package net.sf.jguard.ext.authentication.loginmodules;

import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import net.sf.jguard.ext.SecurityConstants;
import net.sf.jguard.ext.authentication.callbacks.CertificatesCallback;
import net.sf.jguard.ext.util.CryptUtils;

/* loaded from: input_file:WEB-INF/lib/jguard-ext-1.0.3.jar:net/sf/jguard/ext/authentication/loginmodules/UserLoginModule.class */
public abstract class UserLoginModule implements LoginModule {
    protected Subject subject;
    protected CallbackHandler callbackHandler;
    protected Map sharedState;
    protected Map options;
    private static final Logger logger;
    protected boolean skipPasswordCheck;
    static Class class$net$sf$jguard$ext$authentication$loginmodules$UserLoginModule;
    protected boolean debug = false;
    protected String login = null;
    protected char[] password = null;
    private boolean grabCredentialOK = false;
    protected boolean loginOK = true;

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        this.subject = subject;
        this.callbackHandler = callbackHandler;
        this.sharedState = map;
        this.options = map2;
        this.debug = Boolean.valueOf((String) this.options.get("debug")).booleanValue();
    }

    private void grabCredentials() throws LoginException {
        if (this.callbackHandler == null) {
            throw new LoginException("there is no CallbackHandler to authenticate the user");
        }
        NameCallback[] nameCallbackArr = {new NameCallback("login"), new PasswordCallback("password", false), new CertificatesCallback()};
        try {
            this.callbackHandler.handle(nameCallbackArr);
            this.login = nameCallbackArr[0].getName();
            if (this.login == null || this.login.equals("")) {
                this.login = SecurityConstants.GUEST;
            }
            this.password = ((PasswordCallback) nameCallbackArr[1]).getPassword();
            if (this.password == null || this.password.equals("")) {
                this.password = SecurityConstants.GUEST.toCharArray();
            }
            this.password = CryptUtils.cryptPassword(this.password);
            ((PasswordCallback) nameCallbackArr[1]).clearPassword();
            if (this.debug && logger.isLoggable(Level.FINEST)) {
                logger.finest(new StringBuffer().append("login() - usernameFromForm=").append(this.login).toString());
                logger.finest(new StringBuffer().append("login() - passwordFromForm=").append(new String(this.password)).toString());
            }
            X509Certificate[] certificates = ((CertificatesCallback) nameCallbackArr[2]).getCertificates();
            if (certificates != null) {
                this.login = certificates[0].getSubjectX500Principal().getName();
                if (this.debug) {
                    logger.finest(new StringBuffer().append(" login used in the certificate =").append(this.login).toString());
                }
            }
        } catch (IOException e) {
            throw new LoginException(e.toString());
        } catch (NoSuchAlgorithmException e2) {
            throw new LoginException(new StringBuffer().append("Error encoding password (").append(e2.getMessage()).append(")").toString());
        } catch (UnsupportedCallbackException e3) {
            throw new LoginException(new StringBuffer().append("Callback error : ").append(e3.getCallback().toString()).append(" not available to authenticate the user").toString());
        }
    }

    public boolean logout() throws LoginException {
        if (this.subject == null) {
            return true;
        }
        this.subject.getPrincipals().clear();
        this.subject.getPrivateCredentials().clear();
        this.subject.getPublicCredentials().clear();
        return true;
    }

    public boolean abort() throws LoginException {
        if (this.subject == null) {
            return true;
        }
        this.subject.getPrincipals().clear();
        this.subject.getPrivateCredentials().clear();
        this.subject.getPublicCredentials().clear();
        return true;
    }

    public boolean login() throws LoginException {
        this.skipPasswordCheck = Boolean.valueOf((String) this.sharedState.get(SecurityConstants.SKIP_PASSWORD_CHECK)).booleanValue();
        this.login = getLogin();
        this.password = getPassword().toCharArray();
        return true;
    }

    public String getLogin() throws LoginException {
        if (!this.grabCredentialOK) {
            grabCredentials();
            this.grabCredentialOK = true;
        }
        return this.login;
    }

    public String getPassword() throws LoginException {
        if (!this.grabCredentialOK) {
            grabCredentials();
            this.grabCredentialOK = true;
        }
        return new String(this.password);
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$net$sf$jguard$ext$authentication$loginmodules$UserLoginModule == null) {
            cls = class$("net.sf.jguard.ext.authentication.loginmodules.UserLoginModule");
            class$net$sf$jguard$ext$authentication$loginmodules$UserLoginModule = cls;
        } else {
            cls = class$net$sf$jguard$ext$authentication$loginmodules$UserLoginModule;
        }
        logger = Logger.getLogger(cls.getName());
    }
}
