package org.apache.jackrabbit.core.security;

import java.io.IOException;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import javax.jcr.Credentials;
import javax.jcr.SimpleCredentials;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;

/* loaded from: input_file:WEB-INF/lib/jackrabbit-core-1.2.2.jar:org/apache/jackrabbit/core/security/SimpleLoginModule.class */
public class SimpleLoginModule implements LoginModule {
    private static final String OPT_ANONYMOUS = "anonymousId";
    private static final String OPT_DEFAULT = "defaultUserId";
    private static final String DEFAULT_ANONYMOUS_ID = "anonymous";
    private Subject subject;
    private CallbackHandler callbackHandler;
    private final Set principals = new HashSet();
    private String anonymousUserId = DEFAULT_ANONYMOUS_ID;
    private String defaultUserId = null;

    public String getAnonymousId() {
        return this.anonymousUserId;
    }

    public void setAnonymousId(String str) {
        this.anonymousUserId = str;
    }

    public String getDefaultUserId() {
        return this.defaultUserId;
    }

    public void setDefaultUserId(String str) {
        this.defaultUserId = str;
    }

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        this.subject = subject;
        this.callbackHandler = callbackHandler;
        String str = (String) map2.get(OPT_ANONYMOUS);
        if (str != null) {
            this.anonymousUserId = str;
        }
        if (map2.containsKey(OPT_DEFAULT)) {
            this.defaultUserId = (String) map2.get(OPT_DEFAULT);
        }
    }

    public boolean login() throws LoginException {
        if (this.callbackHandler == null) {
            throw new LoginException("no CallbackHandler available");
        }
        boolean z = false;
        this.principals.clear();
        try {
            CredentialsCallback credentialsCallback = new CredentialsCallback();
            this.callbackHandler.handle(new Callback[]{credentialsCallback});
            Credentials credentials = credentialsCallback.getCredentials();
            if (credentials != null) {
                if (credentials instanceof SimpleCredentials) {
                    SimpleCredentials simpleCredentials = (SimpleCredentials) credentials;
                    Object attribute = simpleCredentials.getAttribute(SecurityConstants.IMPERSONATOR_ATTRIBUTE);
                    if (attribute == null || (attribute instanceof Subject)) {
                    }
                    if (this.anonymousUserId.equals(simpleCredentials.getUserID())) {
                        this.principals.add(new AnonymousPrincipal());
                    } else {
                        this.principals.add(new UserPrincipal(simpleCredentials.getUserID()));
                    }
                    z = true;
                }
            } else if (this.defaultUserId != null) {
                this.principals.add(new UserPrincipal(this.defaultUserId));
                z = true;
            } else {
                this.principals.add(new AnonymousPrincipal());
                z = true;
            }
            if (z) {
                return !this.principals.isEmpty();
            }
            this.principals.clear();
            throw new FailedLoginException();
        } catch (IOException e) {
            throw new LoginException(e.toString());
        } catch (UnsupportedCallbackException e2) {
            throw new LoginException(new StringBuffer().append(e2.getCallback().toString()).append(" not available").toString());
        }
    }

    public boolean commit() throws LoginException {
        if (this.principals.isEmpty()) {
            return false;
        }
        this.subject.getPrincipals().addAll(this.principals);
        return true;
    }

    public boolean abort() throws LoginException {
        if (this.principals.isEmpty()) {
            return false;
        }
        logout();
        return true;
    }

    public boolean logout() throws LoginException {
        this.subject.getPrincipals().removeAll(this.principals);
        this.principals.clear();
        return true;
    }
}
