package org.apache.jackrabbit.core.security;

import java.util.Iterator;
import javax.jcr.AccessDeniedException;
import javax.jcr.Credentials;
import javax.jcr.Repository;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.jcr.UnsupportedRepositoryOperationException;
import javax.security.auth.Subject;
import org.apache.jackrabbit.api.security.principal.PrincipalManager;
import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.jackrabbit.core.JahiaRepositoryImpl;
import org.apache.jackrabbit.core.config.SecurityConfig;
import org.apache.jackrabbit.core.security.authentication.AuthContext;
import org.apache.jackrabbit.core.security.authentication.AuthContextProvider;
import org.apache.jackrabbit.core.security.principal.PrincipalProviderRegistry;
import org.jahia.jaas.JahiaPrincipal;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/jackrabbit/core/security/JahiaSecurityManager.class */
public class JahiaSecurityManager implements JackrabbitSecurityManager {
    private static final Logger log = LoggerFactory.getLogger(JahiaSecurityManager.class);
    private boolean initialized;
    private JahiaRepositoryImpl repository;
    private Session securitySession;
    private AuthContextProvider authContextProvider;

    public synchronized void init(Repository repository, Session session) throws RepositoryException {
        if (this.initialized) {
            throw new IllegalStateException("already initialized");
        }
        this.securitySession = session;
        this.repository = (JahiaRepositoryImpl) repository;
        SecurityConfig securityConfig = this.repository.getConfig().getSecurityConfig();
        this.authContextProvider = new JahiaAuthContextProvider(securityConfig.getAppName(), securityConfig.getLoginModuleConfig());
        if (this.authContextProvider.isLocal()) {
            log.info("init: use Repository Login-Configuration for " + securityConfig.getAppName());
        } else {
            if (!this.authContextProvider.isJAAS()) {
                String str = "Neither JAAS nor RepositoryConfig contained a valid Configuriation for " + securityConfig.getAppName();
                log.error(str);
                throw new RepositoryException(str);
            }
            log.info("init: use JAAS login-configuration for " + securityConfig.getAppName());
        }
        this.initialized = true;
    }

    public String getUserID(Subject subject, String str) throws RepositoryException {
        Iterator it = subject.getPrincipals(JahiaPrincipal.class).iterator();
        if (it.hasNext()) {
            return ((JahiaPrincipal) it.next()).getName();
        }
        return null;
    }

    public UserManager getUserManager(Session session) throws RepositoryException {
        throw new UnsupportedRepositoryOperationException("UserManager not supported.");
    }

    public PrincipalManager getPrincipalManager(Session session) throws RepositoryException {
        throw new UnsupportedRepositoryOperationException("PrincipalManager not supported.");
    }

    public AccessManager getAccessManager(Session session, AMContext aMContext) throws RepositoryException {
        checkInitialized();
        try {
            if (session instanceof JahiaSystemSession) {
                return ((JahiaSystemSession) session).createAccessManager(((JahiaSystemSession) session).getSubject());
            }
            JahiaAccessManager jahiaAccessManager = new JahiaAccessManager();
            jahiaAccessManager.init(aMContext, null, null, this.repository.getContext(), this.repository.getConfig().getWorkspaceConfig(session.getWorkspace().getName()));
            return jahiaAccessManager;
        } catch (Exception e) {
            log.error("Failed to instantiate JahiaAccessManager", e);
            throw new RepositoryException("Failed to instantiate JahiaAccessManager", e);
        } catch (AccessDeniedException e2) {
            throw e2;
        }
    }

    public AuthContext getAuthContext(Credentials credentials, Subject subject, String str) throws RepositoryException {
        checkInitialized();
        return this.authContextProvider.getAuthContext(credentials, subject, this.securitySession, (PrincipalProviderRegistry) null, JahiaLoginModule.SYSTEM, JahiaLoginModule.GUEST);
    }

    public SecurityConfig getSecurityConfig() throws RepositoryException {
        return this.repository.getConfig().getSecurityConfig();
    }

    public void close() {
        log.info("close");
    }

    public void dispose(String str) {
        log.info("dispose");
    }

    private void checkInitialized() {
        if (!this.initialized) {
            throw new IllegalStateException("Not initialized");
        }
    }
}
