package org.springframework.security.providers.jaas;

import java.io.IOException;
import java.security.Principal;
import java.security.Security;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.Configuration;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.context.ApplicationEvent;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.context.ApplicationEventPublisherAware;
import org.springframework.context.ApplicationListener;
import org.springframework.core.io.Resource;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.SpringSecurityException;
import org.springframework.security.context.HttpSessionContextIntegrationFilter;
import org.springframework.security.context.SecurityContext;
import org.springframework.security.providers.AuthenticationProvider;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.providers.jaas.event.JaasAuthenticationFailedEvent;
import org.springframework.security.providers.jaas.event.JaasAuthenticationSuccessEvent;
import org.springframework.security.ui.session.HttpSessionDestroyedEvent;
import org.springframework.util.Assert;

/* loaded from: input_file:WEB-INF/lib/spring-security-core-2.0.8.RELEASE.jar:org/springframework/security/providers/jaas/JaasAuthenticationProvider.class */
public class JaasAuthenticationProvider implements AuthenticationProvider, ApplicationEventPublisherAware, InitializingBean, ApplicationListener {
    protected static final Log log;
    private Resource loginConfig;
    private AuthorityGranter[] authorityGranters;
    private JaasAuthenticationCallbackHandler[] callbackHandlers;
    private ApplicationEventPublisher applicationEventPublisher;
    static Class class$org$springframework$security$providers$jaas$JaasAuthenticationProvider;
    static Class class$org$springframework$security$providers$UsernamePasswordAuthenticationToken;
    private LoginExceptionResolver loginExceptionResolver = new DefaultLoginExceptionResolver();
    private String loginContextName = "SPRINGSECURITY";

    /* loaded from: input_file:WEB-INF/lib/spring-security-core-2.0.8.RELEASE.jar:org/springframework/security/providers/jaas/JaasAuthenticationProvider$InternalCallbackHandler.class */
    private class InternalCallbackHandler implements CallbackHandler {
        private Authentication authentication;
        private final JaasAuthenticationProvider this$0;

        public InternalCallbackHandler(JaasAuthenticationProvider jaasAuthenticationProvider, Authentication authentication) {
            this.this$0 = jaasAuthenticationProvider;
            this.authentication = authentication;
        }

        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
            for (int i = 0; i < this.this$0.callbackHandlers.length; i++) {
                JaasAuthenticationCallbackHandler jaasAuthenticationCallbackHandler = this.this$0.callbackHandlers[i];
                for (Callback callback : callbackArr) {
                    jaasAuthenticationCallbackHandler.handle(callback, this.authentication);
                }
            }
        }
    }

    @Override // org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() throws Exception {
        Assert.notNull(this.loginConfig, new StringBuffer().append("loginConfig must be set on ").append(getClass()).toString());
        Assert.hasLength(this.loginContextName, new StringBuffer().append("loginContextName must be set on ").append(getClass()).toString());
        configureJaas(this.loginConfig);
        Assert.notNull(Configuration.getConfiguration(), "As per http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html \"If a Configuration object was set via the Configuration.setConfiguration method, then that object is returned. Otherwise, a default Configuration object is returned\". Your JRE returned null to Configuration.getConfiguration().");
    }

    @Override // org.springframework.security.providers.AuthenticationProvider
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        if (!(authentication instanceof UsernamePasswordAuthenticationToken)) {
            return null;
        }
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = (UsernamePasswordAuthenticationToken) authentication;
        try {
            LoginContext loginContext = new LoginContext(this.loginContextName, new InternalCallbackHandler(this, authentication));
            loginContext.login();
            HashSet hashSet = new HashSet();
            for (Principal principal : loginContext.getSubject().getPrincipals()) {
                for (int i = 0; i < this.authorityGranters.length; i++) {
                    Set grant = this.authorityGranters[i].grant(principal);
                    if (grant != null && !grant.isEmpty()) {
                        Iterator it = grant.iterator();
                        while (it.hasNext()) {
                            hashSet.add(new JaasGrantedAuthority(it.next().toString(), principal));
                        }
                    }
                }
            }
            JaasAuthenticationToken jaasAuthenticationToken = new JaasAuthenticationToken(usernamePasswordAuthenticationToken.getPrincipal(), usernamePasswordAuthenticationToken.getCredentials(), (GrantedAuthority[]) hashSet.toArray(new GrantedAuthority[hashSet.size()]), loginContext);
            publishSuccessEvent(jaasAuthenticationToken);
            return jaasAuthenticationToken;
        } catch (LoginException e) {
            SpringSecurityException resolveException = this.loginExceptionResolver.resolveException(e);
            publishFailureEvent(usernamePasswordAuthenticationToken, resolveException);
            throw resolveException;
        }
    }

    protected void configureJaas(Resource resource) throws IOException {
        configureJaasUsingLoop();
        Configuration.getConfiguration().refresh();
    }

    private void configureJaasUsingLoop() throws IOException {
        String url = this.loginConfig.getURL().toString();
        boolean z = false;
        int i = 1;
        while (true) {
            String property = Security.getProperty(new StringBuffer().append("login.config.url.").append(i).toString());
            if (property == null) {
                break;
            }
            z = property.equals(url);
            if (z) {
                break;
            } else {
                i++;
            }
        }
        if (z) {
            return;
        }
        String stringBuffer = new StringBuffer().append("login.config.url.").append(i).toString();
        log.debug(new StringBuffer().append("Setting security property [").append(stringBuffer).append("] to: ").append(url).toString());
        Security.setProperty(stringBuffer, url);
    }

    public AuthorityGranter[] getAuthorityGranters() {
        return this.authorityGranters;
    }

    public JaasAuthenticationCallbackHandler[] getCallbackHandlers() {
        return this.callbackHandlers;
    }

    public Resource getLoginConfig() {
        return this.loginConfig;
    }

    public String getLoginContextName() {
        return this.loginContextName;
    }

    public LoginExceptionResolver getLoginExceptionResolver() {
        return this.loginExceptionResolver;
    }

    protected void handleLogout(HttpSessionDestroyedEvent httpSessionDestroyedEvent) {
        SecurityContext securityContext = (SecurityContext) httpSessionDestroyedEvent.getSession().getAttribute(HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY);
        if (securityContext == null) {
            log.debug("The destroyed session has no SecurityContext");
            return;
        }
        Authentication authentication = securityContext.getAuthentication();
        if (authentication == null || !(authentication instanceof JaasAuthenticationToken)) {
            return;
        }
        JaasAuthenticationToken jaasAuthenticationToken = (JaasAuthenticationToken) authentication;
        try {
            LoginContext loginContext = jaasAuthenticationToken.getLoginContext();
            if (loginContext != null) {
                log.debug(new StringBuffer().append("Logging principal: [").append(jaasAuthenticationToken.getPrincipal()).append("] out of LoginContext").toString());
                loginContext.logout();
            } else {
                log.debug(new StringBuffer().append("Cannot logout principal: [").append(jaasAuthenticationToken.getPrincipal()).append("] from LoginContext. ").append("The LoginContext is unavailable").toString());
            }
        } catch (LoginException e) {
            log.warn("Error error logging out of LoginContext", e);
        }
    }

    @Override // org.springframework.context.ApplicationListener
    public void onApplicationEvent(ApplicationEvent applicationEvent) {
        if (applicationEvent instanceof HttpSessionDestroyedEvent) {
            handleLogout((HttpSessionDestroyedEvent) applicationEvent);
        }
    }

    protected void publishFailureEvent(UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken, SpringSecurityException springSecurityException) {
        this.applicationEventPublisher.publishEvent(new JaasAuthenticationFailedEvent(usernamePasswordAuthenticationToken, springSecurityException));
    }

    protected void publishSuccessEvent(UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) {
        if (this.applicationEventPublisher != null) {
            this.applicationEventPublisher.publishEvent(new JaasAuthenticationSuccessEvent(usernamePasswordAuthenticationToken));
        }
    }

    public void setAuthorityGranters(AuthorityGranter[] authorityGranterArr) {
        this.authorityGranters = authorityGranterArr;
    }

    public void setCallbackHandlers(JaasAuthenticationCallbackHandler[] jaasAuthenticationCallbackHandlerArr) {
        this.callbackHandlers = jaasAuthenticationCallbackHandlerArr;
    }

    public void setLoginConfig(Resource resource) {
        this.loginConfig = resource;
    }

    public void setLoginContextName(String str) {
        this.loginContextName = str;
    }

    public void setLoginExceptionResolver(LoginExceptionResolver loginExceptionResolver) {
        this.loginExceptionResolver = loginExceptionResolver;
    }

    @Override // org.springframework.security.providers.AuthenticationProvider
    public boolean supports(Class cls) {
        Class cls2;
        if (class$org$springframework$security$providers$UsernamePasswordAuthenticationToken == null) {
            cls2 = class$("org.springframework.security.providers.UsernamePasswordAuthenticationToken");
            class$org$springframework$security$providers$UsernamePasswordAuthenticationToken = cls2;
        } else {
            cls2 = class$org$springframework$security$providers$UsernamePasswordAuthenticationToken;
        }
        return cls2.isAssignableFrom(cls);
    }

    @Override // org.springframework.context.ApplicationEventPublisherAware
    public void setApplicationEventPublisher(ApplicationEventPublisher applicationEventPublisher) {
        this.applicationEventPublisher = applicationEventPublisher;
    }

    protected ApplicationEventPublisher getApplicationEventPublisher() {
        return this.applicationEventPublisher;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$springframework$security$providers$jaas$JaasAuthenticationProvider == null) {
            cls = class$("org.springframework.security.providers.jaas.JaasAuthenticationProvider");
            class$org$springframework$security$providers$jaas$JaasAuthenticationProvider = cls;
        } else {
            cls = class$org$springframework$security$providers$jaas$JaasAuthenticationProvider;
        }
        log = LogFactory.getLog(cls);
    }
}
