package com.sun.enterprise.connectors.work.context;

import com.sun.enterprise.connectors.work.LogFacade;
import com.sun.enterprise.security.SecurityContext;
import java.io.IOException;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.message.callback.CallerPrincipalCallback;
import javax.security.auth.message.callback.GroupPrincipalCallback;
import javax.security.auth.message.callback.PasswordValidationCallback;
import org.eclipse.persistence.internal.oxm.Constants;
import org.glassfish.logging.annotation.LogMessageInfo;
import org.glassfish.security.common.Group;
import org.glassfish.security.common.PrincipalImpl;

/* loaded from: input_file:MICRO-INF/runtime/work-management.jar:com/sun/enterprise/connectors/work/context/ConnectorCallbackHandler.class */
public class ConnectorCallbackHandler implements CallbackHandler {
    private static final Logger logger = LogFacade.getLogger();
    public static final List<String> supportedCallbacks = new ArrayList();
    private CallbackHandler handler;
    private boolean needMapping;
    private Map securityMap;
    private Subject executionSubject;

    @LogMessageInfo(message = "Unsupported callback {0} during credential mapping.", comment = "Unsupported callback class.", level = "WARNING", cause = "Resource adapter has used a callback that is not supported by application server.", action = "Check whether the callback in question is supported by application server.", publish = true)
    private static final String RAR_UNSUPPORT_CALLBACK = "AS-RAR-05012";

    public ConnectorCallbackHandler(Subject subject, CallbackHandler callbackHandler, Map map) {
        this.handler = callbackHandler;
        if (map != null && map.size() > 0) {
            this.needMapping = true;
            if (logger.isLoggable(Level.FINEST)) {
                logger.finest("translation required for security info ");
            }
        } else if (logger.isLoggable(Level.FINEST)) {
            logger.finest("no translation required for security info ");
        }
        this.executionSubject = subject;
        this.securityMap = map;
    }

    @Override // javax.security.auth.callback.CallbackHandler
    public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
        Callback[] callbackArr2 = callbackArr;
        if (callbackArr != null) {
            ArrayList arrayList = new ArrayList();
            boolean hasCallerPrincipalCallback = hasCallerPrincipalCallback(callbackArr);
            if (this.needMapping) {
                for (Callback callback : callbackArr) {
                    boolean z = false;
                    Iterator<String> it = supportedCallbacks.iterator();
                    while (it.hasNext()) {
                        try {
                            if (Class.forName(it.next()).isAssignableFrom(callback.getClass())) {
                                z = true;
                                arrayList.add(handleSupportedCallback(callback));
                            }
                        } catch (ClassNotFoundException e) {
                            if (logger.isLoggable(Level.FINEST)) {
                                logger.log(Level.FINEST, "class not found", (Throwable) e);
                            }
                        }
                    }
                    if (!z) {
                        UnsupportedCallbackException unsupportedCallbackException = new UnsupportedCallbackException(callback);
                        logger.log(Level.WARNING, RAR_UNSUPPORT_CALLBACK, new Object[]{callback.getClass().getName(), unsupportedCallbackException});
                        throw unsupportedCallbackException;
                    }
                }
                callbackArr2 = new Callback[arrayList.size()];
                for (int i = 0; i < arrayList.size(); i++) {
                    callbackArr2[i] = (Callback) arrayList.get(i);
                }
            }
            this.handler.handle(callbackArr2);
            processResults(callbackArr2, hasCallerPrincipalCallback);
        }
    }

    private boolean hasCallerPrincipalCallback(Callback[] callbackArr) {
        if (callbackArr == null) {
            return false;
        }
        for (Callback callback : callbackArr) {
            if (callback instanceof CallerPrincipalCallback) {
                return true;
            }
        }
        return false;
    }

    private void processResults(Callback[] callbackArr, boolean z) {
        Set<Principal> principals;
        if (callbackArr != null) {
            Subject subject = new Subject();
            if (!z && (principals = this.executionSubject.getPrincipals()) != null && principals.size() == 1) {
                for (Principal principal : principals) {
                    Principal mappedPrincipal = this.needMapping ? getMappedPrincipal(principal, null) : principal;
                    if (mappedPrincipal != null) {
                        subject.getPrincipals().add(mappedPrincipal);
                    }
                }
                subject.getPublicCredentials().addAll(this.executionSubject.getPublicCredentials());
                subject.getPrivateCredentials().addAll(this.executionSubject.getPrivateCredentials());
            }
            for (Callback callback : callbackArr) {
                if (callback instanceof CallerPrincipalCallback) {
                    CallerPrincipalCallback callerPrincipalCallback = (CallerPrincipalCallback) callback;
                    subject.getPrincipals().addAll(callerPrincipalCallback.getSubject().getPrincipals());
                    subject.getPublicCredentials().addAll(callerPrincipalCallback.getSubject().getPublicCredentials());
                    subject.getPrivateCredentials().addAll(callerPrincipalCallback.getSubject().getPrivateCredentials());
                } else if (callback instanceof GroupPrincipalCallback) {
                    GroupPrincipalCallback groupPrincipalCallback = (GroupPrincipalCallback) callback;
                    subject.getPrincipals().addAll(groupPrincipalCallback.getSubject().getPrincipals());
                    subject.getPublicCredentials().addAll(groupPrincipalCallback.getSubject().getPublicCredentials());
                    subject.getPrivateCredentials().addAll(groupPrincipalCallback.getSubject().getPrivateCredentials());
                } else if (callback instanceof PasswordValidationCallback) {
                    PasswordValidationCallback passwordValidationCallback = (PasswordValidationCallback) callback;
                    subject.getPrincipals().addAll(passwordValidationCallback.getSubject().getPrincipals());
                    subject.getPublicCredentials().addAll(passwordValidationCallback.getSubject().getPublicCredentials());
                    subject.getPrivateCredentials().addAll(passwordValidationCallback.getSubject().getPrivateCredentials());
                }
            }
            SecurityContext.setCurrent(new SecurityContext(subject));
        }
    }

    private Callback handleSupportedCallback(Callback callback) throws UnsupportedCallbackException {
        if (callback instanceof CallerPrincipalCallback) {
            return handleCallerPrincipalCallbackWithMapping((CallerPrincipalCallback) callback);
        }
        if (callback instanceof GroupPrincipalCallback) {
            return handleGroupPrincipalCallbackWithMapping((GroupPrincipalCallback) callback);
        }
        throw new UnsupportedCallbackException(callback);
    }

    private Callback handleGroupPrincipalCallbackWithMapping(GroupPrincipalCallback groupPrincipalCallback) {
        String[] groups = groupPrincipalCallback.getGroups();
        ArrayList arrayList = new ArrayList();
        for (String str : groups) {
            Group group = (Group) this.securityMap.get(new Group(str));
            if (group != null) {
                if (logger.isLoggable(Level.FINEST)) {
                    logger.finest("got mapped group as [" + str + "] for eis-group [" + group.getName() + Constants.XPATH_INDEX_CLOSED);
                }
                arrayList.add(group.getName());
            }
        }
        String[] strArr = new String[arrayList.size()];
        for (int i = 0; i < arrayList.size(); i++) {
            strArr[i] = (String) arrayList.get(i);
        }
        return new GroupPrincipalCallback(groupPrincipalCallback.getSubject(), strArr);
    }

    public Callback handleCallerPrincipalCallbackWithMapping(CallerPrincipalCallback callerPrincipalCallback) {
        return new CallerPrincipalCallback(callerPrincipalCallback.getSubject(), getMappedPrincipal(callerPrincipalCallback.getPrincipal(), callerPrincipalCallback.getName()));
    }

    private Principal getMappedPrincipal(Principal principal, String str) {
        PrincipalImpl principalImpl = null;
        if (principal != null) {
            principalImpl = (PrincipalImpl) this.securityMap.get(principal);
            if (logger.isLoggable(Level.FINEST)) {
                logger.finest("got mapped principal as [" + principalImpl + "] for eis-group [" + principal.getName() + Constants.XPATH_INDEX_CLOSED);
            }
        } else if (str != null) {
            principalImpl = (PrincipalImpl) this.securityMap.get(new PrincipalImpl(str));
            if (logger.isLoggable(Level.FINEST)) {
                logger.finest("got mapped principal as [" + principalImpl + "] for eis-group [" + str + Constants.XPATH_INDEX_CLOSED);
            }
        }
        return principalImpl;
    }

    static {
        supportedCallbacks.add(GroupPrincipalCallback.class.getName());
        supportedCallbacks.add(CallerPrincipalCallback.class.getName());
    }
}
