package org.apache.hadoop.shaded.org.apache.kerby.kerberos.kerb.client;

import java.io.File;
import java.io.IOException;
import java.util.HashMap;
import java.util.HashSet;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.kerberos.KerberosPrincipal;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.Configuration;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.apache.hadoop.shaded.org.apache.kerby.kerberos.kerb.client.jaas.TokenAuthLoginModule;

/* loaded from: input_file:org/apache/hadoop/shaded/org/apache/kerby/kerberos/kerb/client/JaasKrbUtil.class */
public final class JaasKrbUtil {
    public static final boolean ENABLE_DEBUG = false;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/apache/hadoop/shaded/org/apache/kerby/kerberos/kerb/client/JaasKrbUtil$KeytabJaasConf.class */
    public static class KeytabJaasConf extends Configuration {
        private String principal;
        private File keytabFile;

        KeytabJaasConf(String str, File file) {
            this.principal = str;
            this.keytabFile = file;
        }

        public AppConfigurationEntry[] getAppConfigurationEntry(String str) {
            HashMap hashMap = new HashMap();
            hashMap.put("keyTab", this.keytabFile.getAbsolutePath());
            hashMap.put(TokenAuthLoginModule.PRINCIPAL, this.principal);
            hashMap.put("useKeyTab", "true");
            hashMap.put("storeKey", "true");
            hashMap.put("doNotPrompt", "true");
            hashMap.put("renewTGT", "false");
            hashMap.put("refreshKrb5Config", "true");
            hashMap.put("isInitiator", "true");
            hashMap.put("debug", String.valueOf(false));
            return new AppConfigurationEntry[]{new AppConfigurationEntry(JaasKrbUtil.access$000(), AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, hashMap)};
        }
    }

    /* loaded from: input_file:org/apache/hadoop/shaded/org/apache/kerby/kerberos/kerb/client/JaasKrbUtil$KrbCallbackHandler.class */
    public static class KrbCallbackHandler implements CallbackHandler {
        private String principal;
        private String password;

        public KrbCallbackHandler(String str, String str2) {
            this.principal = str;
            this.password = str2;
        }

        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
            for (int i = 0; i < callbackArr.length; i++) {
                if (callbackArr[i] instanceof PasswordCallback) {
                    PasswordCallback passwordCallback = (PasswordCallback) callbackArr[i];
                    if (passwordCallback.getPrompt().contains(this.principal)) {
                        passwordCallback.setPassword(this.password.toCharArray());
                        return;
                    }
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/apache/hadoop/shaded/org/apache/kerby/kerberos/kerb/client/JaasKrbUtil$PasswordJaasConf.class */
    public static class PasswordJaasConf extends Configuration {
        private String principal;

        PasswordJaasConf(String str) {
            this.principal = str;
        }

        public AppConfigurationEntry[] getAppConfigurationEntry(String str) {
            HashMap hashMap = new HashMap();
            hashMap.put(TokenAuthLoginModule.PRINCIPAL, this.principal);
            hashMap.put("storeKey", "true");
            hashMap.put("useTicketCache", "true");
            hashMap.put("useKeyTab", "false");
            hashMap.put("renewTGT", "true");
            hashMap.put("refreshKrb5Config", "true");
            hashMap.put("isInitiator", "true");
            hashMap.put("debug", String.valueOf(false));
            return new AppConfigurationEntry[]{new AppConfigurationEntry(JaasKrbUtil.access$000(), AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, hashMap)};
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/apache/hadoop/shaded/org/apache/kerby/kerberos/kerb/client/JaasKrbUtil$TicketCacheJaasConf.class */
    public static class TicketCacheJaasConf extends Configuration {
        private String principal;
        private File clientCredentialFile;

        TicketCacheJaasConf(String str, File file) {
            this.principal = str;
            this.clientCredentialFile = file;
        }

        public AppConfigurationEntry[] getAppConfigurationEntry(String str) {
            HashMap hashMap = new HashMap();
            hashMap.put(TokenAuthLoginModule.PRINCIPAL, this.principal);
            hashMap.put("storeKey", "false");
            hashMap.put("doNotPrompt", "false");
            hashMap.put("useTicketCache", "true");
            hashMap.put("renewTGT", "true");
            hashMap.put("refreshKrb5Config", "true");
            hashMap.put("isInitiator", "true");
            hashMap.put("ticketCache", this.clientCredentialFile.getAbsolutePath());
            hashMap.put("debug", String.valueOf(false));
            return new AppConfigurationEntry[]{new AppConfigurationEntry(JaasKrbUtil.access$000(), AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, hashMap)};
        }
    }

    private JaasKrbUtil() {
    }

    public static Subject loginUsingPassword(String str, String str2) throws LoginException {
        HashSet hashSet = new HashSet();
        hashSet.add(new KerberosPrincipal(str));
        LoginContext loginContext = new LoginContext("PasswordConf", new Subject(false, hashSet, new HashSet(), new HashSet()), new KrbCallbackHandler(str, str2), usePassword(str));
        loginContext.login();
        return loginContext.getSubject();
    }

    public static Subject loginUsingTicketCache(String str, File file) throws LoginException {
        HashSet hashSet = new HashSet();
        hashSet.add(new KerberosPrincipal(str));
        LoginContext loginContext = new LoginContext("TicketCacheConf", new Subject(false, hashSet, new HashSet(), new HashSet()), (CallbackHandler) null, useTicketCache(str, file));
        loginContext.login();
        return loginContext.getSubject();
    }

    public static Subject loginUsingKeytab(String str, File file) throws LoginException {
        HashSet hashSet = new HashSet();
        hashSet.add(new KerberosPrincipal(str));
        LoginContext loginContext = new LoginContext("KeytabConf", new Subject(false, hashSet, new HashSet(), new HashSet()), (CallbackHandler) null, useKeytab(str, file));
        loginContext.login();
        return loginContext.getSubject();
    }

    public static Configuration usePassword(String str) {
        return new PasswordJaasConf(str);
    }

    public static Configuration useTicketCache(String str, File file) {
        return new TicketCacheJaasConf(str, file);
    }

    public static Configuration useKeytab(String str, File file) {
        return new KeytabJaasConf(str, file);
    }

    private static String getKrb5LoginModuleName() {
        return System.getProperty("java.vendor").contains("IBM") ? "org.apache.hadoop.shaded.com.ibm.security.auth.module.Krb5LoginModule" : "com.sun.security.auth.module.Krb5LoginModule";
    }

    static /* synthetic */ String access$000() {
        return getKrb5LoginModuleName();
    }
}
