package weblogic.security.providers.saml;

import com.bea.common.logger.spi.LoggerSpi;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import weblogic.security.auth.callback.ContextHandlerCallback;
import weblogic.security.auth.callback.GroupCallback;
import weblogic.security.auth.callback.IdentityDomainGroupCallback;
import weblogic.security.auth.callback.IdentityDomainNames;
import weblogic.security.auth.callback.IdentityDomainUserCallback;
import weblogic.security.providers.utils.SAMLIANameCallback;
import weblogic.security.spi.VirtualUserHandler;

/* loaded from: input_file:weblogic/security/providers/saml/SAMLIACallbackHandler.class */
public class SAMLIACallbackHandler implements CallbackHandler, VirtualUserHandler {
    private static LoggerSpi LOGGER = null;
    private String name;
    private Collection groups;
    private boolean allowVirtual;
    private IdentityDomainNames iddUser;
    private String identityDomain;
    private boolean isIdd;

    private final void logDebug(String str) {
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("SAMLIACallbackHandler: " + str);
        }
    }

    private static void setLogger(LoggerSpi loggerSpi) {
        LOGGER = loggerSpi;
    }

    public SAMLIACallbackHandler(LoggerSpi loggerSpi, boolean z, String str, Collection collection, String str2) {
        this.name = null;
        this.groups = null;
        this.allowVirtual = false;
        this.isIdd = false;
        setLogger(loggerSpi);
        logDebug("SAMLIACallbackHandler(" + z + ", " + str + ", " + collection + ", " + str2 + ")");
        this.allowVirtual = z;
        this.name = str;
        if (str2 != null && !str2.isEmpty()) {
            this.identityDomain = str2;
            this.iddUser = new IdentityDomainNames(str, str2);
            this.isIdd = true;
        }
        if (collection != null) {
            this.groups = convertGroups(collection);
        }
    }

    @Override // javax.security.auth.callback.CallbackHandler
    public void handle(Callback[] callbackArr) throws UnsupportedCallbackException {
        for (int i = 0; i < callbackArr.length; i++) {
            if ((callbackArr[i] instanceof NameCallback) && !this.isIdd) {
                ((NameCallback) callbackArr[i]).setName(this.name);
                logDebug("callback[" + i + "]: NameCallback: setName(" + this.name + ")");
            } else if ((callbackArr[i] instanceof IdentityDomainUserCallback) && this.isIdd) {
                ((IdentityDomainUserCallback) callbackArr[i]).setUser(this.iddUser);
                logDebug("callback[" + i + "]: IdentityDomainUserCallback: setUser(" + this.iddUser + ")");
            } else if (callbackArr[i] instanceof SAMLIANameCallback) {
                SAMLIANameCallback sAMLIANameCallback = (SAMLIANameCallback) callbackArr[i];
                sAMLIANameCallback.setName(this.name);
                sAMLIANameCallback.setAllowVirtualUser(this.allowVirtual);
                logDebug("callback[" + i + "]: SAMLIANameCallback: setName(" + this.name + "), setAllowVirtualUser(" + this.allowVirtual + ")");
            } else if (!(callbackArr[i] instanceof GroupCallback) || this.isIdd) {
                if (!(callbackArr[i] instanceof IdentityDomainGroupCallback) || !this.isIdd) {
                    if (!(callbackArr[i] instanceof ContextHandlerCallback)) {
                        logDebug("callback[" + i + "]: Throwing exception: Unsupported callback: " + callbackArr[i].getClass().getName());
                        throw new UnsupportedCallbackException(callbackArr[i]);
                    }
                    logDebug("callback[" + i + "]: ContextHandlerCallback");
                } else if (this.groups != null && !this.groups.isEmpty()) {
                    ((IdentityDomainGroupCallback) callbackArr[i]).setGroups(this.groups);
                    logDebug("callback[" + i + "]: IdentityDomainGroupCallback: setValue(" + this.groups + ")");
                }
            } else if (this.groups != null && !this.groups.isEmpty()) {
                ((GroupCallback) callbackArr[i]).setValue(this.groups);
                logDebug("callback[" + i + "]: GroupCallback: setValue(" + this.groups + ")");
            }
        }
    }

    private Collection convertGroups(Collection collection) {
        if (!this.isIdd) {
            return new ArrayList(collection);
        }
        logDebug("converting groups to IdentityDomainNames");
        ArrayList arrayList = new ArrayList();
        Iterator it = collection.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Object next = it.next();
            if (next instanceof IdentityDomainNames) {
                arrayList.addAll(collection);
                break;
            }
            if (next instanceof String) {
                arrayList.add(new IdentityDomainNames((String) next, this.identityDomain));
            }
        }
        if (!arrayList.isEmpty()) {
            return arrayList;
        }
        logDebug("unable to convert any groups to groups with an identity domain for identity domain: " + this.identityDomain + " and groups: " + collection);
        return null;
    }

    @Override // weblogic.security.spi.VirtualUserHandler
    public boolean isVirtualUserAllowed() {
        return this.allowVirtual;
    }
}
