package com.filenet.apiimpl.authentication.util;

import com.filenet.apiimpl.authentication.FnceCallbackHandler;
import com.filenet.apiimpl.authentication.util.AuthnUtil;
import com.filenet.apiimpl.exception.ExceptionAuthn;
import com.filenet.apiimpl.util.J2EEType;
import java.io.IOException;
import java.lang.reflect.Constructor;
import java.lang.reflect.Method;
import java.security.PrivilegedExceptionAction;
import java.security.acl.Group;
import javax.security.auth.Subject;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;

/* loaded from: input_file:Jace.jar:com/filenet/apiimpl/authentication/util/J2EEAuthnUtilJB.class */
public class J2EEAuthnUtilJB extends J2EEAuthnUtil {
    private static final String FNAME = "[J2EEAuthnUtilJB] ";
    private static final String NAME_KEY = "javax.security.auth.login.name";
    private static final String PASSWORD_KEY = "javax.security.auth.login.password";
    private static Constructor m_SimpleGroup;
    private static Method m_clear;
    private static Method m_getSubject;

    protected J2EEAuthnUtilJB() {
        fname = FNAME;
    }

    @Override // com.filenet.apiimpl.authentication.util.J2EEAuthnUtil
    public boolean precommitClientLogin(LmState lmState, char[] cArr) throws LoginException, IOException {
        if (cArr == null) {
            throw new IllegalArgumentException();
        }
        try {
            if (lmState.isDebug) {
                AuthnUtil.log(fname + "precommit authenticate");
            }
            if (!J2EEType.isInitialContextOk()) {
                AuthnUtil.warn(fname + "InitialContext not okay!");
            }
            LoginContext loginContext = new LoginContext("FileNetP8", new FnceCallbackHandler(lmState.princName, cArr));
            loginContext.login();
            Subject subject = loginContext.getSubject();
            if (subject == null) {
                AuthnUtil.warn(fname + "precommit authenticate returned null subject");
                throw new FailedLoginException(ExceptionAuthn.SECURITY_SUBJECT_NULL.toString());
            }
            if (lmState.isDebug) {
                AuthnUtil.log(fname + "precommit ClientContainer login successful");
            }
            lmState.newPrincipals.addAll(subject.getPrincipals());
            lmState.newPublicCredentials.addAll(subject.getPublicCredentials());
            lmState.newPrivateCredentials.addAll(subject.getPrivateCredentials());
            if (lmState.extraCred == null) {
                return true;
            }
            lmState.newPrivateCredentials.add(lmState.extraCred);
            return true;
        } catch (Exception e) {
            AuthnUtil.error(fname + "precommitClientLogin: " + e.getLocalizedMessage());
            if (e instanceof LoginException) {
                throw ((LoginException) e);
            }
            if (e instanceof IOException) {
                throw ((IOException) e);
            }
            if (e instanceof RuntimeException) {
                throw ((RuntimeException) e);
            }
            throw wrappedException(e);
        }
    }

    @Override // com.filenet.apiimpl.authentication.util.J2EEAuthnUtil
    public void cleanupLogin(LmState lmState) {
        if (lmState.isClient) {
            lmState.sharedState.remove(NAME_KEY);
            lmState.sharedState.remove(PASSWORD_KEY);
        }
        super.cleanupLogin(lmState);
    }

    @Override // com.filenet.apiimpl.authentication.util.J2EEAuthnUtil
    public void addUserPrincipal(LmState lmState, String str) {
        AuthnUtil.FnCLMPrincipal fnCLMPrincipal = new AuthnUtil.FnCLMPrincipal(str);
        Group createGroup = createGroup("CallerPrincipal");
        createGroup.addMember(fnCLMPrincipal);
        lmState.newPrincipals.add(fnCLMPrincipal);
        lmState.newPrincipals.add(createGroup);
    }

    @Override // com.filenet.apiimpl.authentication.util.J2EEAuthnUtil
    public void addGroupPrincipal(LmState lmState, String str) {
        AuthnUtil.FnPrincipal fnPrincipal = new AuthnUtil.FnPrincipal(str);
        Group createGroup = createGroup("Roles");
        createGroup.addMember(fnPrincipal);
        lmState.newPrincipals.add(createGroup);
    }

    @Override // com.filenet.apiimpl.authentication.util.J2EEAuthnUtil
    public Object runAs(Subject subject, PrivilegedExceptionAction privilegedExceptionAction) throws Exception {
        DynLoginContext dynLoginContext = AuthnUtil.setupJBossClientSecurity(subject);
        if (dynLoginContext == null) {
            return super.runAs(subject, privilegedExceptionAction);
        }
        try {
            Object runAs = super.runAs(subject, privilegedExceptionAction);
            try {
                dynLoginContext.logout();
                return runAs;
            } catch (LoginException e) {
                throw wrappedException(e);
            }
        } catch (Throwable th) {
            try {
                dynLoginContext.logout();
                throw th;
            } catch (LoginException e2) {
                throw wrappedException(e2);
            }
        }
    }

    @Override // com.filenet.apiimpl.authentication.util.J2EEAuthnUtil
    public Subject getCurrentSubject() {
        return (Subject) reflectionCall(m_getSubject, null, null);
    }

    @Override // com.filenet.apiimpl.authentication.util.J2EEAuthnUtil
    public boolean isCachingNeeded() {
        return true;
    }

    private static Group createGroup(String str) {
        return (Group) reflectionConstructor(m_SimpleGroup, new Object[]{str});
    }

    private static void securityClear() {
        reflectionCall(m_clear, null, null);
    }

    static {
        J2EEType.setAppServerType(2);
        try {
            ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
            Class<?> cls = Class.forName("org.jboss.security.SimpleGroup", false, contextClassLoader);
            Class<?> cls2 = Class.forName("org.jboss.security.SecurityAssociation", false, contextClassLoader);
            m_SimpleGroup = cls.getConstructor(String.class);
            m_getSubject = cls2.getMethod("getSubject", (Class[]) null);
            m_clear = cls2.getMethod("clear", (Class[]) null);
        } catch (Exception e) {
            AuthnUtil.error("[J2EEAuthnUtilJB] Failed static initialization: " + e.getLocalizedMessage());
            if (!(e instanceof RuntimeException)) {
                throw wrappedException(e);
            }
            throw ((RuntimeException) e);
        }
    }
}
