package org.nuxeo.ecm.platform.api.login;

import java.security.Principal;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.nuxeo.ecm.core.api.NuxeoPrincipal;

/* loaded from: input_file:org/nuxeo/ecm/platform/api/login/SystemLoginModule.class */
public class SystemLoginModule implements LoginModule {
    private static final Log log = LogFactory.getLog(SystemLoginModule.class);
    protected NuxeoPrincipal loginPrincipal;
    protected Subject subject;
    protected CallbackHandler callbackHandler;
    protected Map sharedState;
    protected boolean trace;

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        this.trace = log.isTraceEnabled();
        this.subject = subject;
        this.sharedState = map;
        this.callbackHandler = callbackHandler;
        this.trace = log.isTraceEnabled();
    }

    public boolean login() throws LoginException {
        if (this.trace) {
            log.trace("begin login");
        }
        this.loginPrincipal = getNuxeoPrincipal();
        if (this.loginPrincipal == null) {
            return false;
        }
        this.sharedState.put("javax.security.auth.login.name", this.loginPrincipal);
        this.sharedState.put("javax.security.auth.login.password", this.loginPrincipal);
        if (!this.trace) {
            return true;
        }
        log.trace("Authenticated System User");
        return true;
    }

    public boolean commit() throws LoginException {
        if (this.trace) {
            log.trace("commit, subject=" + this.subject);
        }
        Set<Principal> principals = this.subject.getPrincipals();
        if (principals.contains(this.loginPrincipal)) {
            return true;
        }
        principals.add(this.loginPrincipal);
        return true;
    }

    public boolean abort() throws LoginException {
        if (this.trace) {
            log.trace("abort, subject=" + this.subject);
        }
        this.loginPrincipal = null;
        return true;
    }

    public boolean logout() throws LoginException {
        if (this.trace) {
            log.trace("logout, subject=" + this.subject);
        }
        this.loginPrincipal = null;
        return true;
    }

    private NuxeoPrincipal getNuxeoPrincipal() throws LoginException {
        NuxeoPrincipalCallback nuxeoPrincipalCallback = new NuxeoPrincipalCallback();
        try {
            this.callbackHandler.handle(new Callback[]{nuxeoPrincipalCallback});
            return nuxeoPrincipalCallback.getPrincipal();
        } catch (Exception e) {
            LoginException loginException = new LoginException("Authentications Failure - " + e.getMessage());
            loginException.initCause(e);
            throw loginException;
        }
    }
}
