package org.apache.geronimo.jetty8.security;

import java.security.AccessControlContext;
import java.security.Principal;
import javax.security.auth.Subject;
import org.apache.geronimo.jetty8.handler.GeronimoJettyUserIdentity;
import org.apache.geronimo.jetty8.handler.GeronimoRunAsToken;
import org.apache.geronimo.security.Callers;
import org.apache.geronimo.security.ContextManager;
import org.apache.geronimo.security.jacc.RunAsSource;
import org.apache.geronimo.security.jaspi.impl.GeronimoIdentityService;
import org.eclipse.jetty.security.IdentityService;
import org.eclipse.jetty.security.RunAsToken;
import org.eclipse.jetty.server.UserIdentity;

/* loaded from: input_file:org/apache/geronimo/jetty8/security/JettyIdentityService.class */
public class JettyIdentityService extends GeronimoIdentityService implements IdentityService {
    private final AccessControlContext defaultAcc;
    private final Subject defaultSubject;
    private final RunAsSource runAsSource;

    public JettyIdentityService(AccessControlContext accessControlContext, Subject subject, RunAsSource runAsSource) {
        super(subject);
        this.defaultAcc = accessControlContext;
        this.defaultSubject = subject;
        this.runAsSource = runAsSource;
    }

    public Object associate(UserIdentity userIdentity) {
        Callers callers = ContextManager.getCallers();
        if (userIdentity == null) {
            ContextManager.setCallers(this.defaultSubject, this.defaultSubject);
        } else {
            ContextManager.setCallers(userIdentity.getSubject(), userIdentity.getSubject());
        }
        return callers;
    }

    public void disassociate(Object obj) {
        ContextManager.popCallers((Callers) obj);
    }

    public Object setRunAs(UserIdentity userIdentity, RunAsToken runAsToken) {
        GeronimoRunAsToken geronimoRunAsToken = (GeronimoRunAsToken) runAsToken;
        return ContextManager.pushNextCaller(geronimoRunAsToken == null ? null : geronimoRunAsToken.getRunAsSubject());
    }

    public void unsetRunAs(Object obj) {
        ContextManager.popCallers((Callers) obj);
    }

    public UserIdentity newUserIdentity(Subject subject, Principal principal, String[] strArr) {
        return new GeronimoJettyUserIdentity(newUserIdentity(subject));
    }

    public RunAsToken newRunAsToken(String str) {
        return new GeronimoRunAsToken(this.runAsSource.getSubjectForRole(str));
    }

    public UserIdentity getSystemUserIdentity() {
        return new GeronimoJettyUserIdentity(newUserIdentity(this.defaultSubject));
    }
}
