package com.sun.emp.security.runtime;

import com.sun.emp.security.RBACSecurityException;
import com.sun.emp.security.utilities.NestedException;
import com.sun.emp.security.utilities.SecurityConfiguration;
import com.sun.emp.security.utilities.SecurityLog;
import java.io.IOException;
import java.util.Collection;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.AccountExpiredException;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;

/* loaded from: input_file:117624-02/MSF1.0.1p2/lib/secrt.jar:com/sun/emp/security/runtime/MSFLoginModule.class */
public class MSFLoginModule implements LoginModule {
    private static String principalName = "ANONYMOUS";
    private static Object hostPrincipal;
    private Subject subject;
    private CallbackHandler callbackHandler;
    private Map sharedState;
    private Map options;
    private String username;
    private String password;
    private Principal userPrincipal;
    static Class class$java$lang$String;
    private boolean debug = false;
    private boolean succeeded = false;
    private boolean userNameEntered = false;
    private boolean commitSucceeded = false;
    private SecurityObjectManager _som = SecurityObjectManager.getHandle();

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        this.subject = subject;
        this.callbackHandler = callbackHandler;
        this.sharedState = map;
        this.options = map2;
        this.debug = "true".equalsIgnoreCase((String) map2.get("debug"));
    }

    public boolean login() throws LoginException {
        if (SecurityLog.trc.isLogging) {
            SecurityLog.trc.entry(5L, (Object) this, "login");
        }
        if (this.callbackHandler == null) {
            if (SecurityLog.trc.isLogging) {
                SecurityLog.trc.exception(7L, this, "login", new NestedException("LoginException: no CallbackHandler available"));
            }
            throw new LoginException("Error: no CallbackHandler available to garner authentication information from the user");
        }
        NameCallback[] nameCallbackArr = {new NameCallback("MSF Login username: "), new PasswordCallback("MSF Login password: ", false)};
        this.username = null;
        this.password = null;
        try {
            this.callbackHandler.handle(nameCallbackArr);
            this.username = nameCallbackArr[0].getName();
            char[] password = ((PasswordCallback) nameCallbackArr[1]).getPassword();
            if (password != null) {
                this.password = new String(password);
            } else {
                this.password = null;
            }
            if (this.debug && SecurityLog.trc.isLogging) {
                SecurityLog.trc.text(10L, this, "login", new StringBuffer().append("user entered username: ").append(this.username).append(", password length: ").append(String.valueOf(this.password == null ? 0 : this.password.length())).toString());
            }
            if (this.username.equals("")) {
                if (SecurityLog.trc.isLogging) {
                    SecurityLog.trc.text(10L, this, "login", new StringBuffer().append("Trying sharedState: ").append(this.sharedState).toString());
                }
                if (this.sharedState != null) {
                    Collection values = this.sharedState.values();
                    if (values != null) {
                        Iterator it = values.iterator();
                        while (it.hasNext()) {
                            if (SecurityLog.trc.isLogging) {
                                SecurityLog.trc.text(10L, this, "login", new StringBuffer().append("sharedState: ").append(it.next()).toString());
                            }
                        }
                    } else if (SecurityLog.trc.isLogging) {
                        SecurityLog.trc.text(10L, this, "login", "Nothing in sharedState to use");
                    }
                }
                if (!SecurityLog.trc.isLogging) {
                    return false;
                }
                SecurityLog.trc.exit(6L, (Object) this, "login", false);
                return false;
            }
            this.userNameEntered = true;
            try {
                this.userPrincipal = (Principal) this._som.get("Principal", this.username);
                if (this.userPrincipal.validatePassword(this.password)) {
                    this.succeeded = true;
                    if (!SecurityLog.trc.isLogging) {
                        return true;
                    }
                    SecurityLog.trc.exit(6L, (Object) this, "login", new StringBuffer().append("Principal ").append(this.userPrincipal.getName()).append(" is validated!").toString());
                    return true;
                }
                this.succeeded = false;
                this.username = null;
                this.password = null;
                if (SecurityLog.trc.isLogging) {
                    SecurityLog.trc.exception(7L, this, "login", new NestedException("FailedLoginException: Password Incorrect"));
                }
                throw new FailedLoginException("Password Incorrect");
            } catch (PasswordExpiredException e) {
                this.succeeded = false;
                this.username = null;
                this.password = null;
                if (SecurityLog.trc.isLogging) {
                    SecurityLog.trc.exception(7L, this, "login", e);
                }
                throw new AccountExpiredException("Password Expired");
            } catch (PrincipalNotFoundException e2) {
                this.succeeded = false;
                this.username = null;
                this.password = null;
                if (SecurityLog.trc.isLogging) {
                    SecurityLog.trc.exception(7L, this, "login", e2);
                }
                throw new FailedLoginException("Principal was not found in Directory");
            } catch (PrincipalSuspendedException e3) {
                this.succeeded = false;
                this.username = null;
                this.password = null;
                if (SecurityLog.trc.isLogging) {
                    SecurityLog.trc.exception(7L, this, "login", e3);
                }
                throw new FailedLoginException("Password Suspended");
            } catch (FailedLoginException e4) {
                throw e4;
            } catch (RBACSecurityException e5) {
                String str = this.username;
                this.succeeded = false;
                this.username = null;
                this.password = null;
                if (SecurityLog.trc.isLogging) {
                    SecurityLog.trc.exception(7L, this, "login", e5);
                }
                throw new FailedLoginException(new StringBuffer().append("Principal ").append(str).append(" could not be Validated: ").append(e5).toString());
            } catch (Exception e6) {
                this.succeeded = false;
                this.username = null;
                this.password = null;
                if (SecurityLog.trc.isLogging) {
                    SecurityLog.trc.exception(7L, this, "login", e6);
                }
                throw new LoginException(new StringBuffer().append("Unexpected Exception ").append(e6.toString()).toString());
            }
        } catch (IOException e7) {
            if (SecurityLog.trc.isLogging) {
                SecurityLog.trc.exception(7L, this, "login", new NestedException(new StringBuffer().append("LoginException: IOException ").append(e7.toString()).toString()));
            }
            throw new LoginException(e7.toString());
        } catch (UnsupportedCallbackException e8) {
            if (SecurityLog.trc.isLogging) {
                SecurityLog.trc.exception(7L, this, "login", new NestedException(new StringBuffer().append("LoginException: UnsupportedCallbackException ").append(e8.getCallback().toString()).toString()));
            }
            throw new LoginException(new StringBuffer().append("Error: ").append(e8.getCallback().toString()).append(" not available to garner authentication information ").append("from the user").toString());
        } catch (Exception e9) {
            if (SecurityLog.trc.isLogging) {
                SecurityLog.trc.exception(7L, this, "login", e9);
            }
            throw new LoginException(new StringBuffer().append("Unexpected Exception ").append(e9.toString()).toString());
        }
    }

    public boolean commit() throws LoginException {
        if (SecurityLog.trc.isLogging) {
            SecurityLog.trc.entry(5L, (Object) this, "commit", new StringBuffer().append("authenticated: ").append(this.succeeded).append(": ").append(this.username).toString());
        }
        if (!this.succeeded) {
            Set<java.security.Principal> principals = this.subject.getPrincipals();
            if (this.userNameEntered) {
                if (SecurityLog.trc.isLogging) {
                    SecurityLog.trc.exit(6L, (Object) this, "commit", false);
                }
                throw new FailedLoginException(new StringBuffer().append("Principal ").append(this.username).append(" could not be validated").toString());
            }
            if (principals == null) {
                if (SecurityLog.trc.isLogging) {
                    SecurityLog.trc.exit(6L, (Object) this, "commit", false);
                }
                throw new FailedLoginException("No Principal name to validate");
            }
            for (java.security.Principal principal : principals) {
                if (SecurityLog.trc.isLogging) {
                    SecurityLog.trc.text(10L, this, "commit", new StringBuffer().append("Principal ").append(principal.toString()).append(" present in Subject").toString());
                }
                if (principal.getClass().equals(hostPrincipal.getClass())) {
                    this.username = principal.getName();
                    try {
                        this.userPrincipal = (Principal) this._som.get("Principal", this.username);
                        this.succeeded = true;
                        if (SecurityLog.trc.isLogging) {
                            SecurityLog.trc.exit(6L, (Object) this, "commit", new StringBuffer().append("Principal ").append(this.userPrincipal.getName()).append(" is validated!").toString());
                        }
                    } catch (PasswordExpiredException e) {
                        this.succeeded = false;
                        this.username = null;
                        this.password = null;
                        if (SecurityLog.trc.isLogging) {
                            SecurityLog.trc.exception(7L, this, "commit", e);
                        }
                        throw new AccountExpiredException("Password Expired");
                    } catch (PrincipalNotFoundException e2) {
                        this.succeeded = false;
                        this.username = null;
                        this.password = null;
                        if (SecurityLog.trc.isLogging) {
                            SecurityLog.trc.exception(7L, this, "commit", e2);
                        }
                        throw new FailedLoginException("Principal was not found in Directory");
                    } catch (PrincipalSuspendedException e3) {
                        this.succeeded = false;
                        this.username = null;
                        this.password = null;
                        if (SecurityLog.trc.isLogging) {
                            SecurityLog.trc.exception(7L, this, "commit", e3);
                        }
                        throw new FailedLoginException("Password Suspended");
                    } catch (RBACSecurityException e4) {
                        String str = this.username;
                        this.succeeded = false;
                        this.username = null;
                        this.password = null;
                        if (SecurityLog.trc.isLogging) {
                            SecurityLog.trc.exception(7L, this, "commit", e4);
                        }
                        throw new FailedLoginException(new StringBuffer().append("Principal ").append(str).append(" could not be Validated: ").append(e4).toString());
                    }
                }
            }
        }
        if (!this.succeeded) {
            throw new FailedLoginException(new StringBuffer().append("Principal ").append(this.username).append(" could not be Validated: ").toString());
        }
        if (!this.subject.getPrincipals().contains(this.userPrincipal)) {
            this.subject.getPrincipals().add(this.userPrincipal);
            if (SecurityLog.trc.isLogging) {
                SecurityLog.trc.text(10L, this, "commit", new StringBuffer().append("added Principal ").append(this.userPrincipal.getName()).append(" to Subject").toString());
            }
        } else if (SecurityLog.trc.isLogging) {
            SecurityLog.trc.text(10L, this, "commit", new StringBuffer().append("Principal ").append(this.userPrincipal.getName()).append(" already present in Subject?!").toString());
        }
        this.username = null;
        this.password = null;
        this.commitSucceeded = true;
        if (!SecurityLog.trc.isLogging) {
            return true;
        }
        SecurityLog.trc.exit(6L, (Object) this, "commit", true);
        return true;
    }

    public boolean abort() throws LoginException {
        if (SecurityLog.trc.isLogging) {
            SecurityLog.trc.entry(5L, (Object) this, "abort", this.username);
        }
        if (!this.succeeded) {
            return false;
        }
        if (!this.succeeded || this.commitSucceeded) {
            logout();
        } else {
            this.succeeded = false;
            this.username = null;
            if (this.password != null) {
                this.password = null;
            }
            this.userPrincipal = null;
        }
        if (!SecurityLog.trc.isLogging) {
            return true;
        }
        SecurityLog.trc.exit(6L, (Object) this, "abort");
        return true;
    }

    public boolean logout() throws LoginException {
        if (SecurityLog.trc.isLogging) {
            SecurityLog.trc.entry(5L, (Object) this, "logout", this.username);
        }
        this.subject.getPrincipals().remove(this.userPrincipal);
        this.succeeded = false;
        this.succeeded = this.commitSucceeded;
        this.username = null;
        if (this.password != null) {
            this.password = null;
        }
        if (SecurityLog.msg.isLogging) {
            SecurityLog.msg.message(2L, this, "logout", "SecSvc_014", this.userPrincipal.getName());
        }
        this.userPrincipal = null;
        if (!SecurityLog.trc.isLogging) {
            return true;
        }
        SecurityLog.trc.exit(6L, (Object) this, "logout");
        return true;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class<?> cls;
        if (SecurityLog.trc.isLogging) {
            SecurityLog.trc.entry(5L, (Object) "com.sun.emp.security.runtime", "static initializer");
        }
        try {
            Class<?> cls2 = Class.forName(SecurityConfiguration.load().getProperty("com.sun.emp.security.hostPrincipal"));
            Class<?>[] clsArr = new Class[1];
            if (class$java$lang$String == null) {
                cls = class$("java.lang.String");
                class$java$lang$String = cls;
            } else {
                cls = class$java$lang$String;
            }
            clsArr[0] = cls;
            hostPrincipal = cls2.getConstructor(clsArr).newInstance("");
        } catch (Exception e) {
            if (SecurityLog.trc.isLogging) {
                SecurityLog.trc.exception(7L, "com.sun.emp.security.runtime.MSFLoginModule", "static initializer", e);
            }
            hostPrincipal = new Object();
        }
        if (SecurityLog.trc.isLogging) {
            SecurityLog.trc.exit(6L, (Object) "com.sun.emp.security.runtime.MSFLoginModule", "static initializer", hostPrincipal.toString());
        }
    }
}
