package com.sun.xml.wss.impl.misc;

import com.sun.xml.wss.RealmAuthenticationAdapter;
import com.sun.xml.wss.XWSSConstants;
import com.sun.xml.wss.XWSSecurityException;
import java.io.File;
import java.io.IOException;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.HashMap;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.message.callback.CallerPrincipalCallback;
import javax.security.auth.message.callback.PasswordValidationCallback;
import javax.security.auth.x500.X500Principal;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.SAXException;

/* loaded from: input_file:spg-ui-war-3.0.9.war:WEB-INF/lib/xws-security-3.0.jar:com/sun/xml/wss/impl/misc/DefaultRealmAuthenticationAdapter.class */
public class DefaultRealmAuthenticationAdapter extends RealmAuthenticationAdapter {
    private CallbackHandler gfCallbackHandler;
    private HashMap tomcatUsersXML = null;
    private static DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
    private static String classname = "com.sun.enterprise.security.jmac.callback.ContainerCallbackHandler";

    public DefaultRealmAuthenticationAdapter() {
        this.gfCallbackHandler = null;
        if (isGlassfish()) {
            this.gfCallbackHandler = loadGFHandler();
        } else if (isTomcat()) {
            populateTomcatUsersXML();
        }
    }

    private boolean isGlassfish() {
        return System.getProperty("com.sun.aas.installRoot") != null;
    }

    private boolean isTomcat() {
        return System.getProperty("com.sun.aas.installRoot") == null && System.getProperty("catalina.home") != null;
    }

    private boolean authenticateFromTomcatUsersXML(final Subject subject, final String str, final String str2) throws XWSSecurityException {
        if (this.tomcatUsersXML == null) {
            throw new XWSSecurityException("Internal Error: Username Authentication Failed: Could not Load/Locate tomcat-users.xml, Possible Cause is Application is Not Running on TOMCAT ?");
        }
        String str3 = (String) this.tomcatUsersXML.get(str);
        if (str3 == null || !str3.equals(str2)) {
            return false;
        }
        AccessController.doPrivileged(new PrivilegedAction() { // from class: com.sun.xml.wss.impl.misc.DefaultRealmAuthenticationAdapter.1
            @Override // java.security.PrivilegedAction
            public Object run() {
                subject.getPrincipals().add(new X500Principal("CN=" + str));
                if (str2 == null) {
                    return null;
                }
                subject.getPrivateCredentials().add(str2);
                return null;
            }
        });
        return true;
    }

    private boolean authenticateWithGFCBH(Subject subject, String str, String str2) throws XWSSecurityException {
        if (this.gfCallbackHandler == null) {
            throw new XWSSecurityException("Internal Error: Username Authentication Failed: Could not Locate/Load CallbackHandler: " + classname);
        }
        char[] charArray = str2 == null ? null : str2.toCharArray();
        Callback passwordValidationCallback = new PasswordValidationCallback(subject, str, charArray);
        try {
            this.gfCallbackHandler.handle(new Callback[]{passwordValidationCallback});
            if (charArray != null) {
                passwordValidationCallback.clearPassword();
            }
            boolean result = passwordValidationCallback.getResult();
            if (!result) {
                return result;
            }
            try {
                this.gfCallbackHandler.handle(new Callback[]{new CallerPrincipalCallback(subject, str)});
                return result;
            } catch (Exception e) {
                throw new XWSSecurityException(e);
            }
        } catch (Exception e2) {
            throw new XWSSecurityException(e2);
        }
    }

    @Override // com.sun.xml.wss.RealmAuthenticationAdapter
    public boolean authenticate(Subject subject, String str, String str2) throws XWSSecurityException {
        if (isGlassfish()) {
            return authenticateWithGFCBH(subject, str, str2);
        }
        if (isTomcat()) {
            return authenticateFromTomcatUsersXML(subject, str, str2);
        }
        throw new XWSSecurityException("Error: Could not locate default username validator for the container");
    }

    protected CallbackHandler loadGFHandler() {
        Class<?> cls = null;
        try {
            ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
            if (contextClassLoader != null) {
                try {
                    cls = contextClassLoader.loadClass(classname);
                } catch (ClassNotFoundException e) {
                }
            }
            if (cls == null) {
                cls = getClass().getClassLoader().loadClass(classname);
            }
            if (cls != null) {
                return (CallbackHandler) cls.newInstance();
            }
            return null;
        } catch (ClassNotFoundException e2) {
            return null;
        } catch (IllegalAccessException e3) {
            return null;
        } catch (InstantiationException e4) {
            return null;
        }
    }

    private void populateTomcatUsersXML() {
        try {
            File file = new File(System.getProperty("catalina.home") + File.separator + "conf" + File.separator + "tomcat-users.xml");
            if (file.exists()) {
                NodeList elementsByTagName = dbf.newDocumentBuilder().parse(file).getElementsByTagName("user");
                this.tomcatUsersXML = new HashMap();
                for (int i = 0; i < elementsByTagName.getLength(); i++) {
                    NamedNodeMap attributes = elementsByTagName.item(i).getAttributes();
                    Node namedItem = attributes.getNamedItem(XWSSConstants.USERNAME_PROPERTY);
                    if (namedItem == null) {
                        namedItem = attributes.getNamedItem("name");
                    }
                    this.tomcatUsersXML.put(namedItem.getNodeValue(), attributes.getNamedItem("password").getNodeValue());
                }
            }
        } catch (IOException e) {
            throw new RuntimeException(e);
        } catch (ParserConfigurationException e2) {
            throw new RuntimeException(e2);
        } catch (SAXException e3) {
            throw new RuntimeException(e3);
        }
    }
}
