package org.apache.geronimo.tomcat.security.impl;

import java.security.cert.X509Certificate;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginException;
import org.apache.geronimo.security.ContextManager;
import org.apache.geronimo.security.jaas.ConfigurationFactory;
import org.apache.geronimo.security.realm.providers.CertificateChainCallbackHandler;
import org.apache.geronimo.security.realm.providers.PasswordCallbackHandler;
import org.apache.geronimo.tomcat.security.IdentityService;
import org.apache.geronimo.tomcat.security.LoginService;
import org.apache.geronimo.tomcat.security.UserIdentity;

/* loaded from: input_file:org/apache/geronimo/tomcat/security/impl/GeronimoLoginService.class */
public class GeronimoLoginService implements LoginService {
    private final ConfigurationFactory configurationFactory;
    private final IdentityService identityService;

    public GeronimoLoginService(ConfigurationFactory configurationFactory, IdentityService identityService) {
        this.configurationFactory = configurationFactory;
        this.identityService = identityService;
    }

    @Override // org.apache.geronimo.tomcat.security.LoginService
    public UserIdentity login(String str, String str2) {
        return login((CallbackHandler) new PasswordCallbackHandler(str, str2.toCharArray()));
    }

    @Override // org.apache.geronimo.tomcat.security.LoginService
    public UserIdentity login(X509Certificate[] x509CertificateArr) {
        return login((CallbackHandler) new CertificateChainCallbackHandler(x509CertificateArr));
    }

    private UserIdentity login(CallbackHandler callbackHandler) {
        try {
            Subject subject = ContextManager.login(this.configurationFactory.getConfigurationName(), callbackHandler, this.configurationFactory.getConfiguration()).getSubject();
            return this.identityService.newUserIdentity(subject, ContextManager.getCurrentPrincipal(subject), null);
        } catch (LoginException e) {
            return null;
        }
    }

    @Override // org.apache.geronimo.tomcat.security.LoginService
    public void logout(UserIdentity userIdentity) {
    }
}
