package ovise.handling.security;

import com.sun.xml.rpc.client.ClientTransportException;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.StreamTokenizer;
import java.security.Principal;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import javax.ejb.EJBException;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.AccountLockedException;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.Configuration;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginContext;
import ovise.contract.Contract;
import ovise.handling.data.query.Comparison;
import ovise.technology.environment.SystemCore;
import ovise.technology.service.ServiceAgent;

/* loaded from: input_file:ovise/handling/security/DefaultLoginHandler.class */
public class DefaultLoginHandler implements LoginHandler, CallbackHandler {
    private String loginName;
    private char[] password;
    private LoginContext lc;

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:ovise/handling/security/DefaultLoginHandler$DefaultConfiguration.class */
    public static class DefaultConfiguration extends Configuration {
        private StreamTokenizer st;
        private int lookahead;
        protected String filename;
        protected static final Map<String, AppConfigurationEntry.LoginModuleControlFlag> CONTROL_FLAGS = new HashMap(4);
        private int linenum = 1;
        private Map<String, List> configsMap = new HashMap();

        static {
            CONTROL_FLAGS.put("REQUIRED", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED);
            CONTROL_FLAGS.put("REQUISITE", AppConfigurationEntry.LoginModuleControlFlag.REQUISITE);
            CONTROL_FLAGS.put("SUFFICIENT", AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT);
            CONTROL_FLAGS.put("OPTIONAL", AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL);
        }

        protected DefaultConfiguration(InputStream inputStream, String str) {
            this.filename = str;
            init(inputStream);
        }

        /* JADX WARN: Multi-variable type inference failed */
        /* JADX WARN: Type inference failed for: r0v3, types: [java.util.Map<java.lang.String, java.util.List>] */
        /* JADX WARN: Type inference failed for: r0v4, types: [java.lang.Throwable] */
        /* JADX WARN: Type inference failed for: r0v9 */
        public AppConfigurationEntry[] getAppConfigurationEntry(String str) {
            AppConfigurationEntry[] appConfigurationEntryArr = null;
            ?? r0 = this.configsMap;
            synchronized (r0) {
                List<AppConfigurationEntry> list = this.configsMap.get(str);
                r0 = r0;
                if (list != null) {
                    appConfigurationEntryArr = new AppConfigurationEntry[list.size()];
                    int i = 0;
                    for (AppConfigurationEntry appConfigurationEntry : list) {
                        appConfigurationEntryArr[i] = new AppConfigurationEntry(appConfigurationEntry.getLoginModuleName(), appConfigurationEntry.getControlFlag(), appConfigurationEntry.getOptions());
                        i++;
                    }
                }
                return appConfigurationEntryArr;
            }
        }

        public synchronized void refresh() {
            init(null);
        }

        /* JADX WARN: Multi-variable type inference failed */
        /* JADX WARN: Type inference failed for: r0v3, types: [java.util.Map<java.lang.String, java.util.List>] */
        /* JADX WARN: Type inference failed for: r0v35, types: [java.util.Map<java.lang.String, java.util.List>] */
        /* JADX WARN: Type inference failed for: r0v36, types: [java.lang.Throwable] */
        /* JADX WARN: Type inference failed for: r0v4, types: [java.lang.Throwable] */
        /* JADX WARN: Type inference failed for: r0v41 */
        /* JADX WARN: Type inference failed for: r0v7 */
        protected void init(InputStream inputStream) {
            if (inputStream == null && this.filename != null) {
                inputStream = getClass().getResourceAsStream(this.filename);
            }
            if (inputStream == null) {
                ?? r0 = this.configsMap;
                synchronized (r0) {
                    this.configsMap.clear();
                    r0 = r0;
                    return;
                }
            }
            HashMap hashMap = new HashMap();
            BufferedReader bufferedReader = null;
            try {
                try {
                    bufferedReader = new BufferedReader(new InputStreamReader(inputStream, "UTF-8"));
                    this.st = new StreamTokenizer(bufferedReader);
                    this.st.quoteChar(34);
                    this.st.wordChars(36, 36);
                    this.st.wordChars(95, 95);
                    this.st.wordChars(45, 45);
                    this.st.lowerCaseMode(false);
                    this.st.slashSlashComments(true);
                    this.st.slashStarComments(true);
                    this.st.eolIsSignificant(true);
                    while (nextToken() != -1) {
                        parse(hashMap);
                    }
                    ?? r02 = this.configsMap;
                    synchronized (r02) {
                        this.configsMap.clear();
                        this.configsMap.putAll(hashMap);
                        r02 = r02;
                        if (bufferedReader != null) {
                            try {
                                bufferedReader.close();
                            } catch (Exception e) {
                            }
                        }
                    }
                } catch (Throwable th) {
                    if (bufferedReader != null) {
                        try {
                            bufferedReader.close();
                        } catch (Exception e2) {
                        }
                    }
                    throw th;
                }
            } catch (Exception e3) {
                throw new SecurityException("Login-Konfiguration '" + this.filename + "' fehlerhaft.", e3);
            }
        }

        private void parse(Map map) throws IOException {
            String str = this.st.sval;
            LinkedList linkedList = new LinkedList();
            this.lookahead = nextToken();
            match("{");
            while (!peek("}")) {
                String match = match("Module class name");
                String match2 = match("Control flag");
                AppConfigurationEntry.LoginModuleControlFlag loginModuleControlFlag = CONTROL_FLAGS.get(match2.toUpperCase());
                if (loginModuleControlFlag == null) {
                    throw new IOException("Control flag '" + match2 + "' in Zeile " + this.linenum + " ungueltig.");
                }
                HashMap hashMap = new HashMap();
                while (!peek(";")) {
                    String match3 = match("Option key");
                    match("=");
                    hashMap.put(match3, match("Option value"));
                }
                this.lookahead = nextToken();
                linkedList.add(new AppConfigurationEntry(match, loginModuleControlFlag, hashMap));
            }
            match("}");
            match(";");
            map.put(str, linkedList);
        }

        private String match(String str) throws IOException {
            String str2 = null;
            switch (this.lookahead) {
                case -3:
                case 34:
                    if (!str.equalsIgnoreCase("Module class name") && !str.equalsIgnoreCase("Control flag") && !str.equalsIgnoreCase("Option key") && !str.equalsIgnoreCase("Option value")) {
                        throw new IOException("Syntax in Zeile " + this.linenum + " ungueltig: erwarte " + str + ", gefunden '" + this.st.sval + "'.");
                    }
                    str2 = this.st.sval;
                    this.lookahead = nextToken();
                    break;
                    break;
                case -1:
                    throw new IOException("Unerwartetes Dateiende (EOF).");
                case 59:
                    if (!str.equalsIgnoreCase(";")) {
                        throw new IOException("Syntax in Zeile " + this.linenum + " ungueltig: erwarte " + str + ", gefunden '" + this.st.sval + "'.");
                    }
                    this.lookahead = nextToken();
                    break;
                case 61:
                    if (!str.equalsIgnoreCase("=")) {
                        throw new IOException("Syntax in Zeile " + this.linenum + " ungueltig: erwarte " + str + ", gefunden '" + this.st.sval + "'.");
                    }
                    this.lookahead = nextToken();
                    break;
                case 123:
                    if (!str.equalsIgnoreCase("{")) {
                        throw new IOException("Syntax in Zeile " + this.linenum + " ungueltig: erwarte " + str + ", gefunden '" + this.st.sval + "'.");
                    }
                    this.lookahead = nextToken();
                    break;
                case 125:
                    if (!str.equalsIgnoreCase("}")) {
                        throw new IOException("Syntax in Zeile " + this.linenum + " ungueltig: erwarte " + str + ", gefunden '" + this.st.sval + "'.");
                    }
                    this.lookahead = nextToken();
                    break;
                default:
                    throw new IOException("Syntax in Zeile " + this.linenum + " ungueltig: erwarte " + str + ", gefunden '" + this.st.sval + "'.");
            }
            return str2;
        }

        private boolean peek(String str) {
            boolean z = false;
            switch (this.lookahead) {
                case 44:
                    if (str.equalsIgnoreCase(Comparison.IN_OPERATOR)) {
                        z = true;
                        break;
                    }
                    break;
                case 59:
                    if (str.equalsIgnoreCase(";")) {
                        z = true;
                        break;
                    }
                    break;
                case 123:
                    if (str.equalsIgnoreCase("{")) {
                        z = true;
                        break;
                    }
                    break;
                case 125:
                    if (str.equalsIgnoreCase("}")) {
                        z = true;
                        break;
                    }
                    break;
            }
            return z;
        }

        private int nextToken() throws IOException {
            while (true) {
                int nextToken = this.st.nextToken();
                if (nextToken != 10) {
                    return nextToken;
                }
                this.linenum++;
            }
        }
    }

    @Override // ovise.handling.security.LoginHandler
    public void handleLogin(UserPrincipal userPrincipal) throws LoginException {
        Contract.checkNotNull(userPrincipal, "Benutzer ist erforderlich.");
        SystemCore.instance().setProperty(UserPrincipal.class.getName(), userPrincipal);
        this.loginName = userPrincipal.getName();
        this.password = userPrincipal.getPassword();
        try {
            this.lc = new LoginContext("oviseauth", (Subject) null, this, createLoginConfig());
            this.lc.login();
            Principal login = LoginVerifier.getProxyInstance().login();
            if (login == null || !login.getName().equals(this.loginName)) {
                throw new SecurityException();
            }
            if (login instanceof UserPrincipal) {
                userPrincipal.setPasswordExpired(((UserPrincipal) login).getPasswordExpired());
            } else {
                userPrincipal.setPasswordExpired(false);
            }
            ServiceAgent.instance().updatePassword(this.loginName, this.password);
        } catch (Throwable th) {
            SystemCore.instance().removeProperty(UserPrincipal.class.getName());
            ClientTransportException clientTransportException = th;
            while (!(clientTransportException instanceof javax.security.auth.login.LoginException) && !(clientTransportException instanceof SecurityException) && (!(clientTransportException instanceof ClientTransportException) || !clientTransportException.getKey().equals("http.client.unauthorized"))) {
                ClientTransportException causedByException = clientTransportException instanceof EJBException ? ((EJBException) clientTransportException).getCausedByException() : clientTransportException.getCause();
                clientTransportException = causedByException;
                if (causedByException == null) {
                    throw new LoginException("Keine Verbindung zum Server.", th);
                }
            }
            if (clientTransportException instanceof FailedLoginException) {
                throw new LoginException(1, "Benutzername/Passwort fehlerhaft.", clientTransportException);
            }
            if (!(clientTransportException instanceof AccountLockedException)) {
                throw new LoginException(3, "Unautorisierter Zugriff.", clientTransportException);
            }
            throw new LoginException(2, "Benutzerkonto gesperrt.", clientTransportException);
        }
    }

    @Override // ovise.handling.security.LoginHandler
    public void handleLogout(UserPrincipal userPrincipal) throws LoginException {
        try {
            this.lc.logout();
        } catch (Exception e) {
            throw new LoginException("Fehler beim Ausloggen.", e);
        }
    }

    @Override // javax.security.auth.callback.CallbackHandler
    public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
        for (int i = 0; i < callbackArr.length; i++) {
            if (callbackArr[i] instanceof NameCallback) {
                ((NameCallback) callbackArr[i]).setName(this.loginName);
            } else {
                if (!(callbackArr[i] instanceof PasswordCallback)) {
                    throw new UnsupportedCallbackException(callbackArr[i], "Callback wird nicht unterstuetzt.");
                }
                ((PasswordCallback) callbackArr[i]).setPassword(this.password);
            }
        }
    }

    protected Configuration createLoginConfig() {
        DefaultConfiguration defaultConfiguration = null;
        InputStream resourceAsStream = getClass().getResourceAsStream("/oviseauth.conf");
        if (resourceAsStream != null) {
            defaultConfiguration = new DefaultConfiguration(resourceAsStream, "/oviseauth.conf");
        }
        return defaultConfiguration;
    }
}
