package com.floragunn.dlic.auth.kerberos;

import java.io.IOException;
import java.nio.file.Path;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.kerberos.KerberosPrincipal;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.Configuration;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;

/* loaded from: input_file:com/floragunn/dlic/auth/kerberos/JaasKrbUtil.class */
public final class JaasKrbUtil {
    private static boolean debug = false;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/floragunn/dlic/auth/kerberos/JaasKrbUtil$KeytabJaasConf.class */
    public static class KeytabJaasConf extends Configuration {
        private final String principal;
        private final Path keytabPath;
        private final boolean initiator;

        public KeytabJaasConf(String str, Path path, boolean z) {
            this.principal = str;
            this.keytabPath = path;
            this.initiator = z;
        }

        public AppConfigurationEntry[] getAppConfigurationEntry(String str) {
            HashMap hashMap = new HashMap();
            hashMap.put("keyTab", this.keytabPath.toAbsolutePath().toString());
            hashMap.put("principal", this.principal);
            hashMap.put("useKeyTab", "true");
            hashMap.put("storeKey", "true");
            hashMap.put("doNotPrompt", "true");
            hashMap.put("renewTGT", "false");
            hashMap.put("refreshKrb5Config", "true");
            hashMap.put("isInitiator", String.valueOf(this.initiator));
            hashMap.put("debug", String.valueOf(JaasKrbUtil.debug));
            return new AppConfigurationEntry[]{new AppConfigurationEntry(JaasKrbUtil.access$100(), AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, hashMap)};
        }
    }

    /* loaded from: input_file:com/floragunn/dlic/auth/kerberos/JaasKrbUtil$KrbCallbackHandler.class */
    public static class KrbCallbackHandler implements CallbackHandler {
        private final String principal;
        private final String password;

        public KrbCallbackHandler(String str, String str2) {
            this.principal = str;
            this.password = str2;
        }

        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
            for (int i = 0; i < callbackArr.length; i++) {
                if (callbackArr[i] instanceof PasswordCallback) {
                    PasswordCallback passwordCallback = (PasswordCallback) callbackArr[i];
                    if (passwordCallback.getPrompt().contains(this.principal)) {
                        passwordCallback.setPassword(this.password.toCharArray());
                        return;
                    }
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/floragunn/dlic/auth/kerberos/JaasKrbUtil$PasswordJaasConf.class */
    public static class PasswordJaasConf extends Configuration {
        private final String principal;

        public PasswordJaasConf(String str) {
            this.principal = str;
        }

        public AppConfigurationEntry[] getAppConfigurationEntry(String str) {
            HashMap hashMap = new HashMap();
            hashMap.put("principal", this.principal);
            hashMap.put("storeKey", "true");
            hashMap.put("useTicketCache", "true");
            hashMap.put("useKeyTab", "false");
            hashMap.put("renewTGT", "true");
            hashMap.put("refreshKrb5Config", "true");
            hashMap.put("isInitiator", "true");
            hashMap.put("debug", String.valueOf(JaasKrbUtil.debug));
            return new AppConfigurationEntry[]{new AppConfigurationEntry(JaasKrbUtil.access$100(), AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, hashMap)};
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/floragunn/dlic/auth/kerberos/JaasKrbUtil$TicketCacheJaasConf.class */
    public static class TicketCacheJaasConf extends Configuration {
        private final String principal;
        private final Path clientCredentialPath;

        public TicketCacheJaasConf(String str, Path path) {
            this.principal = str;
            this.clientCredentialPath = path;
        }

        public AppConfigurationEntry[] getAppConfigurationEntry(String str) {
            HashMap hashMap = new HashMap();
            hashMap.put("principal", this.principal);
            hashMap.put("storeKey", "false");
            hashMap.put("doNotPrompt", "false");
            hashMap.put("useTicketCache", "true");
            hashMap.put("renewTGT", "true");
            hashMap.put("refreshKrb5Config", "true");
            hashMap.put("isInitiator", "true");
            hashMap.put("ticketCache", this.clientCredentialPath.toAbsolutePath().toString());
            hashMap.put("debug", String.valueOf(JaasKrbUtil.debug));
            return new AppConfigurationEntry[]{new AppConfigurationEntry(JaasKrbUtil.access$100(), AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, hashMap)};
        }
    }

    private JaasKrbUtil() {
    }

    public static void setDebug(boolean z) {
        debug = z;
    }

    public static Subject loginUsingPassword(String str, String str2) throws LoginException {
        HashSet hashSet = new HashSet();
        hashSet.add(new KerberosPrincipal(str));
        LoginContext loginContext = new LoginContext("PasswordConf", new Subject(false, hashSet, new HashSet(), new HashSet()), new KrbCallbackHandler(str, str2), usePassword(str));
        loginContext.login();
        return loginContext.getSubject();
    }

    public static Subject loginUsingTicketCache(String str, Path path) throws LoginException {
        HashSet hashSet = new HashSet();
        hashSet.add(new KerberosPrincipal(str));
        LoginContext loginContext = new LoginContext("TicketCacheConf", new Subject(false, hashSet, new HashSet(), new HashSet()), (CallbackHandler) null, useTicketCache(str, path));
        loginContext.login();
        return loginContext.getSubject();
    }

    public static Subject loginUsingKeytab(Set<String> set, Path path, boolean z) throws LoginException {
        HashSet hashSet = new HashSet();
        Iterator<String> it = set.iterator();
        while (it.hasNext()) {
            hashSet.add(new KerberosPrincipal(it.next()));
        }
        LoginContext loginContext = new LoginContext("KeytabConf", new Subject(false, hashSet, new HashSet(), new HashSet()), (CallbackHandler) null, useKeytab("*", path, z));
        loginContext.login();
        return loginContext.getSubject();
    }

    public static Configuration usePassword(String str) {
        return new PasswordJaasConf(str);
    }

    public static Configuration useTicketCache(String str, Path path) {
        return new TicketCacheJaasConf(str, path);
    }

    public static Configuration useKeytab(String str, Path path, boolean z) {
        return new KeytabJaasConf(str, path, z);
    }

    private static String getKrb5LoginModuleName() {
        return System.getProperty("java.vendor").contains("IBM") ? "com.ibm.security.auth.module.Krb5LoginModule" : "com.sun.security.auth.module.Krb5LoginModule";
    }

    static /* synthetic */ String access$100() {
        return getKrb5LoginModuleName();
    }
}
