package org.n52.security.authentication.loginmodule;

import java.io.IOException;
import java.io.Serializable;
import java.security.Principal;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import javax.security.auth.DestroyFailedException;
import javax.security.auth.Destroyable;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.TextOutputCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:org/n52/security/authentication/loginmodule/AbstractLoginModule.class */
public abstract class AbstractLoginModule implements LoginModule, Serializable {
    private static final Log LOG;
    private static final long serialVersionUID = 9133908238663307934L;
    protected Subject m_subject;
    protected transient CallbackHandler m_callbackHandler;
    protected SharedState m_sharedState;
    protected Options m_options;
    protected Set m_principals;
    protected Set m_publicCredentials;
    protected Set m_privateCredentials;
    protected boolean m_loginSucceeded;
    protected boolean m_commitSucceeded;
    static Class class$org$n52$security$authentication$loginmodule$AbstractLoginModule;
    static final boolean $assertionsDisabled;

    protected CallbackHandler getCallbackHandler() {
        return this.m_callbackHandler;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Options getOptions() {
        return this.m_options;
    }

    protected Set getPrincipals() {
        return this.m_principals;
    }

    protected Set getPrivateCredentials() {
        return this.m_privateCredentials;
    }

    protected Set getPublicCredentials() {
        return this.m_publicCredentials;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SharedState getSharedState() {
        return this.m_sharedState;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Subject getSubject() {
        return this.m_subject;
    }

    protected boolean isCommitSucceeded() {
        return this.m_commitSucceeded;
    }

    protected void setCommitSucceeded(boolean z) {
        this.m_commitSucceeded = z;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isLoginSucceeded() {
        return this.m_loginSucceeded;
    }

    protected void setLoginSucceeded(boolean z) {
        this.m_loginSucceeded = z;
    }

    public boolean abort() throws LoginException {
        if (LOG.isDebugEnabled()) {
            LOG.debug("AbstractLoginModule.abort");
        }
        return isLoginSucceeded() ? isCommitSucceeded() ? logout() : clearInternalState() : isCommitSucceeded() ? logout() : clearInternalState();
    }

    public boolean commit() throws LoginException {
        if (LOG.isDebugEnabled()) {
            LOG.debug("AbstractLoginModule.commit");
        }
        if (isLoginSucceeded()) {
            return commitState();
        }
        clearAuthenticationState();
        return false;
    }

    public boolean logout() throws LoginException {
        if (LOG.isDebugEnabled()) {
            LOG.debug("AbstractLoginModule.logout");
        }
        if (isCommitSucceeded()) {
            Subject subject = getSubject();
            if (subject.isReadOnly()) {
                if (LOG.isWarnEnabled()) {
                    LOG.warn("subject is readonly, commited principals can't be removed, try to destroy credentials.");
                }
                boolean destroy = destroy(getPublicCredentials());
                boolean destroy2 = destroy(getPrivateCredentials());
                if (!destroy) {
                    throw new LoginException("subject is readonly, not all public credentials could be destroyed during logout.");
                }
                if (!destroy2) {
                    throw new LoginException("subject is readonly, not all private credentials could be destroyed during logout.");
                }
            } else {
                subject.getPrincipals().removeAll(getPrincipals());
                subject.getPrivateCredentials().removeAll(getPrivateCredentials());
                subject.getPublicCredentials().removeAll(getPublicCredentials());
                destroy(getPublicCredentials());
                destroy(getPrivateCredentials());
            }
        }
        clearInternalState();
        return true;
    }

    public boolean login() throws LoginException {
        Options options = getOptions();
        if (options.isDisabled()) {
            if (!LOG.isInfoEnabled()) {
                return false;
            }
            LOG.info("login module is disabled -> login module will be ignored.");
            return false;
        }
        if (!isCallbackHandlerSet()) {
            if (!LOG.isWarnEnabled()) {
                return false;
            }
            LOG.warn("no callback handler set -> login module will be ignored.");
            return false;
        }
        if (options.isModuleBanner()) {
            showModuleBanner();
        }
        if (!performLogin()) {
            return false;
        }
        setLoginSucceeded(true);
        return true;
    }

    protected abstract boolean performLogin() throws LoginException;

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("AbstractLoginModule.initialize");
        }
        if (!$assertionsDisabled && subject == null) {
            throw new AssertionError();
        }
        if (!$assertionsDisabled && map == null) {
            throw new AssertionError();
        }
        if (!$assertionsDisabled && map2 == null) {
            throw new AssertionError();
        }
        this.m_subject = subject;
        this.m_callbackHandler = callbackHandler;
        this.m_sharedState = new SharedState(map);
        this.m_options = new Options(map2);
        this.m_principals = new HashSet();
        this.m_publicCredentials = new HashSet();
        this.m_privateCredentials = new HashSet();
        initialize();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void addPrincipal(Principal principal) {
        this.m_principals.add(principal);
    }

    protected void addPrivateCredential(Object obj) {
        this.m_privateCredentials.add(obj);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void addPublicCredential(Object obj) {
        this.m_publicCredentials.add(obj);
    }

    protected boolean clearInternalState() throws LoginException {
        getPrincipals().clear();
        getPrivateCredentials().clear();
        getPublicCredentials().clear();
        setCommitSucceeded(false);
        setLoginSucceeded(false);
        clearAuthenticationState();
        this.m_subject = null;
        this.m_callbackHandler = null;
        this.m_options = null;
        this.m_sharedState = null;
        return true;
    }

    protected abstract void clearAuthenticationState() throws LoginException;

    protected boolean commitState() throws LoginException {
        Subject subject = getSubject();
        if (subject.isReadOnly()) {
            throw new LoginException("subject is readonly neither principals nor credentials can be added.");
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("login succeeded, now try to commit the principals.");
        }
        prepareCommitState();
        subject.getPrincipals().addAll(getPrincipals());
        subject.getPrivateCredentials().addAll(getPrivateCredentials());
        subject.getPublicCredentials().addAll(getPublicCredentials());
        setCommitSucceeded(true);
        clearAuthenticationState();
        return true;
    }

    protected abstract void prepareCommitState() throws LoginException;

    protected boolean destroy(Set set) {
        boolean z = true;
        for (Object obj : set) {
            if (obj instanceof Destroyable) {
                try {
                    ((Destroyable) obj).destroy();
                } catch (DestroyFailedException e) {
                    if (LOG.isWarnEnabled()) {
                        LOG.warn("principal or credentail could not be destroyed!", e);
                    }
                    z = false;
                }
            } else {
                z = false;
            }
        }
        return z;
    }

    protected abstract void initialize();

    protected boolean isCallbackHandlerSet() {
        return this.m_callbackHandler != null;
    }

    protected void showModuleBanner() throws LoginException {
        handleCallbacks(new Callback[]{new TextOutputCallback(0, getDescription())});
    }

    protected abstract String getDescription();

    /* JADX INFO: Access modifiers changed from: protected */
    public void handleCallbacks(Callback[] callbackArr) throws LoginException {
        try {
            getCallbackHandler().handle(callbackArr);
        } catch (IOException e) {
            throw new LoginException(new StringBuffer().append("[Error] a io error occured in the callback handler. Cause:").append(e).toString());
        } catch (UnsupportedCallbackException e2) {
            throw new LoginException(new StringBuffer().append("[Error] ").append(e2.getCallback().toString()).append(" not available to garner authentication information ").append("from the user. Cause:").append(e2).toString());
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        Class cls2;
        if (class$org$n52$security$authentication$loginmodule$AbstractLoginModule == null) {
            cls = class$("org.n52.security.authentication.loginmodule.AbstractLoginModule");
            class$org$n52$security$authentication$loginmodule$AbstractLoginModule = cls;
        } else {
            cls = class$org$n52$security$authentication$loginmodule$AbstractLoginModule;
        }
        $assertionsDisabled = !cls.desiredAssertionStatus();
        if (class$org$n52$security$authentication$loginmodule$AbstractLoginModule == null) {
            cls2 = class$("org.n52.security.authentication.loginmodule.AbstractLoginModule");
            class$org$n52$security$authentication$loginmodule$AbstractLoginModule = cls2;
        } else {
            cls2 = class$org$n52$security$authentication$loginmodule$AbstractLoginModule;
        }
        LOG = LogFactory.getLog(cls2);
    }
}
