package com.sun.identity.authentication.modules.nt;

import com.iplanet.am.util.Debug;
import com.iplanet.am.util.Misc;
import com.iplanet.am.util.SystemProperties;
import com.sun.identity.authentication.spi.AMLoginModule;
import com.sun.identity.authentication.spi.AuthLoginException;
import com.sun.identity.authentication.util.ISAuthConstants;
import com.sun.identity.common.Constants;
import java.io.BufferedReader;
import java.io.File;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.security.Principal;
import java.util.Locale;
import java.util.Map;
import java.util.ResourceBundle;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import securecomputing.swec.Eassp2Const;

/* loaded from: input_file:119465-06/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/authentication/modules/nt/NT.class */
public class NT extends AMLoginModule {
    private static boolean hasInitialized;
    private static String baseDir;
    private static Debug debug;
    private static String smbPath;
    private static final String charSet = "ISO8859_1";
    private static final String amAuthNT = "amAuthNT";
    private Map options;
    private Map sharedState;
    private String host;
    private String domain;
    private NTPrincipal userPrincipal;
    private String smbConfFileName;
    private boolean getCredentialsFromSharedState;
    private ResourceBundle bundle = null;
    private String userTokenId = "";
    private String userName = null;

    @Override // com.sun.identity.authentication.spi.AMLoginModule
    public void init(Subject subject, Map map, Map map2) {
        Locale loginLocale = getLoginLocale();
        this.bundle = AMLoginModule.amCache.getResBundle(amAuthNT, loginLocale);
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("NT resbundle locale=").append(loginLocale).toString());
        }
        this.sharedState = map;
        this.options = map2;
        if (map2 != null) {
            this.host = Misc.getServerMapAttr(map2, "iplanet-am-auth-nt-host");
            this.domain = Misc.getServerMapAttr(map2, "iplanet-am-auth-nt-domain");
            this.smbConfFileName = Misc.getServerMapAttr(map2, "iplanet-am-auth-samba-config-file-name");
        }
    }

    @Override // com.sun.identity.authentication.spi.AMLoginModule
    public int process(Callback[] callbackArr, int i) throws AuthLoginException {
        String charToString;
        String[] strArr;
        if (!hasInitialized) {
            throw new AuthLoginException(amAuthNT, "NTSMB", null);
        }
        if (this.host == null || this.host.equals("")) {
            debug.message("NT Host cannot be null ");
            throw new AuthLoginException(amAuthNT, "Hosterror", null);
        }
        if (this.domain == null || this.domain.equals("")) {
            debug.message("NT Domain cannot be null ");
            throw new AuthLoginException(amAuthNT, "Domainerror", null);
        }
        try {
            if (!this.host.equals(new String(this.host.getBytes("ASCII"), "ASCII"))) {
                throw new AuthLoginException(amAuthNT, "NTHostnameNotASCII", null);
            }
            if (!this.domain.equals(new String(this.domain.getBytes("ASCII"), "ASCII"))) {
                throw new AuthLoginException(amAuthNT, "NTDomainnameNotASCII", null);
            }
            if (callbackArr == null || callbackArr.length != 0) {
                this.userName = ((NameCallback) callbackArr[0]).getName();
                charToString = charToString(((PasswordCallback) callbackArr[1]).getPassword(), callbackArr[1]);
                if (this.userName == null || this.userName.equals("")) {
                    debug.message("UserId cannot be null");
                    throw new AuthLoginException(amAuthNT, "UserIderror", null);
                }
                if (charToString == null || charToString.equals("")) {
                    debug.message("Password cannot be null");
                    setFailureID(this.userName);
                    throw new AuthLoginException(amAuthNT, "Passworderror", null);
                }
            } else {
                this.userName = (String) this.sharedState.get(getUserKey());
                charToString = (String) this.sharedState.get(getPwdKey());
                if (this.userName == null || charToString == null) {
                    return 1;
                }
                this.getCredentialsFromSharedState = true;
            }
            storeUsernamePasswd(this.userName, charToString);
            try {
                if (!this.userName.equals(new String(this.userName.getBytes("ASCII"), "ASCII"))) {
                    if (!this.getCredentialsFromSharedState) {
                        throw new AuthLoginException(amAuthNT, "NTUsernameNotASCII", null);
                    }
                    this.getCredentialsFromSharedState = false;
                    return 1;
                }
                if (!charToString.equals(new String(charToString.getBytes("ASCII"), "ASCII"))) {
                    if (this.getCredentialsFromSharedState) {
                        this.getCredentialsFromSharedState = false;
                        return 1;
                    }
                    setFailureID(this.userName);
                    throw new AuthLoginException(amAuthNT, "NTPasswordNotASCII", null);
                }
                if (debug.messageEnabled()) {
                    debug.message(new StringBuffer().append("userName='").append(this.userName).append("' host='").append(this.host).append("'").toString());
                    debug.message(new StringBuffer().append("domain='").append(this.domain).append("'").toString());
                }
                try {
                    Runtime runtime = Runtime.getRuntime();
                    StringBuffer stringBuffer = new StringBuffer(80);
                    if (this.smbConfFileName == null || this.smbConfFileName.length() <= 0) {
                        strArr = new String[7];
                    } else {
                        strArr = new String[9];
                        strArr[7] = "-s";
                        strArr[8] = this.smbConfFileName;
                    }
                    strArr[0] = smbPath;
                    strArr[1] = "-W";
                    strArr[2] = this.domain;
                    strArr[3] = "-L";
                    strArr[4] = this.host;
                    strArr[5] = "-U";
                    strArr[6] = new StringBuffer().append(this.userName).append(ISAuthConstants.PERCENT).append(charToString).toString();
                    Process exec = runtime.exec(strArr);
                    BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(exec.getInputStream(), charSet));
                    while (true) {
                        int read = bufferedReader.read();
                        if (read <= -1) {
                            break;
                        }
                        stringBuffer.append((char) read);
                    }
                    bufferedReader.close();
                    String stringBuffer2 = stringBuffer.toString();
                    if (stringBuffer2.indexOf("Usage:") != -1) {
                        if (this.getCredentialsFromSharedState) {
                            this.getCredentialsFromSharedState = false;
                            return 1;
                        }
                        if (debug.messageEnabled()) {
                            debug.message("smbclient usage error");
                        }
                        setFailureID(this.userName);
                        throw new AuthLoginException(amAuthNT, "NTSMBUsage", null);
                    }
                    if (stringBuffer2.indexOf(Eassp2Const.ATVAL_FAILED) != -1) {
                        if (this.getCredentialsFromSharedState) {
                            this.getCredentialsFromSharedState = false;
                            return 1;
                        }
                        if (debug.messageEnabled()) {
                            debug.message(new StringBuffer().append("NT authentication failed").append(stringBuffer2).toString());
                        }
                        setFailureID(this.userName);
                        throw new AuthLoginException(amAuthNT, "NTLoginFailed", null);
                    }
                    if (stringBuffer2.indexOf("timeout") != -1) {
                        if (this.getCredentialsFromSharedState) {
                            this.getCredentialsFromSharedState = false;
                            return 1;
                        }
                        if (debug.messageEnabled()) {
                            debug.message("smbclient timeout error");
                        }
                        setFailureID(this.userName);
                        throw new AuthLoginException(amAuthNT, "NTSMBTimeout", null);
                    }
                    int waitFor = exec.waitFor();
                    if (debug.messageEnabled()) {
                        debug.message(new StringBuffer().append("Exit value of samba client: ").append(waitFor).toString());
                    }
                    if (waitFor == 0) {
                        this.userTokenId = this.userName;
                        return -1;
                    }
                    if (this.getCredentialsFromSharedState) {
                        this.getCredentialsFromSharedState = false;
                        return 1;
                    }
                    setFailureID(this.userName);
                    throw new AuthLoginException(amAuthNT, "NTAuthFailed", null);
                } catch (Exception e) {
                    if (this.getCredentialsFromSharedState) {
                        this.getCredentialsFromSharedState = false;
                        return 1;
                    }
                    if (debug.messageEnabled()) {
                        debug.message(new StringBuffer().append("NT authentication failed").append(e.getMessage()).toString());
                    }
                    setFailureID(this.userName);
                    throw new AuthLoginException(amAuthNT, "NTAuthFailed", null, e);
                }
            } catch (UnsupportedEncodingException e2) {
                if (!this.getCredentialsFromSharedState) {
                    throw new AuthLoginException(amAuthNT, "NTInputNotASCII", null);
                }
                this.getCredentialsFromSharedState = false;
                return 1;
            }
        } catch (UnsupportedEncodingException e3) {
            throw new AuthLoginException(amAuthNT, "NTInputNotASCII", null);
        }
    }

    private String charToString(char[] cArr, Callback callback) {
        if (cArr == null) {
            cArr = new char[0];
        }
        char[] cArr2 = new char[cArr.length];
        System.arraycopy(cArr, 0, cArr2, 0, cArr.length);
        ((PasswordCallback) callback).clearPassword();
        return new String(cArr2);
    }

    @Override // com.sun.identity.authentication.spi.AMLoginModule
    public Principal getPrincipal() {
        if (this.userPrincipal != null) {
            return this.userPrincipal;
        }
        if (this.userTokenId == null) {
            return null;
        }
        this.userPrincipal = new NTPrincipal(this.userTokenId);
        return this.userPrincipal;
    }

    @Override // com.sun.identity.authentication.spi.AMLoginModule
    public void destroyModuleState() {
        this.userTokenId = null;
        this.userPrincipal = null;
    }

    @Override // com.sun.identity.authentication.spi.AMLoginModule
    public void nullifyUsedVars() {
        this.bundle = null;
        this.options = null;
        this.sharedState = null;
        this.host = null;
        this.domain = null;
        this.userName = null;
        this.smbConfFileName = null;
    }

    static {
        hasInitialized = false;
        debug = null;
        if (debug == null) {
            debug = Debug.getInstance(amAuthNT);
            debug.message("NT constructor called");
        }
        try {
            baseDir = SystemProperties.get(Constants.AM_INSTALL_DIR);
            if (baseDir.equals("")) {
                baseDir = "/opt/SUNWam";
            }
            smbPath = new StringBuffer().append(baseDir).append("/bin/smbclient").toString();
        } catch (Exception e) {
            debug.error(new StringBuffer().append("NT failed to initialize ").append(e.getMessage()).toString());
        }
        if (!new File(smbPath).exists()) {
            debug.error("smbclient file not found");
            hasInitialized = false;
        }
        hasInitialized = true;
    }
}
