package org.modeshape.graph;

import java.io.IOException;
import java.security.Principal;
import java.security.acl.Group;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.TextOutputCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import net.jcip.annotations.NotThreadSafe;
import org.modeshape.common.util.CheckArg;
import org.modeshape.common.util.Logger;
import org.modeshape.common.util.Reflection;

@NotThreadSafe
/* loaded from: input_file:org/modeshape/graph/JaasSecurityContext.class */
public final class JaasSecurityContext implements SecurityContext {
    private static final Logger LOGGER = Logger.getLogger((Class<?>) JaasSecurityContext.class);
    private final LoginContext loginContext;
    private final String userName;
    private final Set<String> entitlements;
    private boolean loggedIn;

    /* loaded from: input_file:org/modeshape/graph/JaasSecurityContext$UserPasswordCallbackHandler.class */
    public static final class UserPasswordCallbackHandler implements CallbackHandler {
        private static final boolean LOG_TO_CONSOLE = false;
        private final String userId;
        private final char[] password;

        public UserPasswordCallbackHandler(String str, char[] cArr) {
            this.userId = str;
            this.password = (char[]) cArr.clone();
        }

        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) throws UnsupportedCallbackException, IOException {
            boolean z = false;
            boolean z2 = false;
            for (int i = 0; i < callbackArr.length; i++) {
                if (callbackArr[i] instanceof TextOutputCallback) {
                    TextOutputCallback textOutputCallback = (TextOutputCallback) callbackArr[i];
                    switch (textOutputCallback.getMessageType()) {
                        case 0:
                            System.out.println(textOutputCallback.getMessage());
                            break;
                        case 1:
                            System.out.println("WARNING: " + textOutputCallback.getMessage());
                            break;
                        case 2:
                            System.out.println("ERROR: " + textOutputCallback.getMessage());
                            break;
                        default:
                            throw new IOException("Unsupported message type: " + textOutputCallback.getMessageType());
                    }
                } else if (callbackArr[i] instanceof NameCallback) {
                    ((NameCallback) callbackArr[i]).setName(this.userId);
                    z = true;
                } else if (callbackArr[i] instanceof PasswordCallback) {
                    ((PasswordCallback) callbackArr[i]).setPassword(this.password);
                    z2 = true;
                } else if (!z) {
                    try {
                        new Reflection(callbackArr[i].getClass()).invokeSetterMethodOnTarget("object", callbackArr[i], this.userId);
                        z = true;
                    } catch (Exception e) {
                        throw new UnsupportedCallbackException(callbackArr[i], "Unrecognized Callback: " + callbackArr[i].getClass().getName());
                    }
                } else if (!z2) {
                    new Reflection(callbackArr[i].getClass()).invokeSetterMethodOnTarget("object", callbackArr[i], new String(this.password));
                    z2 = true;
                }
            }
        }
    }

    public JaasSecurityContext(String str) throws LoginException {
        this(new LoginContext(str));
    }

    public JaasSecurityContext(String str, Subject subject) throws LoginException {
        this(new LoginContext(str, subject));
    }

    public JaasSecurityContext(String str, String str2, char[] cArr) throws LoginException {
        this(new LoginContext(str, new UserPasswordCallbackHandler(str2, cArr)));
    }

    public JaasSecurityContext(String str, CallbackHandler callbackHandler) throws LoginException {
        this(new LoginContext(str, callbackHandler));
    }

    public JaasSecurityContext(LoginContext loginContext) throws LoginException {
        CheckArg.isNotNull(loginContext, "loginContext");
        this.entitlements = new HashSet();
        this.loginContext = loginContext;
        if (this.loginContext.getSubject() == null) {
            this.loginContext.login();
        }
        this.userName = initialize(loginContext.getSubject());
        this.loggedIn = true;
    }

    public JaasSecurityContext(Subject subject) {
        CheckArg.isNotNull(subject, "subject");
        this.loginContext = null;
        this.entitlements = new HashSet();
        this.userName = initialize(subject);
        this.loggedIn = true;
    }

    private String initialize(Subject subject) {
        String str = null;
        if (subject != null) {
            for (Principal principal : subject.getPrincipals()) {
                if (principal instanceof Group) {
                    Enumeration<? extends Principal> members = ((Group) principal).members();
                    while (members.hasMoreElements()) {
                        this.entitlements.add(members.nextElement().getName());
                    }
                } else {
                    str = principal.getName();
                    LOGGER.debug("Adding principal user name: " + str, new Object[0]);
                }
            }
        }
        return str;
    }

    @Override // org.modeshape.graph.SecurityContext
    public String getUserName() {
        if (this.loggedIn) {
            return this.userName;
        }
        return null;
    }

    @Override // org.modeshape.graph.SecurityContext
    public boolean hasRole(String str) {
        if (this.loggedIn) {
            return this.entitlements.contains(str);
        }
        return false;
    }

    @Override // org.modeshape.graph.SecurityContext
    public void logout() {
        try {
            this.loggedIn = false;
            if (this.loginContext != null) {
                this.loginContext.logout();
            }
        } catch (LoginException e) {
            LOGGER.info(e, null, new Object[0]);
        }
    }
}
