package org.apache.jackrabbit.core.security;

import java.security.Principal;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.jcr.Credentials;
import javax.jcr.SimpleCredentials;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import org.apache.commons.id.IdentifierGenerator;
import org.apache.commons.id.IdentifierGeneratorFactory;
import org.apache.jackrabbit.core.security.principal.AdminPrincipal;
import org.jahia.jaas.JahiaPrincipal;
import org.jahia.registries.ServicesRegistry;
import org.jahia.services.usermanager.JahiaUserManagerService;
import org.jahia.services.usermanager.jcr.JCRUser;
import org.jahia.services.usermanager.jcr.JCRUserManagerProvider;

/* loaded from: input_file:org/apache/jackrabbit/core/security/JahiaLoginModule.class */
public class JahiaLoginModule implements LoginModule {
    public static final String SYSTEM = " system ";
    public static final String GUEST = " guest ";
    private static IdentifierGenerator idGen = IdentifierGeneratorFactory.newInstance().uuidVersionFourGenerator();
    private static Map<String, Token> systemPass = new HashMap();
    private JahiaUserManagerService userService;
    private Subject subject;
    private Set<Principal> principals = new HashSet();
    private CallbackHandler callbackHandler;
    private Map sharedState;
    private Map options;

    /* loaded from: input_file:org/apache/jackrabbit/core/security/JahiaLoginModule$Token.class */
    public static class Token {
        public String username;
        public List<String> deniedPath;

        Token(String str, List<String> list) {
            this.username = str;
            this.deniedPath = list;
        }
    }

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        this.subject = subject;
        this.callbackHandler = callbackHandler;
        this.sharedState = map;
        this.options = map2;
        this.userService = ServicesRegistry.getInstance().getJahiaUserManagerService();
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v46, types: [org.jahia.services.usermanager.JahiaUser] */
    public boolean login() throws LoginException {
        try {
            NameCallback[] nameCallbackArr = {new NameCallback("name?"), new PasswordCallback("pass?", false)};
            this.callbackHandler.handle(nameCallbackArr);
            String name2 = nameCallbackArr[0].getName();
            char[] password = ((PasswordCallback) nameCallbackArr[1]).getPassword();
            if (name2 != null) {
                if (SYSTEM.equals(name2)) {
                    if (removeToken(name2, new String(password)) != null) {
                        this.principals.add(new JahiaPrincipal(SYSTEM, true, false));
                        this.principals.add(new SystemPrincipal());
                    }
                } else if (name2.startsWith(SYSTEM)) {
                    if (removeToken(name2, new String(password)) != null) {
                        this.principals.add(new JahiaPrincipal(name2.substring(SYSTEM.length()), true, false));
                        this.principals.add(new SystemPrincipal());
                    }
                } else if (GUEST.equals(name2)) {
                    this.principals.add(new JahiaPrincipal(GUEST, false, true));
                    this.principals.add(new AnonymousPrincipal());
                } else {
                    String str = new String(password);
                    Token removeToken = removeToken(name2, str);
                    JCRUser lookupUser = this.userService != null ? this.userService.lookupUser(name2) : JCRUserManagerProvider.getInstance().lookupUser(name2);
                    if (removeToken != null || lookupUser.verifyPassword(str)) {
                        this.principals.add(new JahiaPrincipal(name2));
                        if (lookupUser.isAdminMember(0)) {
                            this.principals.add(new AdminPrincipal(name2));
                        }
                    }
                }
                if (this.principals.isEmpty()) {
                    throw new FailedLoginException();
                }
            }
        } catch (UnsupportedCallbackException e) {
        } catch (Exception e2) {
            e2.printStackTrace();
        }
        return !this.principals.isEmpty();
    }

    public static Token removeToken(String str, String str2) {
        if (systemPass.get(str2) == null || !systemPass.get(str2).username.equals(str)) {
            return null;
        }
        return systemPass.remove(str2);
    }

    public static Token getToken(String str, String str2) {
        if (systemPass.get(str2) == null || !systemPass.get(str2).username.equals(str)) {
            return null;
        }
        return systemPass.get(str2);
    }

    public boolean commit() throws LoginException {
        if (this.principals.isEmpty()) {
            return false;
        }
        this.subject.getPrincipals().addAll(this.principals);
        return true;
    }

    public boolean abort() throws LoginException {
        if (this.principals.isEmpty()) {
            return false;
        }
        logout();
        return true;
    }

    public boolean logout() throws LoginException {
        this.subject.getPrincipals().removeAll(this.principals);
        this.principals.clear();
        return true;
    }

    private static synchronized String getSystemPass(String str, List<String> list) {
        String obj = idGen.nextIdentifier().toString();
        systemPass.put(obj, new Token(str, list));
        return obj;
    }

    public static Credentials getSystemCredentials() {
        return new SimpleCredentials(SYSTEM, getSystemPass(SYSTEM, null).toCharArray());
    }

    public static Credentials getSystemCredentials(String str) {
        return str == null ? getSystemCredentials() : new SimpleCredentials(SYSTEM + str, getSystemPass(SYSTEM + str, null).toCharArray());
    }

    public static Credentials getSystemCredentials(String str, List<String> list) {
        return str == null ? getSystemCredentials() : new SimpleCredentials(SYSTEM + str, getSystemPass(SYSTEM + str, list).toCharArray());
    }

    public static Credentials getGuestCredentials() {
        return new SimpleCredentials(GUEST, new char[0]);
    }

    public static Credentials getCredentials(String str) {
        return new SimpleCredentials(str, getSystemPass(str, null).toCharArray());
    }

    public static Credentials getCredentials(String str, List<String> list) {
        return new SimpleCredentials(str, getSystemPass(str, list).toCharArray());
    }
}
