package org.apache.kafka.connect.rest.basic.auth.extension;

import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Paths;
import java.util.Map;
import java.util.Properties;
import java.util.concurrent.ConcurrentHashMap;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import org.apache.kafka.common.config.ConfigException;
import org.apache.kafka.common.utils.Utils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/kafka/connect/rest/basic/auth/extension/PropertyFileLoginModule.class */
public class PropertyFileLoginModule implements LoginModule {
    private CallbackHandler callbackHandler;
    private static final String FILE_OPTIONS = "file";
    private String fileName;
    private boolean authenticated;
    private static final Logger log = LoggerFactory.getLogger(PropertyFileLoginModule.class);
    private static Map<String, Properties> credentialPropertiesMap = new ConcurrentHashMap();

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> map, Map<String, ?> map2) {
        this.callbackHandler = callbackHandler;
        this.fileName = (String) map2.get(FILE_OPTIONS);
        if (Utils.isBlank(this.fileName)) {
            throw new ConfigException("Property Credentials file must be specified");
        }
        if (credentialPropertiesMap.containsKey(this.fileName)) {
            log.trace("Credential properties file '{}' has already been opened and parsed; will read from cached, in-memory store", this.fileName);
            return;
        }
        log.trace("Opening credential properties file '{}'", this.fileName);
        Properties properties = new Properties();
        try {
            InputStream newInputStream = Files.newInputStream(Paths.get(this.fileName, new String[0]), new OpenOption[0]);
            try {
                log.trace("Parsing credential properties file '{}'", this.fileName);
                properties.load(newInputStream);
                if (newInputStream != null) {
                    newInputStream.close();
                }
                credentialPropertiesMap.putIfAbsent(this.fileName, properties);
                if (properties.isEmpty()) {
                    log.warn("Credential properties file '{}' is empty; all requests will be permitted", this.fileName);
                }
            } finally {
            }
        } catch (IOException e) {
            log.error("Error loading credentials file ", e);
            throw new ConfigException("Error loading Property Credentials file");
        }
    }

    public boolean login() throws LoginException {
        NameCallback[] configureCallbacks = configureCallbacks();
        try {
            log.trace("Authenticating user; invoking JAAS login callbacks");
            this.callbackHandler.handle(configureCallbacks);
            String name = configureCallbacks[0].getName();
            char[] password = ((PasswordCallback) configureCallbacks[1]).getPassword();
            String str = password != null ? new String(password) : null;
            Properties properties = credentialPropertiesMap.get(this.fileName);
            if (properties.isEmpty()) {
                log.trace("Not validating credentials for user '{}' as credential properties file '{}' is empty", name, this.fileName);
                this.authenticated = true;
            } else if (name == null) {
                log.trace("No credentials were provided or the provided credentials were malformed");
                this.authenticated = false;
            } else if (str != null && str.equals(properties.get(name))) {
                log.trace("Credentials provided for user '{}' match those present in the credential properties file '{}'", name, this.fileName);
                this.authenticated = true;
            } else if (properties.containsKey(name)) {
                log.trace("Credentials provided for user '{}' do not match those present in the credential properties file '{}'", name, this.fileName);
                this.authenticated = false;
            } else {
                log.trace("User '{}' is not present in the credential properties file '{}'", name, this.fileName);
                this.authenticated = false;
            }
            return this.authenticated;
        } catch (Exception e) {
            log.warn("Authentication failed while invoking JAAS login callbacks", e);
            throw new LoginException(e.getMessage());
        }
    }

    public boolean commit() throws LoginException {
        return this.authenticated;
    }

    public boolean abort() throws LoginException {
        return true;
    }

    public boolean logout() throws LoginException {
        return true;
    }

    private Callback[] configureCallbacks() {
        return new Callback[]{new NameCallback("Enter user name"), new PasswordCallback("Enter password", false)};
    }
}
