package org.jolokia.jvmagent.security;

import com.sun.net.httpserver.Authenticator;
import com.sun.net.httpserver.BasicAuthenticator;
import com.sun.net.httpserver.HttpExchange;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.jolokia.server.core.util.UserPasswordCallbackHandler;

/* loaded from: input_file:org/jolokia/jvmagent/security/JaasHttpAuthenticator.class */
public class JaasHttpAuthenticator extends BasicAuthenticator {
    private final ThreadLocal<Subject> subjectThreadLocal;

    public JaasHttpAuthenticator(String str) {
        super(str);
        this.subjectThreadLocal = new ThreadLocal<>();
    }

    public Authenticator.Result authenticate(HttpExchange httpExchange) {
        Subject subject;
        try {
            Authenticator.Result authenticate = super.authenticate(httpExchange);
            if ((authenticate instanceof Authenticator.Success) && (subject = this.subjectThreadLocal.get()) != null) {
                httpExchange.setAttribute("org.jolokia.jaasSubject", subject);
            }
            return authenticate;
        } finally {
            this.subjectThreadLocal.remove();
        }
    }

    public boolean checkCredentials(String str, String str2) {
        try {
            LoginContext createLoginContext = createLoginContext(this.realm, new UserPasswordCallbackHandler(str, str2));
            createLoginContext.login();
            this.subjectThreadLocal.set(createLoginContext.getSubject());
            return true;
        } catch (LoginException e) {
            return false;
        }
    }

    protected LoginContext createLoginContext(String str, CallbackHandler callbackHandler) throws LoginException {
        return new LoginContext(str, callbackHandler);
    }
}
