package weblogic.security.service.internal;

import com.bea.common.engine.ServiceConfigurationException;
import com.bea.common.engine.ServiceInitializationException;
import com.bea.common.engine.ServiceLifecycleSpi;
import com.bea.common.engine.Services;
import com.bea.common.logger.service.LoggerService;
import com.bea.common.logger.spi.LoggerSpi;
import com.bea.common.security.service.AuditService;
import com.bea.common.security.service.Identity;
import com.bea.common.security.service.JAASLoginService;
import com.bea.common.security.utils.UsernameUtils;
import java.io.IOException;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import weblogic.security.SecurityLogger;
import weblogic.security.auth.callback.IdentityDomainNames;
import weblogic.security.auth.callback.IdentityDomainUserCallback;
import weblogic.security.providers.authentication.LoginServerUnavailableException;
import weblogic.security.service.ContextHandler;

/* loaded from: input_file:weblogic/security/service/internal/WLSJAASLoginServiceImpl.class */
public class WLSJAASLoginServiceImpl implements ServiceLifecycleSpi {
    private LoggerSpi logger;
    private AuditService auditService;
    private JAASLoginService baseService;
    private UserLockoutRuntimeService userLockoutRuntimeService;

    /* loaded from: input_file:weblogic/security/service/internal/WLSJAASLoginServiceImpl$CallbackHandlerWrapper.class */
    private final class CallbackHandlerWrapper implements CallbackHandler {
        private CallbackHandler delegate;
        private boolean gotUserNameFromDelegate;
        private String userName;
        private String identityDomain;

        private CallbackHandlerWrapper(CallbackHandler callbackHandler) {
            this.delegate = callbackHandler;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public String getUserName() {
            return this.userName;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public String getIdentityDomain() {
            return this.identityDomain;
        }

        @Override // javax.security.auth.callback.CallbackHandler
        public synchronized void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
            this.delegate.handle(callbackArr);
            for (int i = 0; !this.gotUserNameFromDelegate && callbackArr != null && i < callbackArr.length; i++) {
                if (callbackArr[i] instanceof NameCallback) {
                    this.userName = ((NameCallback) callbackArr[i]).getName();
                    this.gotUserNameFromDelegate = true;
                } else if (callbackArr[i] instanceof IdentityDomainUserCallback) {
                    IdentityDomainNames user = ((IdentityDomainUserCallback) callbackArr[i]).getUser();
                    this.userName = user.getName();
                    this.identityDomain = user.getIdentityDomain();
                    this.gotUserNameFromDelegate = true;
                }
            }
        }
    }

    /* loaded from: input_file:weblogic/security/service/internal/WLSJAASLoginServiceImpl$ServiceImpl.class */
    private final class ServiceImpl implements JAASLoginService {
        private ServiceImpl() {
        }

        public Identity login(String str, CallbackHandler callbackHandler, ContextHandler contextHandler) throws LoginException {
            boolean isDebugEnabled = WLSJAASLoginServiceImpl.this.logger.isDebugEnabled();
            String str2 = isDebugEnabled ? getClass().getName() + ".authenticate" : null;
            if (isDebugEnabled) {
                WLSJAASLoginServiceImpl.this.logger.debug(str2);
            }
            CallbackHandlerWrapper callbackHandlerWrapper = new CallbackHandlerWrapper(callbackHandler);
            try {
                Identity login = WLSJAASLoginServiceImpl.this.baseService.login(str, callbackHandlerWrapper, contextHandler);
                if (isDebugEnabled) {
                    WLSJAASLoginServiceImpl.this.logger.debug(str2 + " authenticate succeeded for user " + callbackHandlerWrapper.getUserName() + ", Identity=" + login);
                }
                String userName = callbackHandlerWrapper.getUserName();
                String identityDomain = callbackHandlerWrapper.getIdentityDomain();
                if (userName != null) {
                    if (WLSJAASLoginServiceImpl.this.userLockoutRuntimeService.isLocked(userName, identityDomain)) {
                        if (isDebugEnabled) {
                            WLSJAASLoginServiceImpl.this.logger.debug(str2 + " login succeeded but " + UsernameUtils.formatUserName(userName, identityDomain) + " was previouly locked out.  Throwing LoginException");
                        }
                        throw new LoginException();
                    }
                    if (isDebugEnabled) {
                        WLSJAASLoginServiceImpl.this.logger.debug(str2 + " login succeeded and " + UsernameUtils.formatUserName(userName, identityDomain) + " was not previously locked out");
                    }
                    WLSJAASLoginServiceImpl.this.userLockoutRuntimeService.logSuccess(callbackHandlerWrapper.getUserName(), callbackHandlerWrapper.getIdentityDomain());
                }
                return login;
            } catch (LoginException e) {
                if (isDebugEnabled) {
                    WLSJAASLoginServiceImpl.this.logger.debug(str2 + " authenticate failed for user " + callbackHandlerWrapper.getUserName());
                }
                String userName2 = callbackHandlerWrapper.getUserName();
                String identityDomain2 = callbackHandlerWrapper.getIdentityDomain();
                if (userName2 != null && !WLSJAASLoginServiceImpl.this.userLockoutRuntimeService.isLocked(userName2, identityDomain2)) {
                    WLSJAASLoginServiceImpl.this.userLockoutRuntimeService.logFailure(callbackHandlerWrapper.getUserName(), callbackHandlerWrapper.getIdentityDomain());
                }
                throw e;
            } catch (LoginServerUnavailableException e2) {
                throw e2;
            }
        }
    }

    public Object init(Object obj, Services services) throws ServiceInitializationException {
        this.logger = ((LoggerService) services.getService(LoggerService.SERVICE_NAME)).getLogger("SecurityAtn");
        if (this.logger == null) {
            throw new UnsupportedOperationException(SecurityLogger.getServiceNotFound("Logger", "SecurityAtn"));
        }
        if (this.logger.isDebugEnabled()) {
            this.logger.debug(getClass().getName() + ".init()");
        }
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        String str = getClass().getName() + ".init";
        if (isDebugEnabled) {
            this.logger.debug(str);
        }
        if (obj == null) {
            throw new ServiceConfigurationException(SecurityLogger.getNullParameterSupplied(str));
        }
        if (!(obj instanceof WLSJAASLoginServiceConfig)) {
            throw new ServiceConfigurationException(SecurityLogger.getNotInstanceof("PolicyConsumerServiceConfig"));
        }
        WLSJAASLoginServiceConfig wLSJAASLoginServiceConfig = (WLSJAASLoginServiceConfig) obj;
        String auditServiceName = wLSJAASLoginServiceConfig.getAuditServiceName();
        this.auditService = (AuditService) services.getService(auditServiceName);
        if (this.auditService == null) {
            throw new ServiceConfigurationException(SecurityLogger.getServiceNotFound("AuditService", auditServiceName));
        }
        if (isDebugEnabled) {
            this.logger.debug(str + " got AuditService " + auditServiceName);
        }
        String jAASLoginServiceName = wLSJAASLoginServiceConfig.getJAASLoginServiceName();
        this.baseService = (JAASLoginService) services.getService(jAASLoginServiceName);
        if (this.baseService == null) {
            throw new ServiceConfigurationException(SecurityLogger.getServiceNotFound("JAASLoginService", jAASLoginServiceName));
        }
        if (isDebugEnabled) {
            this.logger.debug(str + " got JAASLoginService " + jAASLoginServiceName);
        }
        String userLockoutRuntimeServiceName = wLSJAASLoginServiceConfig.getUserLockoutRuntimeServiceName();
        this.userLockoutRuntimeService = (UserLockoutRuntimeService) services.getService(userLockoutRuntimeServiceName);
        if (this.userLockoutRuntimeService == null) {
            throw new ServiceConfigurationException(SecurityLogger.getServiceNotFound("UserLockoutRuntimeService", userLockoutRuntimeServiceName));
        }
        if (isDebugEnabled) {
            this.logger.debug(str + " got UserLockoutRuntimeService " + userLockoutRuntimeServiceName);
        }
        return new ServiceImpl();
    }

    public void shutdown() {
    }
}
