package org.clazzes.login.htpasswd.jaas;

import java.io.File;
import java.io.IOException;
import java.security.Principal;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/clazzes/login/htpasswd/jaas/HtpasswdLoginModule.class */
public class HtpasswdLoginModule implements LoginModule {
    private String realm;
    private Subject subject;
    private CallbackHandler handler;
    private Map<String, ?> options;
    private Map<String, ?> sharedState;
    private boolean succeeded;
    private String name;
    private List<HtpasswdGroup> groups;
    private Map<String, String> claims;
    private static final Logger log = LoggerFactory.getLogger(HtpasswdLoginModule.class);
    private static final ConcurrentMap<String, HtpasswdAuthService> authServicesByRealm = new ConcurrentHashMap();

    private HtpasswdAuthService getService() throws LoginException {
        File file;
        HtpasswdAuthService htpasswdAuthService = authServicesByRealm.get(this.realm);
        if (htpasswdAuthService == null || htpasswdAuthService.needsUpdate()) {
            String str = (String) this.options.get("htpasswd.etcDir");
            if (str == null) {
                str = System.getProperty("login.htpasswd.etcDir");
            }
            if (str == null) {
                String property = System.getProperty("osgi.runner.etcPath");
                if (property == null) {
                    throw new LoginException("Could not find property [htpasswd.etcDir] nor system property [login.htpasswd.etcDir] or [osgi.runner.etcPath], please check your configuration.");
                }
                file = new File(new File(property), "htpasswd.d");
            } else {
                file = new File(str);
            }
            if (!file.exists()) {
                log.warn("Htpasswd directory [{}] does not exist, check your configuration.", file);
            }
            File file2 = new File(file, this.realm + ".htpasswd");
            File file3 = new File(file, this.realm + ".group");
            File file4 = new File(file, this.realm + ".claims");
            log.info("Initialized htpasswd JAAS login module for realm [{}] reading from file [{}]", this.realm, file2);
            htpasswdAuthService = new HtpasswdAuthService();
            htpasswdAuthService.read(file2);
            htpasswdAuthService.readGroupFile(file3);
            htpasswdAuthService.readClaimsFile(file4);
            authServicesByRealm.put(this.realm, htpasswdAuthService);
        }
        if (htpasswdAuthService == null || htpasswdAuthService.needsUpdate()) {
            File htpasswdFile = htpasswdAuthService.getHtpasswdFile();
            File groupFile = htpasswdAuthService.getGroupFile();
            File claimsFile = htpasswdAuthService.getClaimsFile();
            log.info("Refreshing htpasswd JAAS login module for realm [{}] reading from file [{}]", this.realm, htpasswdFile);
            htpasswdAuthService = new HtpasswdAuthService();
            htpasswdAuthService.read(htpasswdFile);
            htpasswdAuthService.readGroupFile(groupFile);
            htpasswdAuthService.readClaimsFile(claimsFile);
            authServicesByRealm.put(this.realm, htpasswdAuthService);
        }
        return htpasswdAuthService;
    }

    public HtpasswdLoginModule() {
        if (log.isDebugEnabled()) {
            log.debug("HtpasswdLoginModule constructed.");
        }
    }

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> map, Map<String, ?> map2) {
        this.subject = subject;
        this.options = map2;
        this.handler = callbackHandler;
        this.sharedState = map;
        if (log.isDebugEnabled()) {
            log.debug("HtpasswdLoginModule initialized with options [{}] and shared state [{}]", map2, map);
        }
        this.realm = (String) this.options.get("jaas.realmName");
    }

    public boolean login() throws LoginException {
        String str;
        Callback[] callbackArr;
        boolean equals;
        Set<Principal> principals = this.subject.getPrincipals();
        if (principals.size() == 1) {
            HtpasswdPrincipal htpasswdPrincipal = (HtpasswdPrincipal) principals.iterator().next();
            if (!this.realm.equals(htpasswdPrincipal.getRealm())) {
                throw new LoginException("Realm [" + htpasswdPrincipal.getRealm() + "] of pre-authenticated user differs from [" + this.realm + "]");
            }
            str = htpasswdPrincipal.getName();
            if (log.isDebugEnabled()) {
                log.debug("login() called with pre-authenticated user[{}].", str);
            }
            callbackArr = new Callback[]{new NameCallback("Name")};
        } else {
            if (log.isDebugEnabled()) {
                log.debug("login() called without pre-authenticated user.");
            }
            str = null;
            callbackArr = new Callback[]{new NameCallback("Name"), new PasswordCallback("Password", false)};
        }
        try {
            this.handler.handle(callbackArr);
            String name = ((NameCallback) callbackArr[0]).getName();
            HtpasswdAuthService service = getService();
            if (str == null) {
                char[] password = ((PasswordCallback) callbackArr[1]).getPassword();
                if (log.isDebugEnabled()) {
                    log.debug("login() is checking password for user [{}].", name);
                }
                equals = service.authenticate(name, password);
                if (log.isDebugEnabled()) {
                    log.debug("login() has checked password for user [{}] with result [{}].", name, Boolean.valueOf(equals));
                }
            } else {
                if (log.isDebugEnabled()) {
                    log.debug("login() is checking pre-authenticated user [{}].", name);
                }
                equals = str.equals(name);
                if (log.isDebugEnabled()) {
                    log.debug("login() has checked pre-authenticated user [{}] with result [{}].", name, Boolean.valueOf(equals));
                }
            }
            this.succeeded = equals;
            this.name = name;
            this.groups = service.getUserGroups(this.name);
            this.claims = service.getUserClaims(this.name);
            return equals;
        } catch (IOException e) {
            throw new LoginException(e.getMessage());
        } catch (UnsupportedCallbackException e2) {
            throw new LoginException(e2.getMessage());
        }
    }

    public boolean commit() throws LoginException {
        if (!this.succeeded) {
            return false;
        }
        this.subject.getPrincipals().add(new HtpasswdPrincipal(this.name, this.realm));
        if (this.groups != null) {
            this.subject.getPublicCredentials().addAll(this.groups);
        }
        if (this.claims == null) {
            return true;
        }
        this.subject.getPublicCredentials().add(this.claims);
        return true;
    }

    public boolean abort() throws LoginException {
        return true;
    }

    public boolean logout() throws LoginException {
        boolean z = this.succeeded;
        this.succeeded = false;
        return z;
    }
}
