package org.exoplatform.web.login;

import java.lang.reflect.Method;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.login.LoginException;
import javax.servlet.http.HttpServletRequest;
import org.exoplatform.services.log.ExoLogger;
import org.exoplatform.services.log.Log;
import org.exoplatform.services.organization.OrganizationService;
import org.exoplatform.services.organization.UserStatus;
import org.exoplatform.services.organization.impl.UserImpl;
import org.exoplatform.services.security.jaas.AbstractLoginModule;

/* loaded from: input_file:org/exoplatform/web/login/FilterDisabledLoginModule.class */
public class FilterDisabledLoginModule extends AbstractLoginModule {
    private static final Log log = ExoLogger.getLogger(FilterDisabledLoginModule.class);
    private static Method getContextMethod;
    public static final String DISABLED_USER_NAME = "_disabledUserName";

    public boolean login() throws LoginException {
        log.debug("In login of FilterDisabledLoginModule.");
        try {
            NameCallback[] nameCallbackArr = {new NameCallback("Username")};
            this.callbackHandler.handle(nameCallbackArr);
            String name = nameCallbackArr[0].getName();
            if (name == null) {
                log.debug("No username has been committed. FilterDisabledLoginModule will be ignored.");
                return true;
            }
            UserImpl findUserByName = ((OrganizationService) getContainer().getComponentInstanceOfType(OrganizationService.class)).getUserHandler().findUserByName(name, UserStatus.ANY);
            if (findUserByName == null) {
                log.debug("user {0} doesn't exists. FilterDisabledLoginModule will be ignored.", new Object[]{name});
            } else if ((findUserByName instanceof UserImpl) && !findUserByName.isEnabled()) {
                HttpServletRequest currentHttpServletRequest = getCurrentHttpServletRequest();
                if (currentHttpServletRequest != null) {
                    currentHttpServletRequest.setAttribute(DISABLED_USER_NAME, name);
                }
                throw new LoginException("Can't authenticate. user " + name + " is disabled");
            }
            return true;
        } catch (Exception e) {
            log.warn(e.getMessage());
            throw new LoginException(e.getMessage());
        }
    }

    protected HttpServletRequest getCurrentHttpServletRequest() {
        HttpServletRequest httpServletRequest = null;
        if (getContextMethod != null) {
            try {
                httpServletRequest = (HttpServletRequest) getContextMethod.invoke(null, "javax.servlet.http.HttpServletRequest");
            } catch (Throwable th) {
                log.error("LoginModule error. Turn off session credentials checking with proper configuration option of LoginModule set to false");
                log.error(this, th);
            }
        } else {
            try {
                httpServletRequest = (HttpServletRequest) Thread.currentThread().getContextClassLoader().loadClass("org.gatein.sso.agent.tomcat.ServletAccess").getDeclaredMethod("getRequest", new Class[0]).invoke(null, new Object[0]);
            } catch (Exception e) {
                log.error("Unexpected exception when trying to obtain HttpServletRequest from ServletAccess thread-local", e);
            }
        }
        log.trace("Returning HttpServletRequest {0}", new Object[]{httpServletRequest});
        return httpServletRequest;
    }

    public boolean commit() throws LoginException {
        return true;
    }

    public boolean abort() throws LoginException {
        return true;
    }

    public boolean logout() throws LoginException {
        return true;
    }

    protected Log getLogger() {
        return log;
    }

    static {
        try {
            getContextMethod = Thread.currentThread().getContextClassLoader().loadClass("javax.security.jacc.PolicyContext").getDeclaredMethod("getContext", String.class);
        } catch (ClassNotFoundException e) {
            log.debug("JACC not found ignoring it", e);
        } catch (Exception e2) {
            log.error("Could not obtain JACC get context method", e2);
        }
    }
}
