package org.apache.geronimo.jetty8.security;

import java.security.AccessControlContext;
import java.security.Principal;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.message.AuthException;
import javax.security.auth.message.config.AuthConfigFactory;
import javax.security.auth.message.config.AuthConfigProvider;
import javax.security.auth.message.config.RegistrationListener;
import javax.security.auth.message.config.ServerAuthConfig;
import org.apache.geronimo.gbean.annotation.GBean;
import org.apache.geronimo.gbean.annotation.ParamAttribute;
import org.apache.geronimo.gbean.annotation.ParamReference;
import org.apache.geronimo.jetty8.handler.JaccSecurityHandler;
import org.apache.geronimo.jetty8.security.auth.JAASLoginService;
import org.apache.geronimo.security.ContextManager;
import org.apache.geronimo.security.jaas.ConfigurationFactory;
import org.apache.geronimo.security.jacc.RunAsSource;
import org.eclipse.jetty.security.LoginService;
import org.eclipse.jetty.security.SecurityHandler;
import org.eclipse.jetty.security.jaspi.JaspiAuthenticator;
import org.eclipse.jetty.security.jaspi.ServletCallbackHandler;

@GBean
/* loaded from: input_file:org/apache/geronimo/jetty8/security/AuthConfigProviderHandlerFactory.class */
public class AuthConfigProviderHandlerFactory implements SecurityHandlerFactory {
    private static final String POLICY_CONTEXT_ID_KEY = "javax.security.jacc.PolicyContext";
    private final Map authConfigProperties = new HashMap();
    private final Subject serviceSubject = null;
    private final boolean allowLazyAuthentication;
    private final LoginService loginService;
    private final ServerAuthConfig serverAuthConfig;
    private final ServletCallbackHandler servletCallbackHandler;

    public AuthConfigProviderHandlerFactory(@ParamAttribute(name = "messageLayer") String str, @ParamAttribute(name = "appContext") String str2, @ParamAttribute(name = "allowLazyAuthentication") boolean z, @ParamReference(name = "ConfigurationFactory") ConfigurationFactory configurationFactory) throws AuthException {
        this.allowLazyAuthentication = z;
        AuthConfigProvider configProvider = AuthConfigFactory.getFactory().getConfigProvider(str, str2, new RegistrationListener() { // from class: org.apache.geronimo.jetty8.security.AuthConfigProviderHandlerFactory.1
            public void notify(String str3, String str4) {
            }
        });
        this.loginService = new JAASLoginService(configurationFactory, null);
        this.servletCallbackHandler = new ServletCallbackHandler(this.loginService);
        this.serverAuthConfig = configProvider.getServerAuthConfig(str, str2, this.servletCallbackHandler);
    }

    @Override // org.apache.geronimo.jetty8.security.SecurityHandlerFactory
    public SecurityHandler buildSecurityHandler(String str, Subject subject, RunAsSource runAsSource, boolean z) {
        if (subject == null) {
            subject = ContextManager.EMPTY;
        }
        AccessControlContext registerSubjectShort = ContextManager.registerSubjectShort(subject, (Principal) null, (List) null);
        JettyIdentityService jettyIdentityService = new JettyIdentityService(registerSubjectShort, subject, runAsSource);
        this.authConfigProperties.put(POLICY_CONTEXT_ID_KEY, str);
        return new JaccSecurityHandler(str, new JaspiAuthenticator(this.serverAuthConfig, this.authConfigProperties, this.servletCallbackHandler, this.serviceSubject, this.allowLazyAuthentication, jettyIdentityService), this.loginService, jettyIdentityService, registerSubjectShort);
    }
}
