package javax.security.auth.login;

import com.ibm.security.util.Debug;
import com.ibm.security.util.ResourcesMgr;
import java.io.IOException;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.Security;
import java.text.MessageFormat;
import java.util.HashMap;
import java.util.Map;
import javax.security.auth.AuthPermission;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.AppConfigurationEntry;

/* loaded from: input_file:efixes/PQ88973_nd_aix/components/prereq.jdk/update.jar:/java/jre/lib/security.jar:javax/security/auth/login/LoginContext.class */
public class LoginContext {
    private static final String INIT_METHOD = "initialize";
    private static final String LOGIN_METHOD = "login";
    private static final String COMMIT_METHOD = "commit";
    private static final String ABORT_METHOD = "abort";
    private static final String LOGOUT_METHOD = "logout";
    private static final String OTHER = "other";
    private static final String DEFAULT_HANDLER = "auth.login.defaultCallbackHandler";
    private Subject subject;
    private boolean subjectProvided;
    private boolean loginSucceeded;
    private CallbackHandler callbackHandler;
    private Map state;
    private Configuration config;
    private ModuleInfo[] moduleStack;
    private ClassLoader contextClassLoader;
    private static final Class[] PARAMS = new Class[0];
    private static final Debug debug = Debug.getInstance("logincontext", "\t[LoginContext]");

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:efixes/PQ88973_nd_aix/components/prereq.jdk/update.jar:/java/jre/lib/security.jar:javax/security/auth/login/LoginContext$ModuleInfo.class */
    public static class ModuleInfo {
        AppConfigurationEntry entry;
        Object module;

        ModuleInfo(AppConfigurationEntry appConfigurationEntry, Object obj) {
            this.entry = appConfigurationEntry;
            this.module = obj;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:efixes/PQ88973_nd_aix/components/prereq.jdk/update.jar:/java/jre/lib/security.jar:javax/security/auth/login/LoginContext$SecureCallbackHandler.class */
    public class SecureCallbackHandler implements CallbackHandler {
        private final AccessControlContext acc;
        private final CallbackHandler ch;
        private final LoginContext this$0;

        SecureCallbackHandler(LoginContext loginContext, AccessControlContext accessControlContext, CallbackHandler callbackHandler) {
            this.this$0 = loginContext;
            this.acc = accessControlContext;
            this.ch = callbackHandler;
        }

        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
            try {
                AccessController.doPrivileged(new PrivilegedExceptionAction(this, callbackArr) { // from class: javax.security.auth.login.LoginContext.5
                    private final Callback[] val$finalCallbacks;
                    private final SecureCallbackHandler this$1;

                    {
                        this.this$1 = this;
                        this.val$finalCallbacks = callbackArr;
                    }

                    @Override // java.security.PrivilegedExceptionAction
                    public Object run() throws IOException, UnsupportedCallbackException {
                        this.this$1.ch.handle(this.val$finalCallbacks);
                        return null;
                    }
                }, this.acc);
            } catch (PrivilegedActionException e) {
                if (!(e.getException() instanceof IOException)) {
                    throw ((UnsupportedCallbackException) e.getException());
                }
                throw ((IOException) e.getException());
            }
        }
    }

    private void init(String str) throws LoginException {
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(new AuthPermission(new StringBuffer().append("createLoginContext.").append(str).toString()));
        }
        if (str == null) {
            throw new LoginException(ResourcesMgr.getString("Invalid null input: name"));
        }
        if (this.config == null) {
            this.config = (Configuration) AccessController.doPrivileged(new PrivilegedAction(this) { // from class: javax.security.auth.login.LoginContext.1
                private final LoginContext this$0;

                {
                    this.this$0 = this;
                }

                @Override // java.security.PrivilegedAction
                public Object run() {
                    return Configuration.getConfiguration();
                }
            });
        }
        AppConfigurationEntry[] appConfigurationEntry = this.config.getAppConfigurationEntry(str);
        if (appConfigurationEntry == null) {
            if (securityManager != null) {
                securityManager.checkPermission(new AuthPermission("createLoginContext.other"));
            }
            appConfigurationEntry = this.config.getAppConfigurationEntry("other");
            if (appConfigurationEntry == null) {
                throw new LoginException(new MessageFormat(ResourcesMgr.getString("No LoginModules configured for name")).format(new Object[]{str}));
            }
        }
        this.moduleStack = new ModuleInfo[appConfigurationEntry.length];
        for (int i = 0; i < appConfigurationEntry.length; i++) {
            this.moduleStack[i] = new ModuleInfo(new AppConfigurationEntry(appConfigurationEntry[i].getLoginModuleName(), appConfigurationEntry[i].getControlFlag(), appConfigurationEntry[i].getOptions()), null);
        }
        this.contextClassLoader = (ClassLoader) AccessController.doPrivileged(new PrivilegedAction(this) { // from class: javax.security.auth.login.LoginContext.2
            private final LoginContext this$0;

            {
                this.this$0 = this;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                return Thread.currentThread().getContextClassLoader();
            }
        });
    }

    private void loadDefaultCallbackHandler() throws LoginException {
        try {
            this.callbackHandler = (CallbackHandler) AccessController.doPrivileged(new PrivilegedExceptionAction(this, this.contextClassLoader) { // from class: javax.security.auth.login.LoginContext.3
                private final ClassLoader val$finalLoader;
                private final LoginContext this$0;

                {
                    this.this$0 = this;
                    this.val$finalLoader = r5;
                }

                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    String property = Security.getProperty(LoginContext.DEFAULT_HANDLER);
                    if (property == null || property.length() == 0) {
                        return null;
                    }
                    return Class.forName(property, true, this.val$finalLoader).newInstance();
                }
            });
            if (this.callbackHandler != null) {
                this.callbackHandler = new SecureCallbackHandler(this, AccessController.getContext(), this.callbackHandler);
            }
        } catch (PrivilegedActionException e) {
            throw new LoginException(e.getException().toString());
        }
    }

    public LoginContext(String str) throws LoginException {
        this.subject = null;
        this.subjectProvided = false;
        this.loginSucceeded = false;
        this.state = new HashMap();
        this.contextClassLoader = null;
        init(str);
        loadDefaultCallbackHandler();
    }

    public LoginContext(String str, Subject subject) throws LoginException {
        this.subject = null;
        this.subjectProvided = false;
        this.loginSucceeded = false;
        this.state = new HashMap();
        this.contextClassLoader = null;
        init(str);
        if (subject == null) {
            throw new LoginException(ResourcesMgr.getString("invalid null Subject provided"));
        }
        this.subject = subject;
        this.subjectProvided = true;
        loadDefaultCallbackHandler();
    }

    public LoginContext(String str, CallbackHandler callbackHandler) throws LoginException {
        this.subject = null;
        this.subjectProvided = false;
        this.loginSucceeded = false;
        this.state = new HashMap();
        this.contextClassLoader = null;
        init(str);
        if (callbackHandler == null) {
            throw new LoginException(ResourcesMgr.getString("invalid null CallbackHandler provided"));
        }
        this.callbackHandler = new SecureCallbackHandler(this, AccessController.getContext(), callbackHandler);
    }

    public LoginContext(String str, Subject subject, CallbackHandler callbackHandler) throws LoginException {
        this(str, subject);
        if (callbackHandler == null) {
            throw new LoginException(ResourcesMgr.getString("invalid null CallbackHandler provided"));
        }
        this.callbackHandler = new SecureCallbackHandler(this, AccessController.getContext(), callbackHandler);
    }

    public void login() throws LoginException {
        this.loginSucceeded = false;
        synchronized (this) {
            if (this.subject == null) {
                this.subject = new Subject();
            }
        }
        try {
            invokeModule(LOGIN_METHOD);
            invokeModule(COMMIT_METHOD);
            this.loginSucceeded = true;
        } catch (LoginException e) {
            try {
                invokeModule(ABORT_METHOD);
                throw e;
            } catch (LoginException e2) {
                throw e;
            }
        }
    }

    public void logout() throws LoginException {
        synchronized (this) {
            if (this.subject == null) {
                throw new LoginException(ResourcesMgr.getString("null subject - logout called before login"));
            }
        }
        invokeModule(LOGOUT_METHOD);
    }

    public Subject getSubject() {
        if (this.loginSucceeded || this.subjectProvided) {
            return this.subject;
        }
        return null;
    }

    private void throwException(LoginException loginException, LoginException loginException2) throws LoginException {
        throw (loginException != null ? loginException : loginException2);
    }

    private void invokeModule(String str) throws LoginException {
        try {
            AccessController.doPrivileged(new PrivilegedExceptionAction(this, str) { // from class: javax.security.auth.login.LoginContext.4
                private final String val$finalName;
                private final LoginContext this$0;

                {
                    this.this$0 = this;
                    this.val$finalName = str;
                }

                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws LoginException {
                    this.this$0.invoke(this.val$finalName);
                    return null;
                }
            });
        } catch (PrivilegedActionException e) {
            throw ((LoginException) e.getException());
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void invoke(String str) throws LoginException {
        LoginException loginException;
        Method[] methods;
        LoginException loginException2 = null;
        LoginException loginException3 = null;
        boolean z = false;
        for (int i = 0; i < this.moduleStack.length; i++) {
            try {
                if (this.moduleStack[i].module != null) {
                    methods = this.moduleStack[i].module.getClass().getMethods();
                } else {
                    this.moduleStack[i].module = Class.forName(this.moduleStack[i].entry.getLoginModuleName(), true, this.contextClassLoader).getConstructor(PARAMS).newInstance(new Object[0]);
                    methods = this.moduleStack[i].module.getClass().getMethods();
                    int i2 = 0;
                    while (i2 < methods.length && !methods[i2].getName().equals(INIT_METHOD)) {
                        i2++;
                    }
                    methods[i2].invoke(this.moduleStack[i].module, new Object[]{this.subject, this.callbackHandler, this.state, this.moduleStack[i].entry.getOptions()});
                }
                int i3 = 0;
                while (i3 < methods.length && !methods[i3].getName().equals(str)) {
                    i3++;
                }
                if (((Boolean) methods[i3].invoke(this.moduleStack[i].module, new Object[0])).booleanValue()) {
                    if (!str.equals(ABORT_METHOD) && !str.equals(LOGOUT_METHOD) && this.moduleStack[i].entry.getControlFlag() == AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT && loginException3 == null) {
                        if (debug != null) {
                            debug.println(new StringBuffer().append(str).append(" SUFFICIENT success").toString());
                            return;
                        }
                        return;
                    } else {
                        if (debug != null) {
                            debug.println(new StringBuffer().append(str).append(" success").toString());
                        }
                        z = true;
                    }
                } else if (debug != null) {
                    debug.println(new StringBuffer().append(str).append(" ignored").toString());
                }
            } catch (ClassNotFoundException e) {
                throw new LoginException(new StringBuffer().append(ResourcesMgr.getString("unable to find LoginModule class: ")).append(e.getMessage()).toString());
            } catch (IllegalAccessException e2) {
                throw new LoginException(new StringBuffer().append(ResourcesMgr.getString("unable to access LoginModule: ")).append(e2.getMessage()).toString());
            } catch (InstantiationException e3) {
                throw new LoginException(new StringBuffer().append(ResourcesMgr.getString("unable to instantiate LoginModule: ")).append(e3.getMessage()).toString());
            } catch (NoSuchMethodException e4) {
                throw new LoginException(new MessageFormat(ResourcesMgr.getString("unable to instantiate LoginModule, module, because it does not provide a no-argument constructor")).format(new Object[]{this.moduleStack[i].entry.getLoginModuleName()}));
            } catch (InvocationTargetException e5) {
                if (e5.getTargetException() instanceof LoginException) {
                    loginException = (LoginException) e5.getCause();
                } else {
                    StringWriter stringWriter = new StringWriter();
                    e5.getCause().printStackTrace(new PrintWriter(stringWriter));
                    stringWriter.flush();
                    loginException = new LoginException(stringWriter.toString());
                }
                if (this.moduleStack[i].entry.getControlFlag() == AppConfigurationEntry.LoginModuleControlFlag.REQUISITE) {
                    if (debug != null) {
                        debug.println(new StringBuffer().append(str).append(" REQUISITE failure").toString());
                    }
                    if (!str.equals(ABORT_METHOD) && !str.equals(LOGOUT_METHOD)) {
                        throwException(loginException3, loginException);
                    } else if (loginException3 == null) {
                        loginException3 = loginException;
                    }
                } else if (this.moduleStack[i].entry.getControlFlag() == AppConfigurationEntry.LoginModuleControlFlag.REQUIRED) {
                    if (debug != null) {
                        debug.println(new StringBuffer().append(str).append(" REQUIRED failure").toString());
                    }
                    if (loginException3 == null) {
                        loginException3 = loginException;
                    }
                } else {
                    if (debug != null) {
                        debug.println(new StringBuffer().append(str).append(" OPTIONAL failure").toString());
                    }
                    if (loginException2 == null) {
                        loginException2 = loginException;
                    }
                }
            }
        }
        if (loginException3 != null) {
            throwException(loginException3, null);
            return;
        }
        if (z || loginException2 == null) {
            if (z) {
                return;
            }
            throwException(new LoginException(ResourcesMgr.getString("Login Failure: all modules ignored")), null);
        } else {
            throwException(loginException2, null);
        }
    }
}
