package org.picketbox.datasource.security;

import java.security.AccessController;
import java.security.Principal;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.acl.Group;
import java.util.Map;
import javax.management.MBeanServer;
import javax.management.ObjectName;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginException;
import org.jboss.logging.Logger;
import org.jboss.security.SimplePrincipal;
import org.jboss.security.auth.callback.RFC2617Digest;

@Deprecated
/* loaded from: input_file:org/picketbox/datasource/security/JaasSecurityDomainIdentityLoginModule.class */
public class JaasSecurityDomainIdentityLoginModule extends AbstractPasswordCredentialLoginModule {
    private static final Logger log = Logger.getLogger(JaasSecurityDomainIdentityLoginModule.class);
    private boolean trace = log.isTraceEnabled();
    private String username;
    private String password;
    private ObjectName jaasSecurityDomain;

    /* loaded from: input_file:org/picketbox/datasource/security/JaasSecurityDomainIdentityLoginModule$DecodeAction.class */
    private static class DecodeAction implements PrivilegedExceptionAction {
        String password;
        ObjectName jaasSecurityDomain;
        MBeanServer server;

        DecodeAction(String str, ObjectName objectName, MBeanServer mBeanServer) {
            this.password = str;
            this.jaasSecurityDomain = objectName;
            this.server = mBeanServer;
        }

        @Override // java.security.PrivilegedExceptionAction
        public Object run() throws Exception {
            return new String((byte[]) this.server.invoke(this.jaasSecurityDomain, "decode64", new Object[]{this.password}, new String[]{String.class.getName()}), "UTF-8").toCharArray();
        }

        static char[] decode(String str, ObjectName objectName, MBeanServer mBeanServer) throws Exception {
            try {
                return (char[]) AccessController.doPrivileged(new DecodeAction(str, objectName, mBeanServer));
            } catch (PrivilegedActionException e) {
                throw e.getException();
            }
        }
    }

    @Override // org.jboss.security.auth.spi.AbstractServerLoginModule
    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        super.initialize(subject, callbackHandler, map, map2);
        this.username = (String) map2.get(RFC2617Digest.USERNAME);
        if (this.username == null) {
            this.username = (String) map2.get("userName");
            if (this.username == null) {
                throw new IllegalArgumentException("PB00015: Null Value:The user name is a required option");
            }
        }
        this.password = (String) map2.get("password");
        if (this.password == null) {
            throw new IllegalArgumentException("PB00015: Null Value:The password is a required option");
        }
        String str = (String) map2.get("jaasSecurityDomain");
        if (str == null) {
            throw new IllegalArgumentException("PB00015: Null Value:The jaasSecurityDomain is a required option");
        }
        try {
            this.jaasSecurityDomain = new ObjectName(str);
        } catch (Exception e) {
            throw new IllegalArgumentException("PB00019: Processing Failed:Invalid jaasSecurityDomain: " + e.getMessage());
        }
    }

    @Override // org.jboss.security.auth.spi.AbstractServerLoginModule
    public boolean login() throws LoginException {
        if (this.trace) {
            log.trace("login called");
        }
        if (super.login()) {
            return true;
        }
        this.loginOk = true;
        return true;
    }

    @Override // org.jboss.security.auth.spi.AbstractServerLoginModule
    public boolean commit() throws LoginException {
        SubjectActions.addPrincipals(this.subject, new SimplePrincipal(this.username));
        this.sharedState.put("javax.security.auth.login.name", this.username);
        return true;
    }

    @Override // org.jboss.security.auth.spi.AbstractServerLoginModule
    public boolean abort() {
        this.username = null;
        this.password = null;
        return true;
    }

    @Override // org.jboss.security.auth.spi.AbstractServerLoginModule
    protected Principal getIdentity() {
        if (this.trace) {
            log.trace("getIdentity called, username=" + this.username);
        }
        return new SimplePrincipal(this.username);
    }

    @Override // org.jboss.security.auth.spi.AbstractServerLoginModule
    protected Group[] getRoleSets() throws LoginException {
        return new Group[0];
    }
}
