package com.sun.identity.authentication.modules.anonymous;

import com.iplanet.am.util.Debug;
import com.iplanet.am.util.Misc;
import com.sun.identity.authentication.spi.AMLoginModule;
import com.sun.identity.authentication.spi.AuthLoginException;
import com.sun.identity.authentication.spi.PagePropertiesCallback;
import java.io.IOException;
import java.security.Principal;
import java.util.Locale;
import java.util.Map;
import java.util.ResourceBundle;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.UnsupportedCallbackException;

/* loaded from: input_file:120955-03/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/authentication/modules/anonymous/Anonymous.class */
public class Anonymous extends AMLoginModule {
    private static Debug debug = null;
    private static final int DEFAULT_ANONYMOUS_AUTH_LEVEL = 0;
    private static final String amAuthAnonymous = "amAuthAnonymous";
    private Map sharedState;
    private String userTokenId;
    private String defaultAnonUser;
    private Set validAnonUsernames;
    private int authLevel;
    private AnonymousAuthPrincipal userPrincipal;
    private CallbackHandler callbackHandler;
    private static final String sccsID = "$Id: Anonymous.java,v 1.39 2005/06/24 16:57:05 vs125812 Exp $ Sun Microsystems, Inc.";
    private ResourceBundle bundle = null;
    private String errorMsg = null;
    private String usernameParam = null;
    private boolean succeeded = false;
    private boolean commitSucceeded = false;
    private boolean isCaseSensitive = false;
    boolean useSharedstate = false;

    @Override // com.sun.identity.authentication.spi.AMLoginModule
    public void init(Subject subject, Map map, Map map2) {
        if (debug == null) {
            debug = Debug.getInstance(amAuthAnonymous);
        }
        this.sharedState = map;
        Locale loginLocale = getLoginLocale();
        this.bundle = AMLoginModule.amCache.getResBundle(amAuthAnonymous, loginLocale);
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("Anonymous resbundle locale=").append(loginLocale).toString());
        }
        try {
            this.validAnonUsernames = (Set) map2.get("iplanet-am-auth-anonymous-users-list");
            if (this.validAnonUsernames == null) {
                debug.error("No Anonymous Service Template Created");
                this.errorMsg = "AnonValidateEx";
            }
            this.defaultAnonUser = Misc.getMapAttr(map2, "iplanet-am-auth-anonymous-default-user-name");
            String mapAttr = Misc.getMapAttr(map2, "iplanet-am-auth-anonymous-auth-level");
            if (mapAttr == null || mapAttr.equals("")) {
                this.authLevel = 0;
            } else {
                try {
                    this.authLevel = Integer.parseInt(mapAttr);
                } catch (Exception e) {
                    debug.error(new StringBuffer().append("Invalid auth level ").append(mapAttr).toString());
                    this.authLevel = 0;
                }
            }
            this.callbackHandler = getCallbackHandler();
            this.isCaseSensitive = Boolean.valueOf(Misc.getMapAttr(map2, "iplanet-am-auth-anonymous-case-sensitive", "false")).booleanValue();
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("isCaseSensitive: ").append(this.isCaseSensitive).toString());
            }
        } catch (Exception e2) {
            if (debug.messageEnabled()) {
                debug.message("possible exception is ", e2);
            }
            debug.error("Failed getting anonymous attributes for organization ");
            this.errorMsg = "AnonValidateEx";
        }
    }

    @Override // com.sun.identity.authentication.spi.AMLoginModule
    public int process(Callback[] callbackArr, int i) throws AuthLoginException {
        if (this.errorMsg != null) {
            throw new AuthLoginException(amAuthAnonymous, this.errorMsg, null);
        }
        this.useSharedstate = isSharedStateEnabled();
        try {
            if (this.useSharedstate) {
                this.usernameParam = (String) this.sharedState.get(getUserKey());
                if (processAnonUser(this.usernameParam)) {
                    setAuthLevel(this.authLevel);
                    return -1;
                }
            }
            if (this.validAnonUsernames == null || this.validAnonUsernames.isEmpty()) {
                this.usernameParam = this.defaultAnonUser;
            } else {
                this.usernameParam = sendCallback();
            }
            storeUsernamePasswd(this.usernameParam, null);
            processAnonUser(this.usernameParam);
            setAuthLevel(this.authLevel);
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("Set auth level: ").append(this.authLevel).append("\nAnonymous userid: ").append(this.userTokenId).toString());
            }
            return -1;
        } catch (Exception e) {
            debug.error("login: User not found in valid Anon List");
            setFailureID(this.usernameParam);
            throw new AuthLoginException(amAuthAnonymous, "AnonValidateEx", null);
        }
    }

    private boolean isValidAnonUserName() {
        if (this.isCaseSensitive) {
            return this.validAnonUsernames.contains(this.usernameParam);
        }
        for (String str : this.validAnonUsernames) {
            if (str != null && str.equalsIgnoreCase(this.usernameParam)) {
                this.usernameParam = str;
                return true;
            }
        }
        return false;
    }

    @Override // com.sun.identity.authentication.spi.AMLoginModule
    public Principal getPrincipal() {
        if (this.userPrincipal != null) {
            return this.userPrincipal;
        }
        if (this.userTokenId == null) {
            return null;
        }
        this.userPrincipal = new AnonymousAuthPrincipal(this.userTokenId);
        return this.userPrincipal;
    }

    @Override // com.sun.identity.authentication.spi.AMLoginModule
    public void destroyModuleState() {
        this.userTokenId = null;
        this.userPrincipal = null;
    }

    @Override // com.sun.identity.authentication.spi.AMLoginModule
    public void nullifyUsedVars() {
        this.bundle = null;
        this.sharedState = null;
        this.defaultAnonUser = null;
        this.validAnonUsernames = null;
        this.errorMsg = null;
        this.usernameParam = null;
        this.callbackHandler = null;
    }

    private String sendCallback() throws AuthLoginException {
        if (this.callbackHandler == null) {
            throw new AuthLoginException(amAuthAnonymous, "NoCallbackHandler", null);
        }
        try {
            NameCallback[] nameCallbackArr = {new PagePropertiesCallback(null, this.bundle.getString("moduleHeader"), null, 0, null, false, null), new NameCallback(this.bundle.getString("username"))};
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("Callback 0 is.. :").append(nameCallbackArr[0]).toString());
                debug.message(new StringBuffer().append("Callback 1 is.. :").append(nameCallbackArr[1]).toString());
            }
            this.callbackHandler.handle(nameCallbackArr);
            return nameCallbackArr[1].getName();
        } catch (IOException e) {
            throw new AuthLoginException(e);
        } catch (IllegalArgumentException e2) {
            debug.message("message type missing");
            throw new AuthLoginException(amAuthAnonymous, "IllegalArgs", null);
        } catch (UnsupportedCallbackException e3) {
            throw new AuthLoginException(amAuthAnonymous, "NoCallbackHandler", null);
        }
    }

    private boolean processAnonUser(String str) throws AuthLoginException {
        if (str == null || str.equals("")) {
            debug.message("User Name entered is either NULL or Empty");
            if (this.useSharedstate) {
                return false;
            }
            throw new AuthLoginException(amAuthAnonymous, "UserError", null);
        }
        if (str.equalsIgnoreCase(this.defaultAnonUser)) {
            debug.message("User Type: default Anon User");
            if (!this.isCaseSensitive || str.equals(this.defaultAnonUser)) {
                this.userTokenId = str;
                return true;
            }
            if (this.useSharedstate) {
                return false;
            }
            setFailureID(str);
            throw new AuthLoginException(amAuthAnonymous, "AnonValidateEx", null);
        }
        if (this.validAnonUsernames == null || !isValidAnonUserName()) {
            if (this.useSharedstate) {
                return false;
            }
            setFailureID(str);
            throw new AuthLoginException(amAuthAnonymous, "AnonValidateEx", null);
        }
        debug.message("user is in anonymoususer's list");
        debug.message("UserType: non default Anon User");
        this.userTokenId = str;
        return true;
    }
}
