package info.magnolia.jaas.sp.jcr;

import info.magnolia.cms.beans.config.ContentRepository;
import info.magnolia.cms.security.MgnlUserManager;
import info.magnolia.cms.security.PrincipalUtil;
import info.magnolia.cms.security.User;
import info.magnolia.context.Context;
import info.magnolia.context.MgnlContext;
import info.magnolia.init.MagnoliaConfigurationProperties;
import info.magnolia.objectfactory.Components;
import java.io.IOException;
import java.io.Serializable;
import java.util.Arrays;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import org.apache.jackrabbit.core.security.UserPrincipal;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/magnolia-jaas-5.5.5.jar:info/magnolia/jaas/sp/jcr/JackrabbitAuthenticationModule.class */
public class JackrabbitAuthenticationModule implements LoginModule, Serializable {
    private static final Logger log = LoggerFactory.getLogger(JackrabbitAuthenticationModule.class);
    private Subject subject;
    private CallbackHandler callbackHandler;

    /* renamed from: name, reason: collision with root package name */
    private String f168name;

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> map, Map<String, ?> map2) {
        this.subject = subject;
        this.callbackHandler = callbackHandler;
    }

    public boolean login() throws LoginException {
        if (this.callbackHandler == null) {
            throw new LoginException("Error: no CallbackHandler available");
        }
        NameCallback[] nameCallbackArr = {new NameCallback("name"), new PasswordCallback(MgnlUserManager.PROPERTY_PASSWORD, false)};
        try {
            this.callbackHandler.handle(nameCallbackArr);
            this.f168name = nameCallbackArr[0].getName();
            char[] password = ((PasswordCallback) nameCallbackArr[1]).getPassword();
            if (getAdminUser().equals(this.f168name)) {
                if (!Arrays.equals(password, getAdminPassword().toCharArray())) {
                    throw new FailedLoginException();
                }
                compileAdminPrincipals();
                return true;
            }
            Context mgnlContext = MgnlContext.hasInstance() ? MgnlContext.getInstance() : null;
            if (mgnlContext == null) {
                throw new FailedLoginException("Cannot login, magnolia context is not set");
            }
            Subject subject = mgnlContext.getSubject();
            if (subject == null) {
                throw new FailedLoginException("Cannot login, invalid setup or deserialization error");
            }
            if (isSuperuser(subject)) {
                compileAdminPrincipals();
                return true;
            }
            compileUserPrincipals(subject);
            return true;
        } catch (IOException e) {
            throw new LoginException(e.toString());
        } catch (UnsupportedCallbackException e2) {
            throw new LoginException(e2.getCallback().toString() + " not available");
        }
    }

    public boolean commit() throws LoginException {
        return true;
    }

    public boolean abort() throws LoginException {
        return false;
    }

    public boolean logout() throws LoginException {
        this.callbackHandler = null;
        this.f168name = null;
        return true;
    }

    private void compileUserPrincipals(Subject subject) {
        this.subject.getPrincipals().addAll(subject.getPrincipals());
        this.subject.getPrincipals().add(new UserPrincipal(this.f168name));
    }

    private void compileAdminPrincipals() {
        this.subject.getPrincipals().add(new MagnoliaJRAdminPrincipal(getAdminUser()));
    }

    protected String getAdminUser() {
        String str = ContentRepository.REPOSITORY_USER;
        if (str == null) {
            str = ((MagnoliaConfigurationProperties) Components.getSingleton(MagnoliaConfigurationProperties.class)).getProperty("magnolia.connection.jcr.userId");
        }
        if (str == null) {
            str = System.getProperty("magnolia.connection.jcr.userId");
        }
        return str;
    }

    protected String getAdminPassword() {
        String str = ContentRepository.REPOSITORY_PSWD;
        if (str == null) {
            str = ((MagnoliaConfigurationProperties) Components.getSingleton(MagnoliaConfigurationProperties.class)).getProperty("magnolia.connection.jcr.password");
        }
        if (str == null) {
            str = System.getProperty("magnolia.connection.jcr.password");
        }
        return str;
    }

    private boolean isSuperuser(Subject subject) {
        User user = (User) PrincipalUtil.findPrincipal(subject, User.class);
        return user != null && "superuser".equals(user.getName());
    }
}
