package fr.in2p3.cc.storage.treqs2.security.authentication;

import fr.in2p3.cc.storage.treqs2.core.entity.controller.EMFSingleton;
import fr.in2p3.cc.storage.treqs2.core.entity.controller.TreqsUserJpaController;
import java.io.IOException;
import java.security.Principal;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.slf4j.MDC;

/* loaded from: input_file:fr/in2p3/cc/storage/treqs2/security/authentication/WhiteListLoginModule.class */
public class WhiteListLoginModule implements LoginModule {
    private static final Logger LOGGER = LoggerFactory.getLogger(WhiteListLoginModule.class);
    private Subject subject;
    private CallbackHandler callbackHandler;
    private boolean succeeded = false;
    private boolean commitSucceeded = false;
    private Principal authenticatedUser;
    private String username;
    private char[] password;

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> map, Map<String, ?> map2) {
        this.subject = subject;
        this.callbackHandler = callbackHandler;
    }

    public boolean login() throws LoginException {
        if (this.callbackHandler == null) {
            throw new LoginException("Error: no CallbackHandler available to garner authentication information from the user");
        }
        NameCallback[] nameCallbackArr = {new NameCallback("user name: "), new PasswordCallback("password: ", false)};
        try {
            this.callbackHandler.handle(nameCallbackArr);
            this.username = nameCallbackArr[0].getName();
            this.password = ((PasswordCallback) nameCallbackArr[1]).getPassword();
            this.authenticatedUser = new TreqsUserJpaController(EMFSingleton.getInstance().getEntityManagerFactory()).findTreqsUser(this.username);
            try {
                if (this.authenticatedUser == null || !this.authenticatedUser.hasThisPassword(this.password)) {
                    throw new FailedLoginException("Login/password Incorrect");
                }
                LOGGER.debug(String.valueOf(this.username) + " was authenticated");
                this.succeeded = true;
                return true;
            } catch (Exception e) {
                MDC.put("id", this.username);
                LOGGER.info("authentication error" + e);
                MDC.remove("id");
                this.succeeded = false;
                this.username = null;
                for (int i = 0; i < this.password.length; i++) {
                    this.password[i] = ' ';
                }
                this.password = null;
                throw new FailedLoginException(e.getMessage());
            }
        } catch (IOException e2) {
            throw new LoginException(e2.toString());
        } catch (UnsupportedCallbackException e3) {
            throw new LoginException("Error: " + e3.getCallback().toString() + " not available to garner authentication information from the user");
        }
    }

    public boolean commit() throws LoginException {
        if (!this.succeeded) {
            return false;
        }
        if (!this.subject.getPrincipals().contains(this.authenticatedUser)) {
            this.subject.getPrincipals().add(this.authenticatedUser);
        }
        this.username = null;
        for (int i = 0; i < this.password.length; i++) {
            this.password[i] = ' ';
        }
        this.password = null;
        this.commitSucceeded = true;
        return true;
    }

    public boolean abort() throws LoginException {
        if (!this.succeeded) {
            return false;
        }
        if (!this.succeeded || this.commitSucceeded) {
            logout();
            return true;
        }
        this.succeeded = false;
        this.username = null;
        if (this.password != null) {
            for (int i = 0; i < this.password.length; i++) {
                this.password[i] = ' ';
            }
            this.password = null;
        }
        this.authenticatedUser = null;
        return true;
    }

    public boolean logout() throws LoginException {
        this.subject.getPrincipals().remove(this.authenticatedUser);
        this.succeeded = false;
        this.succeeded = this.commitSucceeded;
        this.username = null;
        if (this.password != null) {
            for (int i = 0; i < this.password.length; i++) {
                this.password[i] = ' ';
            }
            this.password = null;
        }
        this.authenticatedUser = null;
        return true;
    }
}
