package org.exist.security.internal;

import java.io.IOException;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import org.exist.EXistException;
import org.exist.security.AuthenticationException;
import org.exist.storage.BrokerPool;

/* loaded from: input_file:WEB-INF/lib/exist-core-3.0.RC1.jar:org/exist/security/internal/EXistDBLoginModule.class */
public class EXistDBLoginModule implements LoginModule {
    private Subject subject;
    private CallbackHandler callbackHandler;
    private boolean debug = false;
    private boolean succeeded = false;
    private boolean commitSucceeded = false;
    private org.exist.security.Subject userPrincipal = null;

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> map, Map<String, ?> map2) {
        this.subject = subject;
        this.callbackHandler = callbackHandler;
        this.debug = "true".equalsIgnoreCase((String) map2.get("debug"));
    }

    public boolean login() throws LoginException {
        if (this.callbackHandler == null) {
            throw new LoginException("Error: no CallbackHandler available to garner authentication information from the user");
        }
        NameCallback[] nameCallbackArr = {new NameCallback("user name: "), new PasswordCallback("password: ", false)};
        try {
            this.callbackHandler.handle(nameCallbackArr);
            String name = nameCallbackArr[0].getName();
            char[] password = ((PasswordCallback) nameCallbackArr[1]).getPassword();
            if (password == null) {
                password = new char[0];
            }
            char[] cArr = new char[password.length];
            System.arraycopy(password, 0, cArr, 0, password.length);
            ((PasswordCallback) nameCallbackArr[1]).clearPassword();
            if (this.debug) {
                System.out.println("\t\t[eXistLoginModule] user entered user name: " + name);
            }
            try {
                this.userPrincipal = BrokerPool.getInstance().getSecurityManager().authenticate(name, cArr);
                this.succeeded = this.userPrincipal.isAuthenticated();
                return true;
            } catch (EXistException e) {
                throw new FailedLoginException(e.getMessage());
            } catch (AuthenticationException e2) {
                if (this.debug) {
                    System.out.println("\t\t[eXistLoginModule] authentication failed");
                }
                throw new FailedLoginException(e2.getMessage());
            }
        } catch (IOException e3) {
            throw new LoginException(e3.toString());
        } catch (UnsupportedCallbackException e4) {
            throw new LoginException("Error: " + e4.getCallback().toString() + " not available to garner authentication information from the user");
        }
    }

    public boolean commit() throws LoginException {
        if (!this.succeeded) {
            return false;
        }
        if (!this.subject.getPrincipals().contains(this.userPrincipal)) {
            this.subject.getPrincipals().add(this.userPrincipal);
        }
        if (this.debug) {
            System.out.println("\t\t[eXistLoginModule] added User to Subject");
        }
        this.commitSucceeded = true;
        return true;
    }

    public boolean abort() throws LoginException {
        if (!this.succeeded) {
            return false;
        }
        if (!this.succeeded || this.commitSucceeded) {
            logout();
            return true;
        }
        this.succeeded = false;
        this.userPrincipal = null;
        return true;
    }

    public boolean logout() throws LoginException {
        this.subject.getPrincipals().remove(this.userPrincipal);
        this.succeeded = this.commitSucceeded;
        this.userPrincipal = null;
        return true;
    }
}
