package org.eclipse.stardust.engine.core.security.jaas;

import java.security.Principal;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.AccountExpiredException;
import javax.security.auth.login.CredentialExpiredException;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.eclipse.stardust.common.config.Parameters;
import org.eclipse.stardust.common.error.InternalException;
import org.eclipse.stardust.common.error.LoginFailedException;
import org.eclipse.stardust.common.reflect.Reflect;
import org.eclipse.stardust.common.security.authentication.DefaultCallbackHandler;
import org.eclipse.stardust.engine.core.runtime.beans.removethis.SecurityProperties;
import org.eclipse.stardust.engine.core.spi.security.ExternalLoginProvider;
import org.eclipse.stardust.engine.core.spi.security.ExternalLoginResult;
import org.eclipse.stardust.engine.core.struct.beans.StructuredDataBean;

/* loaded from: input_file:lib/carnot-engine.jar:org/eclipse/stardust/engine/core/security/jaas/JaasLoginService.class */
public class JaasLoginService implements ExternalLoginProvider {
    private static final String DEFAULT_JAAS_CONFIG_NAME = "CARNOT";
    private LoginContext loginContext;
    private CallbackHandler callbackHandler;
    private Subject subject;
    private Principal replicatedPrincipal;
    private String password;
    private String account;

    @Override // org.eclipse.stardust.engine.core.spi.security.ExternalLoginProvider
    public ExternalLoginResult login(String str, String str2, Map map) {
        Set<Principal> principals;
        this.account = str;
        this.password = str2;
        this.callbackHandler = new DefaultCallbackHandler(this.account, this.password.toCharArray());
        try {
            this.loginContext = new LoginContext(Parameters.instance().getString(SecurityProperties.AUTHENTICATION_CONFIGURATION_NAME_PROPERTY, "CARNOT"), this.callbackHandler);
            try {
                this.loginContext.login();
                this.subject = this.loginContext.getSubject();
                String string = Parameters.instance().getString(SecurityProperties.AUTHENTICATION_PRINCIPAL_CLASS_PROPERTY);
                if (string != null) {
                    principals = this.subject.getPrincipals(Reflect.getClassFromClassName(string));
                } else {
                    principals = this.subject.getPrincipals();
                }
                Iterator<Principal> it = principals.iterator();
                if (it.hasNext()) {
                    this.replicatedPrincipal = it.next();
                }
                if (this.replicatedPrincipal == null) {
                    throw new InternalException("No principal can be obtained for filter class.");
                }
                return ExternalLoginResult.testifySuccess();
            } catch (LoginException e) {
                return ExternalLoginResult.testifyFailure(new LoginFailedException(e.getMessage(), StructuredDataBean.xpath_COLUMN_LENGTH));
            } catch (CredentialExpiredException e2) {
                return ExternalLoginResult.testifyFailure(new LoginFailedException(e2.getMessage(), 6));
            } catch (AccountExpiredException e3) {
                return ExternalLoginResult.testifyFailure(new LoginFailedException(e3.getMessage(), 6));
            } catch (FailedLoginException e4) {
                return ExternalLoginResult.testifyFailure(new LoginFailedException(e4.getMessage(), 1));
            }
        } catch (LoginException e5) {
            return ExternalLoginResult.testifyFailure(new LoginFailedException(e5.getMessage(), 100));
        }
    }
}
