package org.apache.geronimo.jetty6;

import java.security.AccessControlContext;
import java.security.AccessControlException;
import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import javax.security.jacc.WebRoleRefPermission;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.geronimo.security.ContextManager;
import org.apache.geronimo.security.realm.providers.CertificateCallbackHandler;
import org.apache.geronimo.security.realm.providers.PasswordCallbackHandler;
import org.mortbay.jetty.Request;

/* loaded from: input_file:org/apache/geronimo/jetty6/InternalJAASJettyRealm.class */
public class InternalJAASJettyRealm {
    private static Log log = LogFactory.getLog(InternalJAASJettyRealm.class);
    private final String securityRealmName;
    private final HashMap<String, Principal> userMap = new HashMap<>();
    private int count = 1;

    public InternalJAASJettyRealm(String str) {
        this.securityRealmName = str;
    }

    public String getSecurityRealmName() {
        return this.securityRealmName;
    }

    public Principal getPrincipal(String str) {
        return this.userMap.get(str);
    }

    public Principal authenticate(String str, Object obj, Request request) {
        PasswordCallbackHandler certificateCallbackHandler;
        if (str != null) {
            try {
                if (!str.equals("")) {
                    if (((JAASJettyPrincipal) this.userMap.get(str)) != null) {
                        this.userMap.remove(str);
                    }
                    if (obj instanceof char[]) {
                        certificateCallbackHandler = new PasswordCallbackHandler(str, (char[]) obj);
                    } else if (obj instanceof String) {
                        certificateCallbackHandler = new PasswordCallbackHandler(str, ((String) obj).toCharArray());
                    } else {
                        if (!(obj instanceof X509Certificate[])) {
                            throw new LoginException("Cannot extract credentials from class: " + obj.getClass().getName());
                        }
                        X509Certificate[] x509CertificateArr = (X509Certificate[]) obj;
                        if (x509CertificateArr.length < 1) {
                            throw new LoginException("no certificates supplied");
                        }
                        certificateCallbackHandler = new CertificateCallbackHandler(x509CertificateArr[0]);
                    }
                    LoginContext login = ContextManager.login(this.securityRealmName, certificateCallbackHandler);
                    certificateCallbackHandler.clear();
                    Subject subject = login.getSubject();
                    ContextManager.setCallers(subject, subject);
                    JAASJettyPrincipal jAASJettyPrincipal = new JAASJettyPrincipal(str);
                    jAASJettyPrincipal.setSubject(subject);
                    this.userMap.put(str, jAASJettyPrincipal);
                    return jAASJettyPrincipal;
                }
            } catch (LoginException e) {
                log.debug("Login Failed", e);
                return null;
            }
        }
        log.debug("Login Failed - null userID");
        return null;
    }

    public void logout(Principal principal) {
        JAASJettyPrincipal jAASJettyPrincipal = (JAASJettyPrincipal) principal;
        this.userMap.remove(jAASJettyPrincipal.getName());
        ContextManager.unregisterSubject(jAASJettyPrincipal.getSubject());
    }

    public boolean reauthenticate(Principal principal) {
        Subject subject = ((JAASJettyPrincipal) principal).getSubject();
        ContextManager.setCallers(subject, subject);
        return this.userMap.get(principal.getName()) != null;
    }

    public void disassociate(Principal principal) {
    }

    public boolean isUserInRole(Principal principal, String str) {
        if (principal == null || str == null) {
            return false;
        }
        AccessControlContext currentContext = ContextManager.getCurrentContext();
        try {
            String currentServletName = InternalJettyServletHolder.getCurrentServletName();
            if (currentServletName == null || currentServletName.equals("jsp")) {
                currentServletName = "";
            }
            currentContext.checkPermission(new WebRoleRefPermission(currentServletName, str));
            return true;
        } catch (AccessControlException e) {
            return false;
        }
    }

    public Principal pushRole(Principal principal, String str) {
        return principal;
    }

    public Principal popRole(Principal principal) {
        return principal;
    }

    public void addUse() {
        this.count++;
    }

    public int removeUse() {
        int i = this.count;
        this.count = i - 1;
        return i;
    }
}
