package com.ibm.ws.security.authentication.jaas.modules;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ffdc.annotation.FFDCIgnore;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.authentication.AuthenticationException;
import com.ibm.ws.security.krb5.Krb5Common;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.HashMap;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:com/ibm/ws/security/authentication/jaas/modules/Krb5LoginModuleWrapper.class */
public class Krb5LoginModuleWrapper implements LoginModule {
    private static final TraceComponent tc = Tr.register(Krb5LoginModuleWrapper.class);
    public CallbackHandler callbackHandler;
    public Subject subject;
    public Map<String, Object> sharedState;
    public Map<String, Object> options;
    public Subject temporarySubject;
    Class<?> krb5LoginModuleClass;
    Method method;
    Object krb5loginModule;
    static final long serialVersionUID = -6204238221397067509L;
    Class[] noparams = new Class[0];
    boolean login_called = false;

    public Krb5LoginModuleWrapper() {
        this.krb5LoginModuleClass = null;
        this.krb5loginModule = null;
        String str = null;
        if (Krb5Common.isIBMJdk18OrLower) {
            str = "com.ibm.security.auth.module.Krb5LoginModule";
        } else if (Krb5Common.isOtherSupportJDKs) {
            str = "com.sun.security.auth.module.Krb5LoginModule";
        } else {
            Tr.error(tc, "Not support JDK vendor and/or version", new Object[0]);
        }
        if (str != null) {
            this.krb5LoginModuleClass = getClassForName(str);
            try {
                this.krb5loginModule = this.krb5LoginModuleClass.newInstance();
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.authentication.jaas.modules.Krb5LoginModuleWrapper", "64", this, new Object[0]);
                e.printStackTrace();
            }
        }
    }

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> map, Map<String, ?> map2) {
        Object obj = null;
        this.callbackHandler = callbackHandler;
        this.subject = subject;
        this.sharedState = map;
        this.options = new HashMap();
        this.options.putAll(map2);
        if (Krb5Common.isOtherSupportJDKs) {
            obj = map2.get("useKeyTab");
        }
        if (obj != null && obj.equals("true")) {
            this.options.put("keyTab", getSystemProperty("KRB5_KTNAME"));
        }
        Class<?>[] clsArr = {Subject.class, CallbackHandler.class, Map.class, Map.class};
        if (this.krb5LoginModuleClass == null) {
            Tr.error(tc, "Not a supported JDK vendor and/or version in Krb5LoginModuleWrapper", new Object[0]);
        }
        try {
            this.method = this.krb5LoginModuleClass.getDeclaredMethod("initialize", clsArr);
            this.method.invoke(this.krb5loginModule, subject, null, map, this.options);
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.authentication.jaas.modules.Krb5LoginModuleWrapper", "103", this, new Object[]{subject, callbackHandler, map, map2});
            e.printStackTrace();
        }
    }

    public boolean login() throws LoginException {
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Krb5Common.debugKrb5LoginModule(this.subject, this.callbackHandler, this.sharedState, this.options);
        }
        if (this.krb5LoginModuleClass == null) {
            return true;
        }
        inVokeMethod("login", this.noparams);
        this.login_called = true;
        return true;
    }

    public boolean commit() throws LoginException {
        if (!this.login_called) {
            return true;
        }
        inVokeMethod("commit", this.noparams);
        return true;
    }

    public boolean abort() throws LoginException {
        if (!this.login_called) {
            return true;
        }
        inVokeMethod("abort", this.noparams);
        return true;
    }

    public boolean logout() throws LoginException {
        if (!this.login_called) {
            return true;
        }
        inVokeMethod("logout", this.noparams);
        return true;
    }

    @FFDCIgnore({InvocationTargetException.class})
    private void inVokeMethod(String str, Class[] clsArr) throws LoginException {
        if (this.krb5LoginModuleClass != null) {
            try {
                this.method = this.krb5LoginModuleClass.getDeclaredMethod(str, clsArr);
                this.method.invoke(this.krb5loginModule, new Object[0]);
            } catch (IllegalAccessException e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.authentication.jaas.modules.Krb5LoginModuleWrapper", "155", this, new Object[]{str, clsArr});
                throw new AuthenticationException(e.getLocalizedMessage(), e);
            } catch (IllegalArgumentException e2) {
                FFDCFilter.processException(e2, "com.ibm.ws.security.authentication.jaas.modules.Krb5LoginModuleWrapper", "157", this, new Object[]{str, clsArr});
                throw new AuthenticationException(e2.getLocalizedMessage(), e2);
            } catch (NoSuchMethodException e3) {
                FFDCFilter.processException(e3, "com.ibm.ws.security.authentication.jaas.modules.Krb5LoginModuleWrapper", "151", this, new Object[]{str, clsArr});
                throw new AuthenticationException(e3.getLocalizedMessage(), e3);
            } catch (SecurityException e4) {
                FFDCFilter.processException(e4, "com.ibm.ws.security.authentication.jaas.modules.Krb5LoginModuleWrapper", "153", this, new Object[]{str, clsArr});
                throw new AuthenticationException(e4.getLocalizedMessage(), e4);
            } catch (InvocationTargetException e5) {
                throw new AuthenticationException(e5.getLocalizedMessage(), e5);
            } catch (Exception e6) {
                FFDCFilter.processException(e6, "com.ibm.ws.security.authentication.jaas.modules.Krb5LoginModuleWrapper", "161", this, new Object[]{str, clsArr});
                throw new AuthenticationException(e6.getLocalizedMessage(), e6);
            }
        }
    }

    private String getSystemProperty(final String str) {
        return (String) AccessController.doPrivileged(new PrivilegedAction() { // from class: com.ibm.ws.security.authentication.jaas.modules.Krb5LoginModuleWrapper.1
            static final long serialVersionUID = 7613258310577502908L;
            private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(AnonymousClass1.class);

            @Override // java.security.PrivilegedAction
            public Object run() {
                return System.getProperty(str);
            }
        });
    }

    private Class<?> getClassForName(String str) {
        Class<?> cls = null;
        try {
            cls = Class.forName(str);
        } catch (ClassNotFoundException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.authentication.jaas.modules.Krb5LoginModuleWrapper", "183", this, new Object[]{str});
            Tr.error(tc, "Exception performing class for name.", new Object[]{e.getLocalizedMessage()});
        }
        return cls;
    }
}
