package com.apusic.security.auth.login;

import com.apusic.corba.ORBManager;
import com.apusic.corba.ee.spi.misc.ORBConstants;
import com.apusic.security.AuthenticationException;
import com.apusic.security.SecurityController;
import com.apusic.security.auth.callback.URLCallback;
import com.apusic.util.StringManager;
import com.sun.security.auth.module.Krb5LoginModule;
import java.io.IOException;
import java.net.URI;
import java.rmi.RemoteException;
import java.security.AccessControlContext;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSManager;

/* loaded from: input_file:com/apusic/security/auth/login/ClientKrb5LoginModule.class */
public class ClientKrb5LoginModule extends Krb5LoginModule {
    private Subject subject;
    private CallbackHandler callbackHandler;
    private Map sharedState;
    private Map options;
    private boolean succeeded;
    private Object accessToken;
    private SecurityController controller;
    private static StringManager sm = StringManager.getManager();

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        super.initialize(subject, callbackHandler, map, map2);
        this.subject = subject;
        this.callbackHandler = callbackHandler;
        this.sharedState = map;
        this.options = map2;
    }

    /* JADX WARN: Multi-variable type inference failed */
    public boolean login() throws LoginException {
        String property = System.getProperty("java.naming.provider.url");
        if (property == null) {
            property = (String) this.options.get("url");
        }
        if (property == null || property.length() == 0) {
            if (this.callbackHandler == null) {
                throw new LoginException("No callback handler available to garner authentication information from the user");
            }
            Callback[] callbackArr = {new URLCallback(sm.get("login.server"), ORBConstants.DEFAULT_INS_HOST)};
            try {
                this.callbackHandler.handle(callbackArr);
                property = ((URLCallback) callbackArr[0]).getURL();
            } catch (IOException e) {
                throw new LoginException(e.toString());
            } catch (UnsupportedCallbackException e2) {
                throw new LoginException("Callback not available to garner authentication information from user");
            }
        }
        if (!super.login()) {
            return false;
        }
        try {
            URI uri = new URI(property);
            this.controller = (SecurityController) ORBManager.getORB(uri.getHost(), uri.getPort()).resolve_initial_references("SecurityController");
            return true;
        } catch (Exception e3) {
            throw new LoginException(e3.toString());
        }
    }

    public boolean commit() throws LoginException {
        if (!super.commit()) {
            return false;
        }
        try {
            try {
                this.accessToken = this.controller.logonUser(null, (GSSCredential) Subject.doAsPrivileged(this.subject, new PrivilegedExceptionAction() { // from class: com.apusic.security.auth.login.ClientKrb5LoginModule.1
                    @Override // java.security.PrivilegedExceptionAction
                    public Object run() throws Exception {
                        return GSSManager.getInstance().createCredential(1);
                    }
                }, (AccessControlContext) null)).getAccessToken();
                if (!this.subject.getPrivateCredentials().contains(this.accessToken)) {
                    this.subject.getPrivateCredentials().add(this.accessToken);
                }
                if (!this.subject.getPrivateCredentials().contains(this.controller)) {
                    this.subject.getPrivateCredentials().add(this.controller);
                }
                this.succeeded = true;
                return true;
            } catch (AuthenticationException e) {
                throw new FailedLoginException(e.toString());
            } catch (RemoteException e2) {
                throw new LoginException(e2.toString());
            }
        } catch (PrivilegedActionException e3) {
            throw new LoginException("Cannot obtain Kerberos credentials: " + e3);
        }
    }

    public boolean abort() throws LoginException {
        cleanState();
        return super.abort();
    }

    public boolean logout() throws LoginException {
        cleanState();
        return super.logout();
    }

    private void cleanState() {
        if (this.succeeded) {
            this.subject.getPrivateCredentials().remove(this.accessToken);
            this.subject.getPrivateCredentials().remove(this.controller);
        }
        this.succeeded = false;
        this.accessToken = null;
        this.controller = null;
    }
}
