package org.glassfish.admingui.common.security;

import com.sun.enterprise.config.serverbeans.Domain;
import com.sun.enterprise.config.serverbeans.SecureAdmin;
import com.sun.enterprise.security.SecurityServicesUtil;
import com.sun.jersey.api.client.Client;
import com.sun.jersey.api.client.ClientResponse;
import com.sun.jersey.api.client.WebResource;
import com.sun.jersey.api.client.filter.HTTPBasicAuthFilter;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.message.AuthException;
import javax.security.auth.message.AuthStatus;
import javax.security.auth.message.MessageInfo;
import javax.security.auth.message.MessagePolicy;
import javax.security.auth.message.callback.CallerPrincipalCallback;
import javax.security.auth.message.module.ServerAuthModule;
import javax.servlet.RequestDispatcher;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.glassfish.admingui.common.util.RestResponse;
import org.glassfish.admingui.common.util.RestUtil;
import org.jvnet.hk2.component.Habitat;

/* loaded from: input_file:org/glassfish/admingui/common/security/AdminConsoleAuthModule.class */
public class AdminConsoleAuthModule implements ServerAuthModule {
    public static final String TOKEN_ADMIN_LISTENER_PORT = "${ADMIN_LISTENER_PORT}";
    private CallbackHandler handler = null;
    private String restURL = null;
    private String loginPage = null;
    private String loginErrorPage = null;
    private static final Class[] SUPPORTED_MESSAGE_TYPES = {HttpServletRequest.class, HttpServletResponse.class};
    private static final String SAVED_SUBJECT = "Saved_Subject";
    private static final String USER_NAME = "userName";
    private static final String RESPONSE_TYPE = "application/json";
    public static final String REST_SERVER_NAME = "serverName";
    public static final String REST_SERVER_PORT = "serverPort";
    public static final String REST_TOKEN = "__rTkn__";

    public void initialize(MessagePolicy messagePolicy, MessagePolicy messagePolicy2, CallbackHandler callbackHandler, Map map) throws AuthException {
        this.handler = callbackHandler;
        if (map != null) {
            this.restURL = (String) map.get("restAuthURL");
            if (this.restURL == null) {
                throw new AuthException("'restAuthURL' must be supplied as a property in the provider-config in the domain.xml file!");
            }
            this.loginPage = (String) map.get("loginPage");
            if (this.loginPage == null) {
                throw new AuthException("'loginPage' must be supplied as a property in the provider-config in the domain.xml file!");
            }
            this.loginErrorPage = (String) map.get("loginErrorPage");
            if (this.loginErrorPage == null) {
                throw new AuthException("'loginErrorPage' must be supplied as a property in the provider-config in the domain.xml file!");
            }
            Habitat habitat = SecurityServicesUtil.getInstance().getHabitat();
            if (this.restURL.contains(TOKEN_ADMIN_LISTENER_PORT)) {
                this.restURL = this.restURL.replace(TOKEN_ADMIN_LISTENER_PORT, ((Domain) habitat.getComponent(Domain.class)).getServerNamed("server").getConfig().getNetworkConfig().getNetworkListener("admin-listener").getPort());
            }
            SecureAdmin secureAdmin = (SecureAdmin) habitat.getComponent(SecureAdmin.class);
            if (this.restURL.startsWith("http:") && SecureAdmin.Util.isEnabled(secureAdmin)) {
                this.restURL = this.restURL.replace("http:", "https:");
            }
        }
    }

    public Class[] getSupportedMessageTypes() {
        return SUPPORTED_MESSAGE_TYPES;
    }

    public AuthStatus validateRequest(MessageInfo messageInfo, Subject subject, Subject subject2) throws AuthException {
        Object obj;
        Subject subject3;
        HttpServletRequest httpServletRequest = (HttpServletRequest) messageInfo.getRequestMessage();
        HttpServletResponse httpServletResponse = (HttpServletResponse) messageInfo.getResponseMessage();
        if (!isMandatory(messageInfo) && !httpServletRequest.getRequestURI().endsWith("/j_security_check")) {
            return AuthStatus.SUCCESS;
        }
        HttpSession session = httpServletRequest.getSession(true);
        if (session != null && (subject3 = (Subject) session.getValue(SAVED_SUBJECT)) != null) {
            subject.getPrincipals().addAll(subject3.getPrincipals());
            subject.getPublicCredentials().addAll(subject3.getPublicCredentials());
            subject.getPrivateCredentials().addAll(subject3.getPrivateCredentials());
            return AuthStatus.SUCCESS;
        }
        if (session.getValue(REST_SERVER_NAME) == null) {
            try {
                URL url = new URL(this.restURL);
                session.putValue(REST_SERVER_NAME, url.getHost());
                session.putValue(REST_SERVER_PORT, Integer.valueOf(url.getPort()));
            } catch (MalformedURLException e) {
                throw new IllegalArgumentException("Unable to parse REST URL: (" + this.restURL + ")", e);
            }
        }
        String parameter = httpServletRequest.getParameter("j_username");
        String parameter2 = httpServletRequest.getParameter("j_password");
        if (parameter == null || parameter2 == null || !httpServletRequest.getMethod().equalsIgnoreCase("post")) {
            RequestDispatcher requestDispatcher = httpServletRequest.getRequestDispatcher(this.loginPage);
            try {
                RestUtil.initialize(null);
                requestDispatcher.forward(httpServletRequest, httpServletResponse);
                return AuthStatus.SEND_CONTINUE;
            } catch (Exception e2) {
                AuthException authException = new AuthException();
                authException.initCause(e2);
                throw authException;
            }
        }
        Client create = Client.create();
        RestUtil.initialize(create);
        WebResource resource = create.resource(this.restURL);
        resource.addFilter(new HTTPBasicAuthFilter(parameter, parameter2));
        RestResponse restResponse = RestResponse.getRestResponse((ClientResponse) resource.accept(new String[]{"application/json"}).post(ClientResponse.class));
        if (!restResponse.isSuccess()) {
            try {
                httpServletRequest.getRequestDispatcher(this.loginErrorPage).forward(httpServletRequest, httpServletResponse);
                return AuthStatus.SEND_FAILURE;
            } catch (Exception e3) {
                AuthException authException2 = new AuthException();
                authException2.initCause(e3);
                throw authException2;
            }
        }
        try {
            this.handler.handle(new Callback[]{new CallerPrincipalCallback(subject, parameter)});
            HashMap hashMap = new HashMap();
            Enumeration attributeNames = session.getAttributeNames();
            while (attributeNames.hasMoreElements()) {
                String str = (String) attributeNames.nextElement();
                hashMap.put(str, session.getAttribute(str));
            }
            session.invalidate();
            HttpSession session2 = httpServletRequest.getSession(true);
            for (String str2 : hashMap.keySet()) {
                session2.setAttribute(str2, hashMap.get(str2));
            }
            if (session2 != null) {
                Object obj2 = restResponse.getResponse().get("data");
                Map map = null;
                if (obj2 != null && (obj2 instanceof Map) && (obj = ((Map) obj2).get("extraProperties")) != null && (obj instanceof Map)) {
                    map = (Map) obj;
                }
                if (map != null) {
                    session2.putValue(REST_TOKEN, map.get("token"));
                }
                session2.putValue(SAVED_SUBJECT, subject);
                session2.putValue(USER_NAME, parameter);
            }
            try {
                httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL("/index.jsf"));
                return AuthStatus.SEND_CONTINUE;
            } catch (Exception e4) {
                AuthException authException3 = new AuthException();
                authException3.initCause(e4);
                throw authException3;
            }
        } catch (Exception e5) {
            AuthException authException4 = new AuthException();
            authException4.initCause(e5);
            throw authException4;
        }
    }

    public AuthStatus secureResponse(MessageInfo messageInfo, Subject subject) throws AuthException {
        return AuthStatus.SUCCESS;
    }

    public void cleanSubject(MessageInfo messageInfo, Subject subject) throws AuthException {
    }

    private boolean isMandatory(MessageInfo messageInfo) {
        return Boolean.valueOf((String) messageInfo.getMap().get("javax.security.auth.message.MessagePolicy.isMandatory")).booleanValue();
    }
}
