package ips.net.auth.jaas;

import java.io.IOException;
import java.security.Principal;
import java.util.Hashtable;
import java.util.Map;
import java.util.Set;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchResult;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;

/* loaded from: input_file:ips/net/auth/jaas/LDAPLoginModule.class */
public class LDAPLoginModule implements LoginModule {
    private Subject subject;
    private CallbackHandler callbackHandler;
    private Map sharedState;
    private Map options;
    private String username;
    private char[] password;
    private String baseDN;
    private String userDn;
    private InetOrgPersonPrincipal userPrincipal;
    private RolePrincipal rolePrincipal;
    private DirContext context;
    private boolean debug = false;
    private boolean succeeded = false;
    private boolean commitSucceeded = false;

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        this.subject = subject;
        this.callbackHandler = callbackHandler;
        this.sharedState = map;
        this.options = map2;
        this.debug = "true".equalsIgnoreCase((String) map2.get("debug"));
        if (this.debug) {
            System.out.println(getClass().getName() + " Initialized");
        }
    }

    public boolean login() throws LoginException {
        if (this.callbackHandler == null) {
            throw new LoginException("No CallbackHandler available.");
        }
        NameCallback[] nameCallbackArr = {new NameCallback("Login: "), new PasswordCallback("Password: ", false)};
        try {
            this.callbackHandler.handle(nameCallbackArr);
            this.username = nameCallbackArr[0].getName();
            char[] password = ((PasswordCallback) nameCallbackArr[1]).getPassword();
            if (password == null) {
                password = new char[0];
            }
            this.password = new char[password.length];
            System.arraycopy(password, 0, this.password, 0, password.length);
            ((PasswordCallback) nameCallbackArr[1]).clearPassword();
            if (this.debug) {
                System.out.println("[LDAPLoginModule] user entered user name: " + this.username);
                System.out.println("[LDAPLoginModule] user entered a password");
            }
            this.baseDN = ((String) this.options.get("baseDN")).trim();
            String trim = ((String) this.options.get("accountsDN")).trim();
            StringBuffer stringBuffer = new StringBuffer("uid=");
            stringBuffer.append(this.username);
            stringBuffer.append(',');
            if (this.debug) {
                System.out.println("[LDAPLoginModule] accountsDN: " + trim);
            }
            if (trim != null && !"".equals(trim)) {
                stringBuffer.append(trim);
                if (!trim.endsWith(",")) {
                    stringBuffer.append(',');
                }
            }
            stringBuffer.append(this.baseDN);
            this.userDn = stringBuffer.toString();
            String str = (String) this.options.get("connectionURL");
            if (this.debug) {
                System.out.println("[LDAPLoginModule] try to connect to " + str + " as user " + this.userDn);
            }
            Hashtable hashtable = new Hashtable();
            hashtable.put("java.naming.provider.url", str);
            hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
            hashtable.put("java.naming.security.principal", this.userDn);
            hashtable.put("java.naming.security.credentials", this.password);
            try {
                this.context = new InitialDirContext(hashtable);
                if (this.debug) {
                    System.out.println("[LDAPLoginModule] successfully bound to LDAP.");
                }
                this.succeeded = true;
                return this.succeeded;
            } catch (NamingException e) {
                if (this.debug) {
                    System.out.println("[LDAPLoginModule] Could not bind to LDAP.");
                }
                throw new FailedLoginException("Could not bind to LDAP");
            }
        } catch (IOException e2) {
            throw new LoginException(e2.toString());
        } catch (UnsupportedCallbackException e3) {
            throw new LoginException("Error: Unsupported callback:" + e3.getCallback());
        }
    }

    public boolean commit() throws LoginException {
        if (!this.succeeded) {
            return false;
        }
        Set<Principal> principals = this.subject.getPrincipals();
        try {
            Attributes attributes = this.context.getAttributes(this.userDn);
            NamingEnumeration all = attributes.get("objectClass").getAll();
            while (all.hasMore()) {
                if ("inetOrgPerson".equals(all.next())) {
                    this.userPrincipal = new InetOrgPersonPrincipal(this.userDn, attributes);
                    if (!principals.contains(this.userPrincipal)) {
                        principals.add(this.userPrincipal);
                        if (this.debug) {
                            System.out.println("[LDAPLoginModule] added InetOrgPrincipal " + this.userPrincipal.getName() + " to Subject");
                        }
                    }
                    if (this.debug) {
                        System.out.println("Displayname: " + this.userPrincipal.getAttrDisplayname());
                        System.out.println("Given name: " + this.userPrincipal.getAttrGivenname());
                        System.out.println("Surname: " + this.userPrincipal.getAttrSurname());
                        System.out.println("E-Mail: " + this.userPrincipal.getAttrMail());
                    }
                }
            }
        } catch (NamingException e) {
            System.err.println(e.getMessage());
            e.printStackTrace();
        }
        StringBuffer stringBuffer = new StringBuffer("");
        String trim = ((String) this.options.get("rolesDN")).trim();
        if (this.debug) {
            System.out.println("[LDAPLoginModule] rolesDN option: " + trim);
        }
        if (trim != null && !"".equals(trim)) {
            stringBuffer.append(trim);
            if (!trim.endsWith(",")) {
                stringBuffer.append(',');
            }
        }
        stringBuffer.append(this.baseDN);
        String stringBuffer2 = stringBuffer.toString();
        BasicAttribute basicAttribute = new BasicAttribute("objectClass", "groupOfNames");
        BasicAttribute basicAttribute2 = new BasicAttribute("member", this.userDn);
        BasicAttributes basicAttributes = new BasicAttributes();
        basicAttributes.put(basicAttribute);
        basicAttributes.put(basicAttribute2);
        try {
            NamingEnumeration search = this.context.search(stringBuffer2, basicAttributes);
            while (search.hasMore()) {
                Object obj = ((SearchResult) search.next()).getAttributes().get("cn").get();
                if (obj instanceof String) {
                    this.rolePrincipal = new RolePrincipal((String) obj);
                    if (!principals.contains(this.rolePrincipal)) {
                        principals.add(this.rolePrincipal);
                    }
                    if (this.debug) {
                        System.out.println("[LDAPLoginModule] added RolePrincipal " + this.rolePrincipal.getName() + " to Subject");
                    }
                }
            }
        } catch (NamingException e2) {
            System.err.println(e2.getMessage());
            e2.printStackTrace();
        }
        this.username = null;
        for (int i = 0; i < this.password.length; i++) {
            this.password[i] = ' ';
        }
        this.password = null;
        this.commitSucceeded = true;
        return true;
    }

    public boolean abort() throws LoginException {
        if (!this.succeeded) {
            return false;
        }
        if (!this.succeeded || this.commitSucceeded) {
            logout();
            return true;
        }
        this.succeeded = false;
        this.username = null;
        if (this.password != null) {
            for (int i = 0; i < this.password.length; i++) {
                this.password[i] = ' ';
            }
            this.password = null;
        }
        this.userPrincipal = null;
        return true;
    }

    public boolean logout() throws LoginException {
        this.subject.getPrincipals().remove(this.userPrincipal);
        this.subject.getPrincipals().remove(this.rolePrincipal);
        this.succeeded = false;
        this.succeeded = this.commitSucceeded;
        this.username = null;
        if (this.password != null) {
            for (int i = 0; i < this.password.length; i++) {
                this.password[i] = ' ';
            }
            this.password = null;
        }
        this.userPrincipal = null;
        this.rolePrincipal = null;
        return true;
    }
}
