package com.ibm.security.auth.module;

import com.ibm.security.auth.GroupIDPrincipal;
import com.ibm.security.auth.PrimaryGroupIDPrincipal;
import com.ibm.security.auth.UserIDPrincipal;
import com.ibm.security.auth.UsernamePrincipal;
import java.util.LinkedList;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import org.apache.xalan.xsltc.trax.TransformerFactoryImpl;
import org.apache.xerces.impl.xs.SchemaSymbols;

/* loaded from: input_file:efixes/PK01142_nd_linux_i386/components/prereq.jdk/update.jar:/java/jre/lib/ibmjaaslm.jar:com/ibm/security/auth/module/LinuxLoginModule2000.class */
public class LinuxLoginModule2000 implements LoginModule {
    private Subject subject;
    private CallbackHandler callbackHandler;
    private Map sharedState;
    private Map options;
    private LinuxSystem system;
    private UsernamePrincipal userPrincipal;
    private UserIDPrincipal uidPrincipal;
    private PrimaryGroupIDPrincipal gidPrincipal;
    private boolean debug = true;
    private boolean succeeded = false;
    private boolean commitSucceeded = false;
    private LinkedList supplementaryGroups = new LinkedList();

    @Override // javax.security.auth.spi.LoginModule
    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        this.subject = subject;
        this.callbackHandler = callbackHandler;
        this.sharedState = map;
        this.options = map2;
        this.debug = SchemaSymbols.ATTVAL_TRUE.equalsIgnoreCase((String) map2.get(TransformerFactoryImpl.DEBUG));
    }

    @Override // javax.security.auth.spi.LoginModule
    public boolean login() throws LoginException {
        long[] jArr = null;
        this.succeeded = false;
        this.system = new LinuxSystem();
        if (this.system == null) {
            if (this.debug) {
                System.out.println("\t\t[LinuxLoginModule2000] Failed in Linux login");
            }
            throw new FailedLoginException("Failed in attempt to import the underlying Linux system identity information");
        }
        if (this.debug) {
            System.out.println("\t\t[LinuxLoginModule2000]: succeeded importing info: ");
            System.out.println(new StringBuffer().append("\t\t\tuser     = ").append(this.system.getUsername()).toString());
            System.out.println(new StringBuffer().append("\t\t\tuser id  = ").append(this.system.getUid()).toString());
            System.out.println(new StringBuffer().append("\t\t\tgroup id = ").append(this.system.getGid()).toString());
            jArr = this.system.getGroups();
            for (long j : jArr) {
                System.out.println(new StringBuffer().append("\t\t\tsupp gid = ").append(j).toString());
            }
        }
        this.userPrincipal = new UsernamePrincipal(this.system.getUsername());
        this.uidPrincipal = new UserIDPrincipal(this.system.getUid());
        this.gidPrincipal = new PrimaryGroupIDPrincipal(this.system.getGid());
        if (this.system.getGroups() != null && this.system.getGroups().length > 0) {
            jArr = this.system.getGroups();
        }
        for (long j2 : jArr) {
            GroupIDPrincipal groupIDPrincipal = new GroupIDPrincipal(j2);
            if (!groupIDPrincipal.getName().equals(this.gidPrincipal.getName())) {
                this.supplementaryGroups.add(groupIDPrincipal);
            }
        }
        this.succeeded = true;
        return true;
    }

    @Override // javax.security.auth.spi.LoginModule
    public boolean commit() throws LoginException {
        if (!this.succeeded) {
            if (!this.debug) {
                return false;
            }
            System.out.println("\t\t[LinuxLoginModule2000]: did not add any Principals to Subject because own authentication failed.");
            return false;
        }
        if (this.subject.isReadOnly()) {
            throw new LoginException("Subject is ReadOnly");
        }
        Set principals = this.subject.getPrincipals();
        if (!principals.contains(this.userPrincipal)) {
            principals.add(this.userPrincipal);
            if (this.debug) {
                System.out.println("\t\t[LinuxLoginModule2000]: added UsernamePrincipal");
            }
        }
        if (!principals.contains(this.uidPrincipal)) {
            principals.add(this.uidPrincipal);
            if (this.debug) {
                System.out.println("\t\t[LinuxLoginModule2000]: added UserIDPrincipal");
            }
        }
        if (!principals.contains(this.gidPrincipal)) {
            principals.add(this.gidPrincipal);
            if (this.debug) {
                System.out.println("\t\t[LinuxLoginModule2000]: added PrimaryGroupIDPrincipal");
            }
        }
        for (int i = 0; i < this.supplementaryGroups.size(); i++) {
            if (!principals.contains((GroupIDPrincipal) this.supplementaryGroups.get(i))) {
                principals.add((GroupIDPrincipal) this.supplementaryGroups.get(i));
                if (this.debug) {
                    System.out.println("\t\t[LinuxLoginModule2000]: added GroupIDPrincipal");
                }
            }
        }
        this.commitSucceeded = true;
        return true;
    }

    @Override // javax.security.auth.spi.LoginModule
    public boolean abort() throws LoginException {
        if (this.debug) {
            System.out.println("\t\t[LinuxLoginModule2000]: aborted authentication attempt");
        }
        if (!this.succeeded) {
            return false;
        }
        if (!this.succeeded || this.commitSucceeded) {
            logout();
            return true;
        }
        this.system = null;
        this.succeeded = false;
        this.userPrincipal = null;
        this.uidPrincipal = null;
        this.gidPrincipal = null;
        this.supplementaryGroups = null;
        return true;
    }

    @Override // javax.security.auth.spi.LoginModule
    public boolean logout() throws LoginException {
        if (this.subject.isReadOnly()) {
            throw new LoginException("Subject is ReadOnly");
        }
        Set principals = this.subject.getPrincipals();
        principals.remove(this.userPrincipal);
        principals.remove(this.uidPrincipal);
        principals.remove(this.gidPrincipal);
        for (int i = 0; i < this.supplementaryGroups.size(); i++) {
            principals.remove((GroupIDPrincipal) this.supplementaryGroups.get(i));
        }
        this.system = null;
        this.succeeded = false;
        this.commitSucceeded = false;
        this.userPrincipal = null;
        this.uidPrincipal = null;
        this.gidPrincipal = null;
        this.supplementaryGroups = null;
        if (!this.debug) {
            return true;
        }
        System.out.println("\t\t[LinuxLoginModule2000]: logged out Subject");
        return true;
    }
}
