package org.kaazing.gateway.security.auth;

import java.util.Map;
import java.util.concurrent.TimeUnit;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginException;
import org.kaazing.gateway.util.Utils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/kaazing/gateway/security/auth/TimeoutLoginModule.class */
public class TimeoutLoginModule extends BaseStateDrivenLoginModule {
    public static final String CLASS_NAME = TimeoutLoginModule.class.getName();
    public static final Logger LOGGER = LoggerFactory.getLogger(CLASS_NAME);
    private static final String INITIALIZATION_FAILED_MESSAGE = "[TimeoutLoginModule] Initialization failed";
    private static final String AUTHENTICATION_FAILED_MESSAGE = "[TimeoutLoginModule] Authentication failed";
    private static final String SESSION_TIMEOUT_KEY = "session-timeout";
    private boolean debug;
    private Long sessionTimeout;
    private boolean forceFailure;

    @Override // org.kaazing.gateway.security.auth.BaseStateDrivenLoginModule
    public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> map, Map<String, ?> map2) {
        super.initialize(subject, callbackHandler, map, map2);
        this.debug = "true".equalsIgnoreCase((String) map2.get("debug"));
        this.forceFailure = "true".equalsIgnoreCase((String) map2.get("force-failure"));
        this.sessionTimeout = readOption(map2, SESSION_TIMEOUT_KEY);
        if (this.sessionTimeout == null) {
            IllegalArgumentException illegalArgumentException = new IllegalArgumentException(String.format("You must specify the \"%s\" option", SESSION_TIMEOUT_KEY));
            if (this.debug) {
                LOGGER.debug(INITIALIZATION_FAILED_MESSAGE, illegalArgumentException);
            }
            throw illegalArgumentException;
        }
        if (this.debug) {
            LOGGER.debug("[TimeoutLoginModule] session timeout configured as '{}'", this.sessionTimeout);
        }
    }

    @Override // org.kaazing.gateway.security.auth.BaseStateDrivenLoginModule
    protected boolean doLogin() throws LoginException {
        if (this.loginResult == null) {
            LoginException loginException = new LoginException("Missing login result");
            if (this.debug) {
                LOGGER.debug(AUTHENTICATION_FAILED_MESSAGE, loginException);
            }
            throw loginException;
        }
        boolean z = false;
        if (this.sessionTimeout != null) {
            if (this.debug) {
                LOGGER.debug("[TimeoutLoginModule] Setting session timeout to '{}'", this.sessionTimeout);
            }
            this.loginResult.setSessionTimeout(this.sessionTimeout.longValue());
            z = true;
        }
        if (z && !this.forceFailure) {
            return false;
        }
        LoginException loginException2 = new LoginException("Unable to set timeout");
        if (this.debug) {
            LOGGER.debug(AUTHENTICATION_FAILED_MESSAGE, loginException2);
        }
        cleanState();
        throw loginException2;
    }

    @Override // org.kaazing.gateway.security.auth.BaseStateDrivenLoginModule
    protected boolean doCommit() throws LoginException {
        return true;
    }

    @Override // org.kaazing.gateway.security.auth.BaseStateDrivenLoginModule
    protected boolean doLogout() throws LoginException {
        cleanState();
        return true;
    }

    private Long readOption(Map<String, ?> map, String str) {
        String str2 = (String) map.get(str);
        if (str2 == null) {
            return null;
        }
        try {
            return Long.valueOf(Utils.parseTimeInterval(str2, TimeUnit.SECONDS));
        } catch (NumberFormatException e) {
            LOGGER.error("[TimeoutLoginModule] Cannot determine the value for {}", str, e);
            throw e;
        }
    }

    private void cleanState() {
        this.sessionTimeout = 0L;
    }
}
