package org.apache.openejb.core.security.jaas;

import java.io.IOException;
import java.security.Principal;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Map;
import java.util.ServiceLoader;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import org.apache.openejb.util.LogCategory;
import org.apache.openejb.util.Logger;
import org.apache.openjpa.conf.AutoDetachValue;

/* loaded from: input_file:lib/openejb-core-8.0.0-M1.jar:org/apache/openejb/core/security/jaas/ServiceProviderLoginModule.class */
public class ServiceProviderLoginModule implements LoginModule {
    private static final Logger log = Logger.getInstance(LogCategory.OPENEJB_SECURITY, "org.apache.openejb.util.resources");
    private Subject subject;
    private CallbackHandler callbackHandler;
    private ServiceLoader<LoginProvider> loader;
    public Set<Principal> principals = new LinkedHashSet();
    private UserData userData;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:lib/openejb-core-8.0.0-M1.jar:org/apache/openejb/core/security/jaas/ServiceProviderLoginModule$UserData.class */
    public final class UserData {
        public final String user;
        public final String pass;
        public final Set<String> groups;

        private UserData(String str, String str2) {
            this.groups = new HashSet();
            this.user = str;
            this.pass = str2;
        }
    }

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> map, Map<String, ?> map2) {
        this.subject = subject;
        this.callbackHandler = callbackHandler;
        this.loader = ServiceLoader.load(LoginProvider.class);
    }

    private UserData getUserData() throws LoginException {
        NameCallback[] nameCallbackArr = {new NameCallback("Username: "), new PasswordCallback("Password: ", false)};
        try {
            this.callbackHandler.handle(nameCallbackArr);
            String name = nameCallbackArr[0].getName();
            char[] password = ((PasswordCallback) nameCallbackArr[1]).getPassword();
            if (password == null) {
                password = new char[0];
            }
            return new UserData(name, new String(password));
        } catch (IOException e) {
            throw new LoginException(e.getMessage());
        } catch (UnsupportedCallbackException e2) {
            throw new LoginException(e2.getMessage() + " not available to obtain information from user");
        }
    }

    public boolean login() throws LoginException {
        Iterator<LoginProvider> it = this.loader.iterator();
        if (!it.hasNext()) {
            throw new FailedLoginException("No LoginProvider defined.");
        }
        this.userData = getUserData();
        while (it.hasNext()) {
            List<String> authenticate = it.next().authenticate(this.userData.user, this.userData.pass);
            if (authenticate != null) {
                this.userData.groups.addAll(authenticate);
            }
        }
        return true;
    }

    public boolean commit() throws LoginException {
        this.principals.add(new UserPrincipal(this.userData.user));
        Iterator<String> it = this.userData.groups.iterator();
        while (it.hasNext()) {
            this.principals.add(new GroupPrincipal(it.next()));
        }
        this.subject.getPrincipals().addAll(this.principals);
        clear();
        log.debug(AutoDetachValue.DETACH_COMMIT);
        return true;
    }

    public boolean abort() throws LoginException {
        clear();
        log.debug("abort");
        return true;
    }

    public boolean logout() throws LoginException {
        this.subject.getPrincipals().removeAll(this.principals);
        this.principals.clear();
        log.debug("logout");
        return true;
    }

    private void clear() {
        this.userData = null;
    }
}
