package org.eclipse.jetty.security.jaspi.modules;

import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.message.AuthException;
import javax.security.auth.message.AuthStatus;
import javax.security.auth.message.MessageInfo;
import javax.security.auth.message.MessagePolicy;
import javax.security.auth.message.callback.CallerPrincipalCallback;
import javax.security.auth.message.callback.GroupPrincipalCallback;
import javax.security.auth.message.config.ServerAuthContext;
import javax.security.auth.message.module.ServerAuthModule;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.eclipse.jetty.security.authentication.LoginCallbackImpl;
import org.eclipse.jetty.security.jaspi.JaspiMessageInfo;
import org.eclipse.jetty.security.jaspi.callback.CredentialValidationCallback;
import org.eclipse.jetty.util.security.Credential;
import org.eclipse.jetty.util.security.Password;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/jetty-all-9.4.44.v20210927-uber.jar:org/eclipse/jetty/security/jaspi/modules/BaseAuthModule.class
 */
/* loaded from: input_file:WEB-INF/lib/jetty-jaspi-9.4.44.v20210927.jar:org/eclipse/jetty/security/jaspi/modules/BaseAuthModule.class */
public class BaseAuthModule implements ServerAuthModule, ServerAuthContext {
    private static final Class[] SUPPORTED_MESSAGE_TYPES = {HttpServletRequest.class, HttpServletResponse.class};
    protected static final String LOGIN_SERVICE_KEY = "org.eclipse.jetty.security.jaspi.modules.LoginService";
    protected CallbackHandler callbackHandler;

    @Override // javax.security.auth.message.module.ServerAuthModule
    public Class[] getSupportedMessageTypes() {
        return SUPPORTED_MESSAGE_TYPES;
    }

    public BaseAuthModule() {
    }

    public BaseAuthModule(CallbackHandler callbackHandler) {
        this.callbackHandler = callbackHandler;
    }

    @Override // javax.security.auth.message.module.ServerAuthModule
    public void initialize(MessagePolicy messagePolicy, MessagePolicy messagePolicy2, CallbackHandler callbackHandler, Map map) throws AuthException {
        this.callbackHandler = callbackHandler;
    }

    @Override // javax.security.auth.message.ServerAuth
    public void cleanSubject(MessageInfo messageInfo, Subject subject) throws AuthException {
    }

    @Override // javax.security.auth.message.ServerAuth
    public AuthStatus secureResponse(MessageInfo messageInfo, Subject subject) throws AuthException {
        return AuthStatus.SEND_SUCCESS;
    }

    @Override // javax.security.auth.message.ServerAuth
    public AuthStatus validateRequest(MessageInfo messageInfo, Subject subject, Subject subject2) throws AuthException {
        return AuthStatus.SEND_FAILURE;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isMandatory(MessageInfo messageInfo) {
        String str = (String) messageInfo.getMap().get(JaspiMessageInfo.MANDATORY_KEY);
        if (str == null) {
            return false;
        }
        return Boolean.parseBoolean(str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean login(Subject subject, String str, String str2, MessageInfo messageInfo) throws IOException, UnsupportedCallbackException {
        String str3 = new String(Base64.getDecoder().decode(str.substring(str.indexOf(32) + 1)), StandardCharsets.ISO_8859_1);
        int indexOf = str3.indexOf(58);
        return login(subject, str3.substring(0, indexOf), new Password(str3.substring(indexOf + 1)), str2, messageInfo);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean login(Subject subject, String str, Credential credential, String str2, MessageInfo messageInfo) throws IOException, UnsupportedCallbackException {
        CredentialValidationCallback credentialValidationCallback = new CredentialValidationCallback(subject, str, credential);
        this.callbackHandler.handle(new Callback[]{credentialValidationCallback});
        if (credentialValidationCallback.getResult()) {
            Set privateCredentials = subject.getPrivateCredentials(LoginCallbackImpl.class);
            if (!privateCredentials.isEmpty()) {
                LoginCallbackImpl loginCallbackImpl = (LoginCallbackImpl) privateCredentials.iterator().next();
                this.callbackHandler.handle(new Callback[]{new CallerPrincipalCallback(subject, loginCallbackImpl.getUserPrincipal()), new GroupPrincipalCallback(subject, loginCallbackImpl.getRoles())});
            }
            messageInfo.getMap().put(JaspiMessageInfo.AUTH_METHOD_KEY, str2);
        }
        return credentialValidationCallback.getResult();
    }
}
