package eu.cec.digit.ecas.client.jaas;

import eu.cec.digit.ecas.client.jaas.AuthenticatedDetailedUser;
import eu.cec.digit.ecas.client.logging.Logger;
import eu.cec.digit.ecas.client.resolver.logging.LoggerFactory;
import eu.cec.digit.ecas.client.signature.AuthenticatedMessage;
import eu.cec.digit.ecas.client.signature.UserConfirmationMessage;
import eu.cec.digit.ecas.client.validation.DetailedValidatedUser;
import eu.cec.digit.ecas.client.validation.EcasValidationConfigIntf;
import eu.cec.digit.ecas.client.validation.ValidatedUser;
import java.io.IOException;
import java.security.Principal;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.spi.LoginModule;

/* loaded from: input_file:eu/cec/digit/ecas/client/jaas/TicketLoginModule.class */
public final class TicketLoginModule implements LoginModule {
    private static final Logger LOG;
    private Subject subject;
    private CallbackHandler callbackHandler;
    private Map sharedState;
    private Map options;
    private List groups;
    private List ecasGroups;
    private List extraGroups;
    private List strengths;
    private LoginDate loginDate;
    private DetailedUser detailedUser;
    private boolean loginSuccessful;
    static Class class$eu$cec$digit$ecas$client$jaas$TicketLoginModule;

    public TicketLoginModule() {
    }

    public TicketLoginModule(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        this.subject = subject;
        this.callbackHandler = callbackHandler;
        this.sharedState = map;
        this.options = map2;
    }

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        this.subject = subject;
        this.callbackHandler = callbackHandler;
        this.sharedState = map;
        this.options = map2;
    }

    public DetailedUser getDetailedUser() {
        return this.detailedUser;
    }

    public List getGroups() {
        return this.groups;
    }

    public List getEcasGroups() {
        return this.ecasGroups;
    }

    public List getExtraGroups() {
        return this.extraGroups;
    }

    public boolean isLoginSuccessful() {
        return this.loginSuccessful;
    }

    public Strength getStrength() {
        return (Strength) this.strengths.iterator().next();
    }

    public List getStrengths() {
        return this.strengths;
    }

    public LoginDate getLoginDate() {
        return this.loginDate;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v187, types: [eu.cec.digit.ecas.client.jaas.BackEndTicketCallbackIntf] */
    /* JADX WARN: Type inference failed for: r0v213, types: [eu.cec.digit.ecas.client.jaas.SignedAuthenticatedMessageCallbackIntf] */
    /* JADX WARN: Type inference failed for: r0v32, types: [eu.cec.digit.ecas.client.jaas.SignedUserConfirmationMessageCallbackIntf] */
    public final boolean login() throws javax.security.auth.login.LoginException {
        ValidatedUser validate;
        if (LOG.isDebugEnabled()) {
            LOG.debug(new StringBuffer().append("TicketLoginModule::login()").append("[").append(this.subject).append(", ").append(this.callbackHandler).append(", ").append(this.sharedState).append("] started").toString());
        }
        if (null == this.callbackHandler) {
            throw new javax.security.auth.login.LoginException("callbackHandler cannot be null");
        }
        EcasCallbackIntf ticketCallback = new TicketCallback();
        SignedUserConfirmationMessageCallback signedUserConfirmationMessageCallback = new SignedUserConfirmationMessageCallback();
        SignedAuthenticatedMessageCallback signedAuthenticatedMessageCallback = new SignedAuthenticatedMessageCallback();
        BackEndTicketCallback backEndTicketCallback = new BackEndTicketCallback();
        boolean z = false;
        boolean z2 = false;
        boolean z3 = false;
        boolean z4 = false;
        try {
            Callback[] callbackArr = {ticketCallback};
            this.callbackHandler.handle(callbackArr);
            if (ticketCallback == callbackArr[0]) {
                z = true;
                if (LOG.isDebugEnabled()) {
                    LOG.debug(new StringBuffer().append("TicketLoginModule::login()").append(": handling ticket callback succeeded; proceeding to authentication using ticket").toString());
                }
            } else if (callbackArr[0] instanceof TicketCallbackIntf) {
                ticketCallback = (TicketCallbackIntf) callbackArr[0];
                z = true;
                if (LOG.isDebugEnabled()) {
                    LOG.debug(new StringBuffer().append("TicketLoginModule::login()").append(": handling ticket callback succeeded; proceeding to authentication using overwritten ticket").toString());
                }
            } else if (LOG.isErrorEnabled()) {
                LOG.error(new StringBuffer().append("TicketLoginModule::login()").append(": handling ticket callback failed; ").append("ticket callback was ").append(callbackArr[0] != null ? new StringBuffer().append("overwritten by unknown implementation: ").append(callbackArr[0].getClass().getName()).toString() : "maliciously set to null").toString());
            }
        } catch (IOException e) {
            if (LOG.isDebugEnabled()) {
                LOG.debug(new StringBuffer().append("TicketLoginModule::login()").append(": handling ticket callback failed: ").append(e).toString(), e);
            }
        } catch (UnsupportedCallbackException e2) {
        }
        if (!z) {
            try {
                Callback[] callbackArr2 = {signedUserConfirmationMessageCallback};
                this.callbackHandler.handle(callbackArr2);
                if (signedUserConfirmationMessageCallback == callbackArr2[0]) {
                    z2 = true;
                    if (LOG.isDebugEnabled()) {
                        LOG.debug(new StringBuffer().append("TicketLoginModule::login()").append(": handling signature callback succeeded; proceeding to authentication using signature").toString());
                    }
                } else if (callbackArr2[0] instanceof SignedUserConfirmationMessageCallbackIntf) {
                    signedUserConfirmationMessageCallback = (SignedUserConfirmationMessageCallbackIntf) callbackArr2[0];
                    z2 = true;
                    if (LOG.isDebugEnabled()) {
                        LOG.debug(new StringBuffer().append("TicketLoginModule::login()").append(": handling signature callback succeeded; proceeding to authentication using overwritten signature").toString());
                    }
                } else if (LOG.isErrorEnabled()) {
                    LOG.error(new StringBuffer().append("TicketLoginModule::login()").append(": handling signature callback failed; ").append("signature callback was ").append(callbackArr2[0] != null ? new StringBuffer().append("overwritten by unknown implementation: ").append(callbackArr2[0].getClass().getName()).toString() : "maliciously set to null").toString());
                }
            } catch (IOException e3) {
                if (LOG.isDebugEnabled()) {
                    LOG.debug(new StringBuffer().append("TicketLoginModule::login()").append(": handling signature callback failed: ").append(e3).toString(), e3);
                }
            } catch (UnsupportedCallbackException e4) {
            }
        }
        if (!z && !z2) {
            try {
                Callback[] callbackArr3 = {signedAuthenticatedMessageCallback};
                this.callbackHandler.handle(callbackArr3);
                if (signedAuthenticatedMessageCallback == callbackArr3[0]) {
                    z3 = true;
                    if (LOG.isDebugEnabled()) {
                        LOG.debug(new StringBuffer().append("TicketLoginModule::login()").append(": handling transaction callback succeeded; proceeding to authentication using transaction").toString());
                    }
                } else if (callbackArr3[0] instanceof SignedAuthenticatedMessageCallbackIntf) {
                    signedAuthenticatedMessageCallback = (SignedAuthenticatedMessageCallbackIntf) callbackArr3[0];
                    z3 = true;
                    if (LOG.isDebugEnabled()) {
                        LOG.debug(new StringBuffer().append("TicketLoginModule::login()").append(": handling transaction callback succeeded; proceeding to authentication using overwritten transaction").toString());
                    }
                } else if (LOG.isErrorEnabled()) {
                    LOG.error(new StringBuffer().append("TicketLoginModule::login()").append(": handling transaction callback failed; ").append("transaction callback was ").append(callbackArr3[0] != null ? new StringBuffer().append("overwritten by unknown implementation: ").append(callbackArr3[0].getClass().getName()).toString() : "maliciously set to null").toString());
                }
            } catch (IOException e5) {
                if (LOG.isDebugEnabled()) {
                    LOG.debug(new StringBuffer().append("TicketLoginModule::login()").append(": handling transaction callback failed: ").append(e5).toString(), e5);
                }
            } catch (UnsupportedCallbackException e6) {
            }
        }
        if (!z && !z2 && !z3) {
            try {
                Callback[] callbackArr4 = {backEndTicketCallback};
                this.callbackHandler.handle(callbackArr4);
                if (backEndTicketCallback == callbackArr4[0]) {
                    z4 = true;
                    if (LOG.isDebugEnabled()) {
                        LOG.debug(new StringBuffer().append("TicketLoginModule::login()").append(": handling backEnd ticket callback succeeded; proceeding to authentication using backEnd ticket").toString());
                    }
                } else if (callbackArr4[0] instanceof BackEndTicketCallbackIntf) {
                    backEndTicketCallback = (BackEndTicketCallbackIntf) callbackArr4[0];
                    z4 = true;
                    if (LOG.isDebugEnabled()) {
                        LOG.debug(new StringBuffer().append("TicketLoginModule::login()").append(": handling backEnd ticket callback succeeded; proceeding to authentication using overwritten backEnd ticket").toString());
                    }
                } else if (LOG.isErrorEnabled()) {
                    LOG.error(new StringBuffer().append("TicketLoginModule::login()").append(": handling backEnd ticket callback failed; ").append("backEnd ticket callback was ").append(callbackArr4[0] != null ? new StringBuffer().append("overwritten by unknown implementation: ").append(callbackArr4[0].getClass().getName()).toString() : "maliciously set to null").toString());
                }
            } catch (IOException e7) {
                if (LOG.isDebugEnabled()) {
                    LOG.debug(new StringBuffer().append("TicketLoginModule::login()").append(": handling backEnd ticket callback failed: ").append(e7).toString(), e7);
                }
            } catch (UnsupportedCallbackException e8) {
            }
        }
        if (!z && !z2 && !z3 && !z4) {
            throw new FailedLoginException("handling callback failed: no ticket, signature or transaction");
        }
        if (z) {
            String ticket = ticketCallback.getTicket();
            String targetService = ticketCallback.getTargetService();
            EcasValidationConfigIntf ecasValidationConfig = ticketCallback.getEcasValidationConfig();
            if (null == ticket) {
                throw new InvalidCallbackException("ticket cannot be null");
            }
            if (null == targetService) {
                throw new InvalidCallbackException("targetService cannot be null");
            }
            if (null == ecasValidationConfig) {
                throw new InvalidCallbackException("validationConfig cannot be null");
            }
            validate = new ServerUserValidator(ecasValidationConfig).validate(ticket, targetService, ticketCallback.getRequest());
        } else if (z2) {
            UserConfirmationMessage userConfirmationMessage = signedUserConfirmationMessageCallback.getUserConfirmationMessage();
            String targetService2 = signedUserConfirmationMessageCallback.getTargetService();
            EcasValidationConfigIntf ecasValidationConfig2 = signedUserConfirmationMessageCallback.getEcasValidationConfig();
            if (null == userConfirmationMessage) {
                throw new InvalidCallbackException("signedUserConfirmationMessage cannot be null");
            }
            if (null == targetService2) {
                throw new InvalidCallbackException("targetService cannot be null");
            }
            if (null == ecasValidationConfig2) {
                throw new InvalidCallbackException("validationConfig cannot be null");
            }
            validate = new ServerUserValidator(ecasValidationConfig2).validateSignedUserConfirmationMessage(userConfirmationMessage, targetService2, signedUserConfirmationMessageCallback.getRequest());
        } else if (z3) {
            AuthenticatedMessage authenticatedMessage = signedAuthenticatedMessageCallback.getAuthenticatedMessage();
            String targetService3 = signedAuthenticatedMessageCallback.getTargetService();
            EcasValidationConfigIntf ecasValidationConfig3 = signedAuthenticatedMessageCallback.getEcasValidationConfig();
            if (null == authenticatedMessage) {
                throw new InvalidCallbackException("signedAuthenticatedMessage cannot be null");
            }
            if (null == targetService3) {
                throw new InvalidCallbackException("targetService cannot be null");
            }
            if (null == ecasValidationConfig3) {
                throw new InvalidCallbackException("validationConfig cannot be null");
            }
            validate = new ServerUserValidator(ecasValidationConfig3).validateSignedAuthenticatedMessage(authenticatedMessage, targetService3, signedAuthenticatedMessageCallback.getRequest());
        } else {
            String ticket2 = backEndTicketCallback.getTicket();
            String targetService4 = backEndTicketCallback.getTargetService();
            EcasValidationConfigIntf ecasValidationConfig4 = backEndTicketCallback.getEcasValidationConfig();
            if (null == ticket2) {
                throw new InvalidCallbackException("ticket cannot be null");
            }
            if (null == targetService4) {
                throw new InvalidCallbackException("targetService cannot be null");
            }
            if (null == ecasValidationConfig4) {
                throw new InvalidCallbackException("validationConfig cannot be null");
            }
            validate = new ServerUserValidator(ecasValidationConfig4).validate(ticket2, targetService4);
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug(new StringBuffer().append("TicketLoginModule::login()").append(": ticket validation successful for: ").append(validate).toString());
        }
        this.ecasGroups = new ArrayList();
        List groups = validate.getGroups();
        if (null != groups) {
            int size = groups.size();
            for (int i = 0; i < size; i++) {
                this.ecasGroups.add(new AuthenticatedGroup((String) groups.get(i)));
            }
        }
        this.extraGroups = new ArrayList();
        List extraGroups = validate.getExtraGroups();
        if (null != extraGroups) {
            int size2 = extraGroups.size();
            for (int i2 = 0; i2 < size2; i2++) {
                this.extraGroups.add(new ExtraGroupImpl((String) extraGroups.get(i2)));
            }
        }
        this.groups = new ArrayList();
        this.groups.addAll(this.ecasGroups);
        this.groups.addAll(this.extraGroups);
        List strengths = validate.getStrengths();
        this.strengths = new ArrayList(strengths.size());
        int size3 = strengths.size();
        for (int i3 = 0; i3 < size3; i3++) {
            this.strengths.add(new AuthenticatedStrength((eu.cec.digit.ecas.client.constants.Strength) strengths.get(i3)));
        }
        this.loginDate = new LoginDateImpl(validate.getLoginDate());
        if (validate instanceof DetailedValidatedUser) {
            this.detailedUser = new AuthenticatedDetailedUser.Builder((DetailedValidatedUser) validate).build();
        } else {
            this.detailedUser = new AuthenticatedDetailedUser.Builder(validate.getUser()).pgtIou(validate.getPgtIou()).build();
        }
        this.loginSuccessful = true;
        if (LOG.isInfoEnabled()) {
            LOG.info(new StringBuffer().append("TicketLoginModule::login()").append(": successful login for user: '").append(this.detailedUser.getName()).append("' with groups: ").append(this.groups).toString());
        }
        return this.loginSuccessful;
    }

    public boolean commit() throws javax.security.auth.login.LoginException {
        if (!this.loginSuccessful) {
            return false;
        }
        Set<Principal> principals = this.subject.getPrincipals();
        if (!principals.add(this.detailedUser)) {
            throw new LoginException("Could not add the ECAS DetailedUser Principal into the Subject");
        }
        principals.addAll(this.groups);
        Set<Object> publicCredentials = this.subject.getPublicCredentials();
        publicCredentials.addAll(this.strengths);
        publicCredentials.add(this.loginDate);
        return true;
    }

    public boolean abort() throws javax.security.auth.login.LoginException {
        Set<Principal> principals = this.subject.getPrincipals();
        principals.remove(this.detailedUser);
        principals.removeAll(this.groups);
        Set<Object> publicCredentials = this.subject.getPublicCredentials();
        publicCredentials.removeAll(this.strengths);
        publicCredentials.remove(this.loginDate);
        return true;
    }

    public boolean logout() throws javax.security.auth.login.LoginException {
        return true;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        LoggerFactory loggerFactory = LoggerFactory.getInstance();
        if (class$eu$cec$digit$ecas$client$jaas$TicketLoginModule == null) {
            cls = class$("eu.cec.digit.ecas.client.jaas.TicketLoginModule");
            class$eu$cec$digit$ecas$client$jaas$TicketLoginModule = cls;
        } else {
            cls = class$eu$cec$digit$ecas$client$jaas$TicketLoginModule;
        }
        LOG = loggerFactory.getLogger(cls);
    }
}
