package com.opensymphony.user.adapter.pramati;

import com.opensymphony.user.EntityNotFoundException;
import com.opensymphony.user.User;
import com.opensymphony.user.UserManager;
import com.pramati.security.util.GroupImpl;
import java.io.IOException;
import java.security.Principal;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;

/* loaded from: input_file:com/opensymphony/user/adapter/pramati/PramatiLoginModule.class */
public class PramatiLoginModule implements LoginModule {
    private CallbackHandler callbackHandler;
    private Map options;
    private Map sharedState;
    private String realmName;
    private Subject subject;
    private User user;
    private UserManager um;
    private List lstGroups = null;
    private String password = null;
    private String username = null;
    private boolean commitSucceeded = false;
    private boolean populateGroups = true;
    private boolean succeeded = false;

    public boolean abort() throws LoginException {
        if (!this.succeeded) {
            return false;
        }
        if (!this.succeeded || this.commitSucceeded) {
            logout();
        } else {
            this.user = null;
            this.username = null;
            this.password = null;
            this.lstGroups = null;
        }
        return this.succeeded;
    }

    public boolean commit() throws LoginException {
        if (!this.succeeded) {
            return false;
        }
        if (!this.subject.getPrincipals().contains(this.user)) {
            this.subject.getPrincipals().add(this.user);
        }
        if (this.populateGroups) {
            Iterator it = this.lstGroups.iterator();
            while (it.hasNext()) {
                Principal groupImpl = new GroupImpl(this.realmName, (String) it.next());
                if (!this.subject.getPrincipals().contains(groupImpl)) {
                    this.subject.getPrincipals().add(groupImpl);
                }
            }
        }
        this.commitSucceeded = true;
        return true;
    }

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        this.subject = subject;
        this.callbackHandler = callbackHandler;
        this.sharedState = map;
        this.options = map2;
        this.populateGroups = true;
        this.um = UserManager.getInstance();
        this.realmName = "osuser";
        if (map2.containsKey("realmName")) {
            this.realmName = (String) map2.get("realmName");
        }
    }

    public boolean login() throws LoginException {
        getUsernamePassword();
        try {
            this.user = this.um.getUser(this.username);
            if (!this.user.authenticate(this.password)) {
                throw new LoginException("Authentication failure: Incorrect password");
            }
            if (this.populateGroups) {
                this.lstGroups = this.user.getGroups();
            }
            this.succeeded = true;
            return this.succeeded;
        } catch (EntityNotFoundException e) {
            throw new LoginException(e.getMessage());
        }
    }

    public boolean logout() throws LoginException {
        this.subject.getPrincipals().clear();
        this.succeeded = false;
        this.commitSucceeded = false;
        this.username = null;
        this.password = null;
        this.lstGroups = null;
        this.user = null;
        return true;
    }

    private void getUsernamePassword() throws LoginException {
        if (this.callbackHandler == null) {
            throw new LoginException("Error: no CallbackHandler available to garner authentication information from the user");
        }
        NameCallback[] nameCallbackArr = {new NameCallback("username: "), new PasswordCallback("password: ", false)};
        try {
            this.callbackHandler.handle(nameCallbackArr);
            this.username = nameCallbackArr[0].getName();
            char[] password = ((PasswordCallback) nameCallbackArr[1]).getPassword();
            if (password == null) {
                password = new char[0];
            }
            this.password = new String(password);
        } catch (IOException e) {
            throw new LoginException(e.toString());
        } catch (UnsupportedCallbackException e2) {
            throw new LoginException("Error: " + e2.getCallback().toString() + " not available to garner authentication information from the user");
        }
    }
}
