package org.apache.catalina.realm;

import java.security.Principal;
import java.security.acl.Group;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.Subject;
import javax.security.auth.login.AccountExpiredException;
import javax.security.auth.login.CredentialExpiredException;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.apache.catalina.Container;
import org.apache.catalina.LifecycleException;
import org.apache.catalina.util.StringManager;

/* loaded from: input_file:web-all-10.0-build-20080724.jar:org/apache/catalina/realm/JAASRealm.class */
public class JAASRealm extends RealmBase {
    protected static final String info = "org.apache.catalina.realm.JAASRealm/1.0";
    protected static final String name = "JAASRealm";
    private static Logger log = Logger.getLogger(JAASRealm.class.getName());
    protected static final StringManager sm = StringManager.getManager(Constants.Package);
    protected String appName = null;
    protected ArrayList roleClasses = new ArrayList();
    protected ArrayList userClasses = new ArrayList();
    protected String roleClassNames = null;
    protected String userClassNames = null;

    public void setAppName(String str) {
        this.appName = str;
    }

    public String getAppName() {
        return this.appName;
    }

    @Override // org.apache.catalina.realm.RealmBase, org.apache.catalina.Realm
    public void setContainer(Container container) {
        super.setContainer(container);
        String name2 = container.getName();
        if (this.appName == null) {
            this.appName = name2;
            log.info("Setting JAAS app name " + this.appName);
        }
    }

    public String getRoleClassNames() {
        return this.roleClassNames;
    }

    public void setRoleClassNames(String str) {
        this.roleClassNames = str;
        this.roleClasses.clear();
        String str2 = this.roleClassNames;
        if (str2 == null) {
            return;
        }
        while (true) {
            int indexOf = str2.indexOf(44);
            if (indexOf < 0) {
                break;
            }
            this.roleClasses.add(str2.substring(0, indexOf).trim());
            str2 = str2.substring(indexOf + 1);
        }
        String trim = str2.trim();
        if (trim.length() > 0) {
            this.roleClasses.add(trim);
        }
    }

    public String getUserClassNames() {
        return this.userClassNames;
    }

    public void setUserClassNames(String str) {
        this.userClassNames = str;
        this.userClasses.clear();
        String str2 = this.userClassNames;
        if (str2 == null) {
            return;
        }
        while (true) {
            int indexOf = str2.indexOf(44);
            if (indexOf < 0) {
                break;
            }
            this.userClasses.add(str2.substring(0, indexOf).trim());
            str2 = str2.substring(indexOf + 1);
        }
        String trim = str2.trim();
        if (trim.length() > 0) {
            this.userClasses.add(trim);
        }
    }

    /* JADX WARN: Finally extract failed */
    @Override // org.apache.catalina.realm.RealmBase, org.apache.catalina.Realm
    public Principal authenticate(String str, String str2) {
        try {
            if (this.appName == null) {
                this.appName = "Tomcat";
            }
            if (log.isLoggable(Level.FINE)) {
                log.fine("Authenticating " + this.appName + " " + str);
            }
            ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
            Thread.currentThread().setContextClassLoader(getClass().getClassLoader());
            try {
                try {
                    LoginContext loginContext = new LoginContext(this.appName, new JAASCallbackHandler(this, str, str2));
                    Thread.currentThread().setContextClassLoader(contextClassLoader);
                    if (log.isLoggable(Level.FINE)) {
                        log.fine("Login context created " + str);
                    }
                    try {
                        try {
                            loginContext.login();
                            Subject subject = loginContext.getSubject();
                            if (subject == null) {
                                if (!log.isLoggable(Level.FINE)) {
                                    return null;
                                }
                                log.fine(sm.getString("jaasRealm.failedLogin", str));
                                return null;
                            }
                            if (log.isLoggable(Level.FINE)) {
                                log.fine("Getting principal " + subject);
                            }
                            Principal createPrincipal = createPrincipal(str, subject);
                            if (createPrincipal == null) {
                                log.fine(sm.getString("jaasRealm.authenticateFailure", str));
                                return null;
                            }
                            if (log.isLoggable(Level.FINE)) {
                                log.fine(sm.getString("jaasRealm.authenticateSuccess", str));
                            }
                            return createPrincipal;
                        } catch (CredentialExpiredException e) {
                            if (!log.isLoggable(Level.FINE)) {
                                return null;
                            }
                            log.fine(sm.getString("jaasRealm.credentialExpired", str));
                            return null;
                        } catch (Throwable th) {
                            log.log(Level.FINE, "Unexpected error", th);
                            return null;
                        }
                    } catch (AccountExpiredException e2) {
                        if (!log.isLoggable(Level.FINE)) {
                            return null;
                        }
                        log.fine(sm.getString("jaasRealm.accountExpired", str));
                        return null;
                    } catch (FailedLoginException e3) {
                        if (!log.isLoggable(Level.FINE)) {
                            return null;
                        }
                        log.fine(sm.getString("jaasRealm.failedLogin", str));
                        return null;
                    } catch (LoginException e4) {
                        log.log(Level.FINE, sm.getString("jaasRealm.loginException", str), (Throwable) e4);
                        return null;
                    }
                } catch (Throwable th2) {
                    Thread.currentThread().setContextClassLoader(contextClassLoader);
                    throw th2;
                }
            } catch (Throwable th3) {
                log.fine("Error initializing JAAS: " + th3.toString());
                log.log(Level.FINE, sm.getString("jaasRealm.loginException", str), th3);
                Thread.currentThread().setContextClassLoader(contextClassLoader);
                return null;
            }
        } catch (Throwable th4) {
            log.log(Level.SEVERE, "error ", th4);
            return null;
        }
    }

    @Override // org.apache.catalina.realm.RealmBase
    protected String getName() {
        return name;
    }

    @Override // org.apache.catalina.realm.RealmBase
    protected String getPassword(String str) {
        return null;
    }

    @Override // org.apache.catalina.realm.RealmBase
    protected Principal getPrincipal(String str) {
        return null;
    }

    protected Principal createPrincipal(String str, Subject subject) {
        ArrayList arrayList = new ArrayList();
        for (Principal principal : subject.getPrincipals()) {
            if (principal instanceof GenericPrincipal) {
                if (log.isLoggable(Level.FINE)) {
                    log.fine("Found old GenericPrincipal " + principal);
                }
                return principal;
            }
            String name2 = principal.getClass().getName();
            if (log.isLoggable(Level.FINE)) {
                log.fine("Principal: " + name2 + " " + principal);
            }
            if (this.userClasses.contains(name2)) {
                str = principal.getName();
            }
            if (this.roleClasses.contains(name2)) {
                arrayList.add(principal.getName());
            }
            if ((principal instanceof Group) && "Roles".equals(principal.getName())) {
                Enumeration<? extends Principal> members = ((Group) principal).members();
                while (members.hasMoreElements()) {
                    arrayList.add(members.nextElement().getName());
                }
            }
        }
        if (str != null) {
            return new GenericPrincipal(this, str, null, arrayList);
        }
        return null;
    }

    @Override // org.apache.catalina.realm.RealmBase, org.apache.catalina.Lifecycle
    public void start() throws LifecycleException {
        super.start();
    }

    @Override // org.apache.catalina.realm.RealmBase, org.apache.catalina.Lifecycle
    public void stop() throws LifecycleException {
        super.stop();
    }
}
