package org.apache.geronimo.openejb;

import java.lang.reflect.Method;
import java.security.AccessControlContext;
import java.security.AccessControlException;
import java.security.Permission;
import java.security.Principal;
import java.util.Properties;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginException;
import javax.security.jacc.EJBMethodPermission;
import javax.security.jacc.EJBRoleRefPermission;
import org.apache.geronimo.security.Callers;
import org.apache.geronimo.security.ContextManager;
import org.apache.geronimo.security.SubjectId;
import org.apache.openejb.InterfaceType;
import org.apache.openejb.core.CoreDeploymentInfo;
import org.apache.openejb.core.ThreadContext;
import org.apache.openejb.core.security.jaas.UsernamePasswordCallbackHandler;
import org.apache.openejb.spi.SecurityService;

/* loaded from: input_file:org/apache/geronimo/openejb/GeronimoSecurityService.class */
public class GeronimoSecurityService implements SecurityService {
    public void init(Properties properties) throws Exception {
    }

    public Object login(String str, String str2) throws LoginException {
        return login("OpenEJB", str, str2);
    }

    public Object login(String str, String str2, String str3) throws LoginException {
        return ContextManager.getSubjectId(ContextManager.login(str, new UsernamePasswordCallbackHandler(str2, str3)).getSubject());
    }

    public void logout(Object obj) {
        ContextManager.unregisterSubject(ContextManager.getRegisteredSubject((SubjectId) obj));
    }

    public void associate(Object obj) throws LoginException {
        Subject registeredSubject;
        if (obj == null || (registeredSubject = ContextManager.getRegisteredSubject((SubjectId) obj)) == null) {
            return;
        }
        ContextManager.setCallers(registeredSubject, registeredSubject);
    }

    public Object disassociate() {
        ContextManager.popCallers((Callers) null);
        return null;
    }

    public boolean isCallerAuthorized(Method method, InterfaceType interfaceType) {
        try {
            CoreDeploymentInfo deploymentInfo = ThreadContext.getThreadContext().getDeploymentInfo();
            EjbDeployment ejbDeployment = (EjbDeployment) deploymentInfo.get(EjbDeployment.class);
            if (ejbDeployment == null || !ejbDeployment.isSecurityEnabled()) {
                return true;
            }
            String ejbName = deploymentInfo.getEjbName();
            InterfaceType interfaceType2 = deploymentInfo.getInterfaceType(method.getDeclaringClass());
            Permission eJBMethodPermission = new EJBMethodPermission(ejbName, interfaceType2 == null ? null : interfaceType2.getSpecName(), method);
            AccessControlContext currentContext = ContextManager.getCurrentContext();
            if (eJBMethodPermission != null) {
                currentContext.checkPermission(eJBMethodPermission);
            }
            return true;
        } catch (AccessControlException e) {
            return false;
        }
    }

    public boolean isCallerInRole(String str) {
        if (str == null) {
            throw new IllegalArgumentException("Role must not be null");
        }
        CoreDeploymentInfo deploymentInfo = ThreadContext.getThreadContext().getDeploymentInfo();
        EjbDeployment ejbDeployment = (EjbDeployment) deploymentInfo.get(EjbDeployment.class);
        if (ejbDeployment == null || !ejbDeployment.isSecurityEnabled()) {
            return false;
        }
        String ejbName = deploymentInfo.getEjbName();
        if (ejbName == null) {
            throw new IllegalArgumentException("EJBName must not be null");
        }
        try {
            ContextManager.getCurrentContext().checkPermission(new EJBRoleRefPermission(ejbName, str));
            return true;
        } catch (AccessControlException e) {
            return false;
        }
    }

    public Principal getCallerPrincipal() {
        EjbDeployment ejbDeployment = (EjbDeployment) ThreadContext.getThreadContext().getDeploymentInfo().get(EjbDeployment.class);
        if (ejbDeployment == null || !ejbDeployment.isSecurityEnabled()) {
            return null;
        }
        return ContextManager.getCurrentPrincipal(ContextManager.getCurrentCaller());
    }

    public Object getSecurityIdentity() {
        return null;
    }

    public void setSecurityIdentity(Object obj) {
        throw new UnsupportedOperationException();
    }

    public <T> T translateTo(Object obj, Class<T> cls) {
        throw new UnsupportedOperationException();
    }

    public Subject getCurrentSubject() {
        throw new UnsupportedOperationException();
    }
}
