean abort() throws LoginException {
        this.login = null;
        this.userPrincipal = null;
        this.rolePrincipal = null;
        return true;
    }

    public boolean logout() throws LoginException {
        this.subject.getPrincipals().remove(this.userPrincipal);
        this.subject.getPrincipals().remove(this.rolePrincipal);
        return true;
    }
}
