package org.kie.server.services.impl.security.adapters;

import java.io.IOException;
import java.security.Principal;
import java.security.acl.Group;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import java.util.ServiceLoader;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginContext;
import javax.security.sasl.RealmCallback;
import org.kie.server.api.KieServerConstants;
import org.kie.server.api.security.SecurityAdapter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BOOT-INF/lib/kie-server-services-common-7.12.0-SNAPSHOT.jar:org/kie/server/services/impl/security/adapters/JMSSecurityAdapter.class */
public class JMSSecurityAdapter implements SecurityAdapter {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) JMSSecurityAdapter.class);
    private static final ServiceLoader<SecurityAdapter> securityAdapters = ServiceLoader.load(SecurityAdapter.class);
    private static List<SecurityAdapter> adapters = new ArrayList();
    private static ThreadLocal<UserDetails> currentUser = new ThreadLocal<>();

    /* loaded from: input_file:BOOT-INF/lib/kie-server-services-common-7.12.0-SNAPSHOT.jar:org/kie/server/services/impl/security/adapters/JMSSecurityAdapter$UserDetails.class */
    private static class UserDetails {
        private String name;
        private List<String> roles;

        private UserDetails() {
        }

        public String getName() {
            return this.name;
        }

        public void setName(String str) {
            this.name = str;
        }

        public List<String> getRoles() {
            return this.roles;
        }

        public void setRoles(List<String> list) {
            this.roles = list;
        }

        public String toString() {
            return "UserDetails{name='" + this.name + "', roles=" + this.roles + '}';
        }
    }

    /* loaded from: input_file:BOOT-INF/lib/kie-server-services-common-7.12.0-SNAPSHOT.jar:org/kie/server/services/impl/security/adapters/JMSSecurityAdapter$UserPassCallbackHandler.class */
    private static class UserPassCallbackHandler implements CallbackHandler {
        private String user;
        private String pass;

        public UserPassCallbackHandler(String str, String str2) {
            this.user = str;
            this.pass = str2;
        }

        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
            for (Callback callback : callbackArr) {
                if (callback instanceof NameCallback) {
                    ((NameCallback) callback).setName(this.user);
                } else if (callback instanceof PasswordCallback) {
                    ((PasswordCallback) callback).setPassword(this.pass.toCharArray());
                } else if (callback instanceof RealmCallback) {
                    RealmCallback realmCallback = (RealmCallback) callback;
                    realmCallback.setText(realmCallback.getDefaultText());
                }
            }
        }
    }

    @Override // org.kie.server.api.security.SecurityAdapter
    public String getUser(Object... objArr) {
        if (currentUser.get() == null) {
            return null;
        }
        logger.debug("Returning name from JMS Adapter - {}", currentUser.get().getName());
        return currentUser.get().getName();
    }

    @Override // org.kie.server.api.security.SecurityAdapter
    public List<String> getRoles(Object... objArr) {
        if (currentUser.get() == null) {
            return Collections.emptyList();
        }
        logger.debug("Returning name from JMS Adapter - {}", currentUser.get().getName());
        return currentUser.get().getRoles();
    }

    public static void login(String str, String str2) {
        if (currentUser.get() != null) {
            logger.debug("Already authenticated with user {}", currentUser.get().getName());
            return;
        }
        logger.debug("About to login as {} with pass {}", str, Integer.valueOf(str2.length()));
        try {
            LoginContext loginContext = new LoginContext(System.getProperty(KieServerConstants.KIE_SERVER_JAAS_DOMAIN, "kie-jms-login-context"), new UserPassCallbackHandler(str, str2));
            loginContext.login();
            Subject subject = loginContext.getSubject();
            logger.debug("Login successfull and subject is {}", subject);
            UserDetails userDetails = new UserDetails();
            userDetails.setName(str);
            ArrayList arrayList = new ArrayList();
            if (subject != null) {
                Set<Principal> principals = subject.getPrincipals();
                if (principals != null) {
                    arrayList = new ArrayList();
                    Iterator<Principal> it = principals.iterator();
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        }
                        Principal next = it.next();
                        if (next instanceof Group) {
                            Enumeration<? extends Principal> members = ((Group) next).members();
                            while (members.hasMoreElements()) {
                                arrayList.add(members.nextElement().getName());
                            }
                        }
                    }
                }
                arrayList.addAll(getRolesFromAdapter(subject));
            }
            userDetails.setRoles(arrayList);
            logger.debug("setting user details as {}", userDetails);
            currentUser.set(userDetails);
        } catch (Exception e) {
            logger.debug("Unable to login via JAAS with message supplied user and password", (Throwable) e);
        }
    }

    public static void logout() {
        currentUser.set(null);
    }

    protected static List<String> getRolesFromAdapter(Subject subject) {
        ArrayList arrayList = new ArrayList();
        Iterator<SecurityAdapter> it = adapters.iterator();
        while (it.hasNext()) {
            List<String> roles = it.next().getRoles(subject);
            if (roles != null && !roles.isEmpty()) {
                arrayList.addAll(roles);
            }
        }
        return arrayList;
    }

    static {
        Iterator<SecurityAdapter> it = securityAdapters.iterator();
        while (it.hasNext()) {
            adapters.add(it.next());
        }
    }
}
