package com.urbancode.anthill3.domain.authentication;

import com.urbancode.anthill3.domain.authtoken.AuthToken;
import com.urbancode.anthill3.domain.authtoken.AuthTokenFactory;
import com.urbancode.anthill3.domain.persistent.PersistenceException;
import com.urbancode.anthill3.domain.security.AuthorizationException;
import com.urbancode.anthill3.domain.security.Role;
import com.urbancode.anthill3.domain.security.User;
import com.urbancode.anthill3.domain.security.UserFactory;
import com.urbancode.anthill3.services.authtoken.AuthTokenService;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import org.apache.commons.lang3.StringUtils;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/urbancode/anthill3/domain/authentication/AuthTokenLoginModule.class */
public class AuthTokenLoginModule extends BaseLoginModule implements LoginModule {
    public static final String PASSWORD_IS_AUTH_TOKEN_USERNAME = "PasswordIsAuthToken";
    private static Logger log = Logger.getLogger(AuthTokenLoginModule.class);

    @Override // com.urbancode.anthill3.domain.authentication.BaseLoginModule
    public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> map, Map<String, ?> map2) {
        this.subject = subject;
        this.callbackHandler = callbackHandler;
        this.realm = null;
        this.authorizationCallbacks = new Callback[0];
        this.evaluateRoles = false;
    }

    @Override // com.urbancode.anthill3.domain.authentication.BaseLoginModule
    public boolean login() throws LoginException {
        AuthTokenService.getInstance();
        AuthTokenFactory authTokenFactory = AuthTokenFactory.getInstance();
        UserFactory userFactory = UserFactory.getInstance();
        ArrayList arrayList = new ArrayList();
        HttpHeaderCallback httpHeaderCallback = new HttpHeaderCallback(AuthTokenService.AUTH_TOKEN_HEADER);
        arrayList.add(httpHeaderCallback);
        NameCallback nameCallback = new NameCallback("username: ");
        arrayList.add(nameCallback);
        PasswordCallback passwordCallback = new PasswordCallback("password: ", false);
        arrayList.add(passwordCallback);
        ClientHostCallback clientHostCallback = new ClientHostCallback();
        arrayList.add(clientHostCallback);
        try {
            this.callbackHandler.handle((Callback[]) arrayList.toArray(new Callback[0]));
            String name = nameCallback.getName();
            String host = clientHostCallback.getHost();
            char[] password = passwordCallback.getPassword();
            if (password == null) {
                password = new char[0];
            }
            String str = new String(password);
            String str2 = null;
            if (httpHeaderCallback != null) {
                str2 = httpHeaderCallback.getHeaderValue();
            }
            if (StringUtils.isEmpty(str2) && PASSWORD_IS_AUTH_TOKEN_USERNAME.equals(name)) {
                str2 = str;
            }
            if (!StringUtils.isEmpty(str2)) {
                try {
                    AuthToken restoreForToken = authTokenFactory.restoreForToken(str2);
                    if (restoreForToken != null && !restoreForToken.isExpired()) {
                        User restore = userFactory.restore(restoreForToken.getUserId());
                        if (restore != null) {
                            if (restore.isInactive()) {
                                log.warn(String.format("Inactive user %s tried to authenticate with an auth-token", this.user.getName()));
                            } else {
                                this.user = restore;
                                this.userName = this.user.getName();
                                authTokenFactory.updateLastUsedForToken(restoreForToken, host);
                            }
                        }
                        this.succeeded = this.user != null;
                    }
                } catch (PersistenceException e) {
                    throw newLoginException("Error while looking up user.", e);
                }
            }
            return this.succeeded;
        } catch (IOException e2) {
            throw newLoginException("Error while authorizing user login.", e2);
        } catch (UnsupportedCallbackException e3) {
            throw newLoginException("Error while authorizing user login.", e3);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.urbancode.anthill3.domain.authentication.BaseLoginModule
    public void getOrCreateUser(String str) throws LoginException {
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.urbancode.anthill3.domain.authentication.BaseLoginModule
    public Role[] getUserRoles() throws AuthorizationException {
        throw new UnsupportedOperationException("AuthTokens can not evalute user roles");
    }
}
