package org.n52.security.authentication.loginmodule;

import java.io.File;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.Principal;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import org.apache.log4j.Logger;
import org.n52.security.authentication.UsernamePasswordCredential;
import org.n52.security.authentication.callbacks.CredentialCallback;
import org.n52.security.authentication.principals.LoginNamePrincipal;
import org.n52.security.authentication.principals.RolePrincipal;
import org.n52.security.authentication.principals.UsernameIDPrincipal;
import org.n52.security.common.util.StringUtils;

/* loaded from: input_file:org/n52/security/authentication/loginmodule/FileLoginModule.class */
public class FileLoginModule implements LoginModule {
    private Subject subject;
    private CallbackHandler callbackHandler;
    private Map sharedState;
    private Map options;
    private boolean debug = false;
    private Set principals;
    private static Map sUsers;
    private static final Logger LOG;
    static Class class$org$n52$security$authentication$loginmodule$FileLoginModule;
    static Class class$org$n52$security$authentication$UsernamePasswordCredential;

    public boolean abort() throws LoginException {
        this.subject = null;
        this.callbackHandler = null;
        this.sharedState = null;
        this.options = null;
        this.debug = false;
        this.principals.clear();
        return true;
    }

    public boolean commit() throws LoginException {
        this.subject.getPrincipals().addAll(this.principals);
        return true;
    }

    public boolean login() throws LoginException {
        URL resource;
        Class cls;
        boolean booleanValue = Boolean.valueOf((String) this.options.get("credential.isBase64Encoded")).booleanValue();
        boolean booleanValue2 = Boolean.valueOf((String) this.options.get("users.cache")).booleanValue();
        LOG.info(new StringBuffer().append("Setting user repository caching to: ").append(booleanValue2).toString());
        String str = (String) this.options.get("users.file.path");
        if (str == null || str.equals("")) {
            resource = getClass().getResource("/users.xml");
            LOG.info("Loading user repository from /users.xml of the classpath");
        } else {
            try {
                resource = new URL(str);
                LOG.info(new StringBuffer().append("Loading user repository from ").append(resource).toString());
            } catch (MalformedURLException e) {
                LOG.error(new StringBuffer().append("Cannot load user file from ").append(str).toString());
                throw new LoginException("Internal service error. Please contact the service administrator.");
            }
        }
        if (sUsers == null || !booleanValue2) {
            try {
                sUsers = new FileLoginUserManager(resource).getUserMap();
            } catch (Exception e2) {
                LOG.debug(new StringBuffer().append("Relative paths are appended to ").append(new File(".").getAbsolutePath()).toString());
                LOG.error(new StringBuffer().append("Could not load users from file ").append(resource).toString(), e2);
                throw new LoginException("Internal service error. Please contact the service administrator.");
            }
        }
        Iterator<Object> it = this.subject.getPublicCredentials().iterator();
        UsernamePasswordCredential usernamePasswordCredential = null;
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            if (it.next() instanceof UsernamePasswordCredential) {
                usernamePasswordCredential = (UsernamePasswordCredential) it.next();
                break;
            }
        }
        if (usernamePasswordCredential == null) {
            if (class$org$n52$security$authentication$UsernamePasswordCredential == null) {
                cls = class$("org.n52.security.authentication.UsernamePasswordCredential");
                class$org$n52$security$authentication$UsernamePasswordCredential = cls;
            } else {
                cls = class$org$n52$security$authentication$UsernamePasswordCredential;
            }
            CredentialCallback credentialCallback = new CredentialCallback(cls);
            try {
                this.callbackHandler.handle(new Callback[]{credentialCallback});
                usernamePasswordCredential = (UsernamePasswordCredential) credentialCallback.getCredential();
                if (usernamePasswordCredential == null) {
                    throw new LoginException("no required credentials found");
                }
            } catch (IOException e3) {
                throw new LoginException(new StringBuffer().append("IOException occured ").append(e3).toString());
            } catch (UnsupportedCallbackException e4) {
                throw new LoginException(new StringBuffer().append("CredentailCallback classes not supported :").append(e4).toString());
            }
        }
        String username = usernamePasswordCredential.getUsername();
        String str2 = new String(usernamePasswordCredential.getPassword());
        if (booleanValue) {
            str2 = StringUtils.decodeBase64(str2);
            username = StringUtils.decodeBase64(username);
        }
        FileLoginUser fileLoginUser = (FileLoginUser) sUsers.get(username);
        if (fileLoginUser == null) {
            LOG.debug(new StringBuffer().append("Authentication of ").append(username).append(" failed: username unknown").toString());
            throw new LoginException(new StringBuffer().append("Unknown login name: ").append(username).toString());
        }
        if (!fileLoginUser.getPassword().equals(str2)) {
            LOG.debug(new StringBuffer().append("Authentication of ").append(username).append(" failed: wrong password").toString());
            throw new LoginException("Wrong password");
        }
        LOG.debug(new StringBuffer().append("Authentication of ").append(username).append(" sucessful").toString());
        this.principals.add(new LoginNamePrincipal(fileLoginUser.getUsername()));
        this.principals.add(new UsernameIDPrincipal(fileLoginUser.getUsername()));
        for (String str3 : fileLoginUser.getRoles()) {
            this.principals.add(new RolePrincipal(str3));
        }
        return true;
    }

    public boolean logout() throws LoginException {
        Iterator<Principal> it = this.subject.getPrincipals().iterator();
        while (it.hasNext()) {
            this.subject.getPrincipals().remove(it.next());
        }
        return true;
    }

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        this.subject = subject;
        this.callbackHandler = callbackHandler;
        this.sharedState = map;
        this.options = map2;
        this.debug = "true".equalsIgnoreCase((String) map2.get("debug"));
        this.principals = new HashSet(8);
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$n52$security$authentication$loginmodule$FileLoginModule == null) {
            cls = class$("org.n52.security.authentication.loginmodule.FileLoginModule");
            class$org$n52$security$authentication$loginmodule$FileLoginModule = cls;
        } else {
            cls = class$org$n52$security$authentication$loginmodule$FileLoginModule;
        }
        LOG = Logger.getLogger(cls);
    }
}
