package org.apache.geronimo.tomcat.security.authentication;

import java.io.IOException;
import javax.security.auth.callback.CallbackHandler;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletResponse;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
import org.apache.geronimo.security.realm.providers.RequestCallbackHandler;
import org.apache.geronimo.tomcat.security.AuthResult;
import org.apache.geronimo.tomcat.security.Authenticator;
import org.apache.geronimo.tomcat.security.LoginService;
import org.apache.geronimo.tomcat.security.ServerAuthException;
import org.apache.geronimo.tomcat.security.TomcatAuthStatus;
import org.apache.geronimo.tomcat.security.UserIdentity;

/* loaded from: input_file:org/apache/geronimo/tomcat/security/authentication/GenericHeaderAuthenticator.class */
public class GenericHeaderAuthenticator implements Authenticator {
    private static final String GENERIC_AUTH = "GENERIC";
    private final LoginService loginService;
    private final UserIdentity unauthenticatedIdentity;

    public GenericHeaderAuthenticator(LoginService loginService, UserIdentity userIdentity) {
        this.loginService = loginService;
        this.unauthenticatedIdentity = userIdentity;
    }

    @Override // org.apache.geronimo.tomcat.security.Authenticator
    public AuthResult validateRequest(Request request, HttpServletResponse httpServletResponse, boolean z, UserIdentity userIdentity) throws ServerAuthException {
        try {
            UserIdentity login = this.loginService.login((CallbackHandler) new RequestCallbackHandler(request.getRequest()));
            if (login != null) {
                return new AuthResult(TomcatAuthStatus.SUCCESS, login, false);
            }
            httpServletResponse.sendError(401);
            return new AuthResult(TomcatAuthStatus.FAILURE, this.unauthenticatedIdentity, false);
        } catch (IOException e) {
            throw new ServerAuthException(e);
        }
    }

    @Override // org.apache.geronimo.tomcat.security.Authenticator
    public boolean secureResponse(Request request, Response response, AuthResult authResult) throws ServerAuthException {
        return false;
    }

    @Override // org.apache.geronimo.tomcat.security.Authenticator
    public String getAuthType() {
        return GENERIC_AUTH;
    }

    @Override // org.apache.geronimo.tomcat.security.Authenticator
    public AuthResult login(String str, String str2, Request request) throws ServletException {
        UserIdentity login = this.loginService.login(str, str2);
        return login != null ? new AuthResult(TomcatAuthStatus.SUCCESS, login, true) : new AuthResult(TomcatAuthStatus.FAILURE, null, false);
    }

    @Override // org.apache.geronimo.tomcat.security.Authenticator
    public void logout(Request request) throws ServletException {
    }
}
