package org.n52.security.authentication.loginmodule;

import java.net.MalformedURLException;
import java.net.URL;
import java.security.Principal;
import java.util.Iterator;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import org.n52.security.common.attributes.Attribute;
import org.n52.security.common.attributes.StringAttributeValue;
import org.n52.security.common.subject.AttributePrincipal;
import org.n52.security.common.subject.LoginNamePrincipal;
import org.n52.security.common.subject.RolePrincipal;
import org.n52.security.common.subject.UsernameIDPrincipal;
import org.n52.security.common.util.FileFinder;
import org.n52.security.common.util.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/n52/security/authentication/loginmodule/FileLoginModule.class */
public class FileLoginModule extends AbstractPasswordLoginModule {
    private static Map<String, FileLoginUser> sUsers;
    private Subject m_subject;
    private String[] m_roles;
    private boolean m_cacheUsers = false;
    private String m_filePath;
    private String m_realname;
    private static final Logger LOG = LoggerFactory.getLogger(FileLoginModule.class);

    @Override // org.n52.security.authentication.loginmodule.AbstractLoginModule
    protected void prepareCommitState() throws LoginException {
        if (isLoginSucceeded()) {
            addPrincipal(new LoginNamePrincipal(getUsername()));
            addPrincipal(new UsernameIDPrincipal(getUsername()));
            addPrincipal(new AttributePrincipal(new Attribute("Realname", new StringAttributeValue(getRealname()))));
            int length = this.m_roles.length;
            for (int i = 0; i < length; i++) {
                addPrincipal(new RolePrincipal(this.m_roles[i]));
            }
        }
    }

    @Override // org.n52.security.authentication.loginmodule.AbstractPasswordLoginModule
    protected boolean login(String str, char[] cArr) throws LoginException {
        boolean booleanValue = Boolean.valueOf((String) this.m_options.get("credential.isBase64Encoded")).booleanValue();
        LOG.info("Setting user repository caching to: " + this.m_cacheUsers);
        try {
            URL url = new FileFinder(this.m_filePath).getFile().toURL();
            LOG.info("Loading user repository from " + url);
            if (sUsers == null || !this.m_cacheUsers) {
                try {
                    sUsers = new FileLoginUserManager(url).getUserMap();
                } catch (Exception e) {
                    LOG.error("Could not load users from file " + url, e);
                    throw new LoginException("Internal service error. Please contact the service administrator.");
                }
            }
            String str2 = str;
            String str3 = new String(cArr);
            if (booleanValue) {
                str3 = StringUtils.decodeBase64(str3);
                str2 = StringUtils.decodeBase64(str2);
            }
            FileLoginUser fileLoginUser = sUsers.get(str2);
            if (fileLoginUser == null) {
                LOG.debug("Authentication of " + str2 + " failed: username unknown");
                throw new FailedLoginException("Unknown login name: " + str2);
            }
            if (!fileLoginUser.getPassword().equals(str3)) {
                LOG.debug("Authentication of " + str2 + " failed: wrong password");
                throw new FailedLoginException("Wrong password");
            }
            LOG.debug("Authentication of " + str2 + " sucessful");
            this.m_roles = fileLoginUser.getRoles();
            this.m_realname = fileLoginUser.getRealname();
            return true;
        } catch (MalformedURLException e2) {
            LOG.error("Cannot load user file from " + this.m_filePath);
            throw new LoginException("Internal service error. Please contact the service administrator.");
        }
    }

    @Override // org.n52.security.authentication.loginmodule.AbstractLoginModule
    public boolean logout() throws LoginException {
        Iterator<Principal> it = this.m_subject.getPrincipals().iterator();
        while (it.hasNext()) {
            this.m_subject.getPrincipals().remove(it.next());
        }
        return true;
    }

    @Override // org.n52.security.authentication.loginmodule.AbstractLoginModule
    protected void initialize() {
        Options options = getOptions();
        this.m_filePath = options.getAsString("users.file.path", "/users.xml");
        this.m_cacheUsers = options.is("users.cache", false);
    }

    @Override // org.n52.security.authentication.loginmodule.AbstractLoginModule
    protected String getDescription() {
        return "Log in user by username/password against a file providing user information.";
    }

    public String getRealname() {
        return this.m_realname;
    }

    public void setRealname(String str) {
        this.m_realname = str;
    }
}
