package com.urbancode.anthill3.domain.authentication.securid;

import com.rsa.authagent.authapi.AuthSession;
import com.rsa.authagent.authapi.AuthSessionFactory;
import com.urbancode.anthill3.domain.authentication.BaseLoginModule;
import com.urbancode.anthill3.domain.persistent.PersistenceException;
import com.urbancode.anthill3.domain.security.UserFactory;
import com.urbancode.anthill3.domain.summary.buildworkflow.BuildWorkflowSummary;
import com.urbancode.anthill3.main.server.AnthillServer;
import java.io.File;
import java.io.IOException;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/urbancode/anthill3/domain/authentication/securid/SecurIDLoginModule.class */
public final class SecurIDLoginModule extends BaseLoginModule implements LoginModule {
    private static final Logger log = Logger.getLogger(SecurIDLoginModule.class);
    private AuthSessionFactory sessionFactory;

    @Override // com.urbancode.anthill3.domain.authentication.BaseLoginModule
    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        super.initialize(subject, callbackHandler, map, map2);
        log.debug("SecurIDLoginModule.initialize");
        try {
            this.sessionFactory = AuthSessionFactory.getInstance(new File(AnthillServer.getInstance().getAnthillHome(), "conf/rsa_api.properties").getAbsolutePath());
            if (this.sessionFactory == null) {
                this.sessionFactory = AuthSessionFactory.getInstance();
            }
            log.debug("SecurIDLoginModule.initialize done");
        } catch (Exception e) {
            log.error("Error getting Session factory", e);
            throw new RuntimeException("Error getting Session factory", e);
        }
    }

    @Override // com.urbancode.anthill3.domain.authentication.BaseLoginModule
    public boolean login() throws LoginException {
        log.debug("SecurIDLoginModule.login");
        this.succeeded = false;
        Callback[] callbacks = getCallbacks();
        this.userName = getUserName(callbacks);
        String passcode = getPasscode(this.userName, callbacks);
        try {
            try {
                try {
                    log.debug("call AuthSessionFactory.getInstance()");
                    AuthSession createUserSession = this.sessionFactory.createUserSession();
                    log.debug("got apiContext");
                    int check = createUserSession.check(this.userName, passcode);
                    log.debug("status from AuthSession.check(): " + check);
                    switch (check) {
                        case 0:
                        case 2:
                        case BuildWorkflowSummary.FIRST_SUCCESS /* 5 */:
                            this.succeeded = true;
                            this.user = UserFactory.getInstance().restoreForName(this.userName);
                            break;
                    }
                    createUserSession.close();
                    addToFailedUsers(this.userName);
                } catch (Exception e) {
                    log.error("apiContext failed", e);
                    addToFailedUsers(this.userName);
                }
                log.debug("SecurIDLoginModule.login done");
                return this.succeeded;
            } catch (PersistenceException e2) {
                throw newLoginException(e2.getMessage(), e2);
            }
        } catch (Throwable th) {
            addToFailedUsers(this.userName);
            throw th;
        }
    }

    private Callback[] getCallbacks() throws LoginException {
        if (this.callbackHandler == null) {
            newLoginException("No CallbackHandler Specified", null);
        }
        if (this.sessionFactory == null) {
            newLoginException("sessionFactory not specified", null);
        }
        Callback[] callbackArr = {new NameCallback("SecurIDUser: "), new PasswordCallback("SecurIDPasscode: ", false)};
        try {
            this.callbackHandler.handle(callbackArr);
        } catch (IOException e) {
            newLoginException(e.getMessage(), e);
        } catch (UnsupportedCallbackException e2) {
            newLoginException(e2.getMessage(), e2);
        }
        return callbackArr;
    }

    private String getUserName(Callback[] callbackArr) throws LoginException {
        String name = ((NameCallback) callbackArr[0]).getName();
        if (name == null) {
            newLoginException("Username not supplied.", null);
        }
        log.debug("\tSecurdID Name\t= " + name);
        return name;
    }

    private String getPasscode(String str, Callback[] callbackArr) throws LoginException {
        PasswordCallback passwordCallback = (PasswordCallback) callbackArr[1];
        char[] password = passwordCallback.getPassword();
        passwordCallback.clearPassword();
        if (password == null || password.length < 1) {
            newLoginException("Authentication Failed: User " + str + ".  Password not supplied", null);
        }
        String str2 = new String(password);
        log.debug("\tSecurdID \t= " + str2);
        return str2;
    }
}
