package org.josso.jb5.agent;

import java.security.Principal;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.josso.gateway.identity.SSORole;
import org.josso.gateway.identity.SSOUser;
import org.josso.gateway.identity.service.BaseRoleImpl;
import org.josso.gateway.identity.service.BaseUserImpl;
import org.josso.jaspi.agent.SSOGatewayLoginModule;

/* loaded from: input_file:org/josso/jb5/agent/JBossSSOGatewayLoginModule.class */
public class JBossSSOGatewayLoginModule extends SSOGatewayLoginModule {
    private static final Log logger = LogFactory.getLog(JBossSSOGatewayLoginModule.class);
    protected SSOUser _unauthenticatedIdentity;
    private Subject _savedSubject;

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        this._savedSubject = subject;
        super.initialize(subject, callbackHandler, map, map2);
        String str = (String) map2.get("unauthenticatedIdentity");
        if (str != null) {
            try {
                this._unauthenticatedIdentity = createIdentity(str);
                logger.debug("Saw unauthenticatedIdentity=" + str);
            } catch (Exception e) {
                logger.warn("Failed to create custom unauthenticatedIdentity", e);
            }
        }
    }

    public boolean login() throws LoginException {
        if (super.login()) {
            return true;
        }
        if (this._unauthenticatedIdentity == null) {
            return false;
        }
        logger.debug("Authenticated as unauthenticatedIdentity : " + this._unauthenticatedIdentity);
        this._ssoUserPrincipal = this._unauthenticatedIdentity;
        this._succeeded = true;
        return true;
    }

    public boolean commit() throws LoginException {
        boolean commit = super.commit();
        Set principals = this._savedSubject.getPrincipals(SSORole.class);
        BaseRoleImpl baseRoleImpl = new BaseRoleImpl("Roles");
        Iterator it = principals.iterator();
        while (it.hasNext()) {
            baseRoleImpl.addMember((Principal) it.next());
        }
        this._savedSubject.getPrincipals().add(baseRoleImpl);
        Set principals2 = this._savedSubject.getPrincipals(SSOUser.class);
        BaseRoleImpl baseRoleImpl2 = new BaseRoleImpl("CallerPrincipal");
        Iterator it2 = principals2.iterator();
        if (it2.hasNext()) {
            baseRoleImpl2.addMember((Principal) it2.next());
        }
        this._savedSubject.getPrincipals().add(baseRoleImpl2);
        return commit;
    }

    protected SSORole[] getRoleSets() throws LoginException {
        if (this._ssoUserPrincipal != this._unauthenticatedIdentity) {
            return super.getRoleSets();
        }
        if (logger.isDebugEnabled()) {
            logger.debug("Using unauthenticatedIdentity " + this._ssoUserPrincipal + ", returning no roles.");
        }
        return new SSORole[0];
    }

    protected SSOUser createIdentity(String str) {
        return new BaseUserImpl(str);
    }
}
