package com.sun.messaging.jmq.jmsserver.auth.jaas;

import com.sun.jdo.spi.persistence.utility.generator.JavaClassWriterHelper;
import com.sun.messaging.jmq.auth.api.server.model.UserRepository;
import com.sun.messaging.jmq.jmsserver.Broker;
import com.sun.messaging.jmq.jmsserver.Globals;
import com.sun.messaging.jmq.jmsserver.auth.AccessController;
import com.sun.messaging.jmq.jmsserver.resources.BrokerResources;
import com.sun.messaging.jmq.util.StringUtil;
import com.sun.messaging.jmq.util.log.Logger;
import java.util.Iterator;
import java.util.Properties;
import javax.security.auth.Destroyable;
import javax.security.auth.Refreshable;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;

/* loaded from: input_file:com/sun/messaging/jmq/jmsserver/auth/jaas/UserRepositoryImpl.class */
public class UserRepositoryImpl implements UserRepository {
    private static boolean DEBUG = false;
    public static final String TYPE = "jaas";
    public static final String PROP_NAME_SUFFIX = ".name";
    public static final String SUBJECT_HELPER_SUFFIX = ".subjectHelperClass";
    public static final String SUBJECT_HELPER_PROPS_SUFFIX = ".subjectHelperClass.props";
    public static final String SUBJECT_HELPER_EMBEDDED_PROP = "imq.embedded";
    public static final String SUBJECT_HELPER_JMSRA_MANAGED_PROP = "imq.jmsra.managed";
    private Logger logger = Globals.getLogger();
    private String authType = null;
    private Properties authProps = null;
    private String name = null;
    private SubjectHelper subjectHelper = null;
    private LoginContext lc = null;
    private Object lock = new Object();
    private boolean login = false;
    private boolean logout = false;

    @Override // com.sun.messaging.jmq.auth.api.server.model.UserRepository
    public String getType() {
        return "jaas";
    }

    @Override // com.sun.messaging.jmq.auth.api.server.model.UserRepository
    public void open(String str, Properties properties, Refreshable refreshable) throws LoginException {
        this.authType = str;
        this.authProps = properties;
        String property = this.authProps.getProperty(AccessController.PROP_AUTHENTICATION_PREFIX + str + AccessController.PROP_USER_REPOSITORY_SUFFIX);
        if (property == null) {
            throw new LoginException(Globals.getBrokerResources().getKString(BrokerResources.X_USER_REPOSITORY_NOT_DEFINED, str));
        }
        if (!property.equals("jaas")) {
            throw new LoginException(Globals.getBrokerResources().getKString(BrokerResources.X_REPOSITORY_TYPE_MISMATCH, (Object[]) new String[]{property, "jaas", getClass().getName()}));
        }
        String str2 = AccessController.PROP_USER_REPOSITORY_PREFIX + property;
        this.name = this.authProps.getProperty(str2 + PROP_NAME_SUFFIX);
        if (this.name == null) {
            throw new LoginException(Globals.getBrokerResources().getKString(BrokerResources.X_JAAS_NAME_INDEX_NOT_DEFINED));
        }
        String property2 = this.authProps.getProperty(str2 + SUBJECT_HELPER_SUFFIX);
        if (property2 != null) {
            try {
                this.subjectHelper = (SubjectHelper) Class.forName(property2).newInstance();
                Properties properties2 = null;
                String property3 = this.authProps.getProperty(str2 + SUBJECT_HELPER_PROPS_SUFFIX);
                if (property3 != null) {
                    properties2 = StringUtil.toProperties(property3);
                }
                if (properties2 == null) {
                    properties2 = new Properties();
                }
                if (Broker.isInProcess()) {
                    properties2.setProperty("imq.embedded", "true");
                }
                if (Globals.isJMSRAManagedBroker()) {
                    properties2.setProperty("imq.jmsra.managed", "true");
                }
                this.subjectHelper.init(this.name, properties2, null);
            } catch (Exception e) {
                Logger logger = this.logger;
                Logger logger2 = this.logger;
                logger.logStack(32, "Unable to instantiate class " + property2, e);
                throw new LoginException(e.getMessage());
            }
        }
        if (DEBUG) {
            Logger logger3 = this.logger;
            Logger logger4 = this.logger;
            logger3.log(8, "Using JAAS authentication " + this.name + (property2 == null ? "" : " with subject helper class " + property2));
        }
    }

    @Override // com.sun.messaging.jmq.auth.api.server.model.UserRepository
    public Subject findMatch(String str, Object obj, Object obj2, String str2) throws LoginException {
        if (str2 == null || !str2.equals("basic")) {
            throw new LoginException(Globals.getBrokerResources().getKString(BrokerResources.X_UNSUPPORTED_USER_REPOSITORY_MATCHTYPE, (Object[]) new String[]{str2 == null ? JavaClassWriterHelper.null_ : str2, this.authType, getType(), "basic"}));
        }
        return basicFindMatch(str, (String) obj);
    }

    private Subject basicFindMatch(String str, String str2) throws LoginException {
        Subject subject;
        if (DEBUG) {
            this.logger.log(4, "Authentication type basic - " + str + ":" + str2);
        }
        CallbackHandlerImpl callbackHandlerImpl = new CallbackHandlerImpl(this.authProps, str, str2);
        Subject subject2 = null;
        if (this.subjectHelper != null) {
            try {
                subject2 = this.subjectHelper.makeSubject(str, str2);
            } catch (Exception e) {
                String str3 = "Failed to make subject of user " + str;
                this.logger.logStack(32, str3, e);
                LoginException loginException = new LoginException(str3);
                loginException.initCause(e);
                throw loginException;
            }
        }
        this.lc = new LoginContext(this.name, subject2, callbackHandlerImpl);
        synchronized (this.lock) {
            if (this.logout) {
                throw new LoginException(Globals.getBrokerResources().getKString(BrokerResources.X_CONNECTION_LOGGEDOUT));
            }
            this.lc.login();
            this.login = true;
            callbackHandlerImpl.destroy();
            subject = this.lc.getSubject();
            Iterator<Object> it = subject.getPrivateCredentials().iterator();
            Object obj = null;
            while (it.hasNext()) {
                try {
                    obj = it.next();
                    if (obj != null) {
                        if ((obj instanceof Destroyable) && !((Destroyable) obj).isDestroyed()) {
                            ((Destroyable) obj).destroy();
                        }
                    }
                } catch (Exception e2) {
                    Logger logger = this.logger;
                    Logger logger2 = this.logger;
                    logger.log(16, "XXX Unable to destroy private credential:" + obj.getClass().getName() + " for " + str);
                }
            }
        }
        return subject;
    }

    @Override // com.sun.messaging.jmq.auth.api.server.model.UserRepository
    public Refreshable getCacheData() {
        if (this.subjectHelper == null) {
            return null;
        }
        return this.subjectHelper.getCacheData();
    }

    @Override // com.sun.messaging.jmq.auth.api.server.model.UserRepository
    public void close() throws LoginException {
        synchronized (this.lock) {
            if (!this.logout && this.login) {
                this.lc.logout();
                this.logout = true;
            }
        }
    }
}
