package org.eclipse.jetty.jaas;

import java.io.IOException;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Objects;
import java.util.stream.Stream;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.Configuration;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import javax.servlet.ServletRequest;
import org.eclipse.jetty.jaas.callback.DefaultCallbackHandler;
import org.eclipse.jetty.security.DefaultIdentityService;
import org.eclipse.jetty.security.IdentityService;
import org.eclipse.jetty.security.LoginService;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.UserIdentity;
import org.eclipse.jetty.util.ArrayUtil;
import org.eclipse.jetty.util.Loader;
import org.eclipse.jetty.util.component.ContainerLifeCycle;
import org.eclipse.jetty.util.log.Log;
import org.eclipse.jetty.util.log.Logger;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/jetty-jaas-9.4.45.v20220203.jar:org/eclipse/jetty/jaas/JAASLoginService.class
 */
/* loaded from: input_file:WEB-INF/lib/jetty-runner-9.4.45.v20220203.jar:org/eclipse/jetty/jaas/JAASLoginService.class */
public class JAASLoginService extends ContainerLifeCycle implements LoginService {
    private static final Logger LOG = Log.getLogger((Class<?>) JAASLoginService.class);
    public static final String DEFAULT_ROLE_CLASS_NAME = "org.eclipse.jetty.jaas.JAASRole";
    public static final String[] DEFAULT_ROLE_CLASS_NAMES = {DEFAULT_ROLE_CLASS_NAME};
    public static final ThreadLocal<JAASLoginService> INSTANCE = new ThreadLocal<>();
    protected String[] _roleClassNames;
    protected String _callbackHandlerClass;
    protected String _realmName;
    protected String _loginModuleName;
    protected JAASUserPrincipal _defaultUser;
    protected IdentityService _identityService;
    protected Configuration _configuration;

    public JAASLoginService() {
        this._roleClassNames = DEFAULT_ROLE_CLASS_NAMES;
        this._defaultUser = new JAASUserPrincipal(null, null, null);
    }

    public JAASLoginService(String str) {
        this();
        this._realmName = str;
        this._loginModuleName = str;
    }

    @Override // org.eclipse.jetty.security.LoginService
    public String getName() {
        return this._realmName;
    }

    public void setName(String str) {
        this._realmName = str;
    }

    public Configuration getConfiguration() {
        return this._configuration;
    }

    public void setConfiguration(Configuration configuration) {
        this._configuration = configuration;
    }

    @Override // org.eclipse.jetty.security.LoginService
    public IdentityService getIdentityService() {
        return this._identityService;
    }

    @Override // org.eclipse.jetty.security.LoginService
    public void setIdentityService(IdentityService identityService) {
        this._identityService = identityService;
    }

    public void setLoginModuleName(String str) {
        this._loginModuleName = str;
    }

    public void setCallbackHandlerClass(String str) {
        this._callbackHandlerClass = str;
    }

    public void setRoleClassNames(String[] strArr) {
        if (strArr == null || strArr.length == 0) {
            this._roleClassNames = DEFAULT_ROLE_CLASS_NAMES;
        } else {
            this._roleClassNames = (String[]) ArrayUtil.addToArray(strArr, DEFAULT_ROLE_CLASS_NAME, String.class);
        }
    }

    public String[] getRoleClassNames() {
        return this._roleClassNames;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.eclipse.jetty.util.component.ContainerLifeCycle, org.eclipse.jetty.util.component.AbstractLifeCycle
    public void doStart() throws Exception {
        if (this._identityService == null) {
            this._identityService = new DefaultIdentityService();
        }
        addBean(new PropertyUserStoreManager());
        super.doStart();
    }

    @Override // org.eclipse.jetty.security.LoginService
    public UserIdentity login(String str, Object obj, ServletRequest servletRequest) {
        try {
            try {
                try {
                    CallbackHandler defaultCallbackHandler = this._callbackHandlerClass == null ? new DefaultCallbackHandler() : (CallbackHandler) Loader.loadClass(this._callbackHandlerClass).getDeclaredConstructor(new Class[0]).newInstance(new Object[0]);
                    if (defaultCallbackHandler instanceof DefaultCallbackHandler) {
                        DefaultCallbackHandler defaultCallbackHandler2 = (DefaultCallbackHandler) defaultCallbackHandler;
                        if (servletRequest instanceof Request) {
                            defaultCallbackHandler2.setRequest((Request) servletRequest);
                        }
                        defaultCallbackHandler2.setCredential(obj);
                        defaultCallbackHandler2.setUserName(str);
                    }
                    Subject subject = new Subject();
                    INSTANCE.set(this);
                    LoginContext loginContext = this._configuration == null ? new LoginContext(this._loginModuleName, subject, defaultCallbackHandler) : new LoginContext(this._loginModuleName, subject, defaultCallbackHandler, this._configuration);
                    loginContext.login();
                    JAASUserPrincipal jAASUserPrincipal = new JAASUserPrincipal(getUserName(defaultCallbackHandler), subject, loginContext);
                    subject.getPrincipals().add(jAASUserPrincipal);
                    UserIdentity newUserIdentity = this._identityService.newUserIdentity(subject, jAASUserPrincipal, getGroups(subject));
                    INSTANCE.remove();
                    return newUserIdentity;
                } catch (FailedLoginException e) {
                    if (LOG.isDebugEnabled()) {
                        LOG.debug("Login failed", e);
                    }
                    INSTANCE.remove();
                    return null;
                }
            } catch (Exception e2) {
                LOG.ignore(e2);
                INSTANCE.remove();
                return null;
            }
        } catch (Throwable th) {
            INSTANCE.remove();
            throw th;
        }
    }

    @Override // org.eclipse.jetty.security.LoginService
    public boolean validate(UserIdentity userIdentity) {
        return true;
    }

    private String getUserName(CallbackHandler callbackHandler) throws IOException, UnsupportedCallbackException {
        NameCallback nameCallback = new NameCallback("foo");
        callbackHandler.handle(new Callback[]{nameCallback});
        return nameCallback.getName();
    }

    @Override // org.eclipse.jetty.security.LoginService
    public void logout(UserIdentity userIdentity) {
        try {
            ((JAASUserPrincipal) userIdentity.getSubject().getPrincipals(JAASUserPrincipal.class).iterator().next()).getLoginContext().logout();
        } catch (LoginException e) {
            LOG.warn(e);
        }
    }

    protected String[] getGroups(Subject subject) {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        for (Principal principal : subject.getPrincipals()) {
            if (isRoleClass(principal.getClass(), Arrays.asList(getRoleClassNames()))) {
                linkedHashSet.add(principal.getName());
            }
        }
        return (String[]) linkedHashSet.toArray(new String[linkedHashSet.size()]);
    }

    private static boolean isRoleClass(Class<?> cls, List<String> list) {
        ArrayList arrayList = new ArrayList();
        for (Class<?> cls2 = cls; cls2 != null; cls2 = cls2.getSuperclass()) {
            arrayList.add(cls2.getName());
            Stream map = Arrays.stream(cls2.getInterfaces()).map((v0) -> {
                return v0.getName();
            });
            Objects.requireNonNull(arrayList);
            map.forEach((v1) -> {
                r1.add(v1);
            });
        }
        Stream<String> stream = list.stream();
        Objects.requireNonNull(arrayList);
        return stream.anyMatch((v1) -> {
            return r1.contains(v1);
        });
    }
}
