package weblogic.management.mbeanservers.internal;

import java.security.AccessController;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginException;
import weblogic.management.context.JMXContext;
import weblogic.management.context.JMXContextHelper;
import weblogic.security.SimpleCallbackHandler;
import weblogic.security.acl.internal.AuthenticatedSubject;
import weblogic.security.service.PrincipalAuthenticator;
import weblogic.security.service.PrivilegedActions;
import weblogic.security.service.SecurityServiceManager;

/* loaded from: input_file:weblogic/management/mbeanservers/internal/JMXAuthenticator.class */
public class JMXAuthenticator implements javax.management.remote.JMXAuthenticator {
    private PrincipalAuthenticator authenticator = SecurityServiceManager.getPrincipalAuthenticator(kernelId, SecurityServiceManager.defaultRealmName);
    private static final AuthenticatedSubject kernelId = (AuthenticatedSubject) AccessController.doPrivileged(PrivilegedActions.getKernelIdentityAction());

    /* loaded from: input_file:weblogic/management/mbeanservers/internal/JMXAuthenticator$JMXCallbackHandler.class */
    private class JMXCallbackHandler implements CallbackHandler {
        String userName;
        String password;

        protected JMXCallbackHandler(String[] strArr) {
            this.userName = strArr[0];
            this.password = strArr[1];
        }

        /* JADX WARN: Removed duplicated region for block: B:13:0x0053  */
        /* JADX WARN: Removed duplicated region for block: B:15:0x0065 A[SYNTHETIC] */
        @Override // javax.security.auth.callback.CallbackHandler
        /*
            Code decompiled incorrectly, please refer to instructions dump.
            To view partially-correct add '--show-bad-code' argument
        */
        public void handle(javax.security.auth.callback.Callback[] r7) throws java.io.IOException, javax.security.auth.callback.UnsupportedCallbackException {
            /*
                r6 = this;
                java.lang.String r0 = weblogic.security.utils.PartitionUtils.getCurrentIdentityDomain()
                r8 = r0
                r0 = 0
                r9 = r0
            L6:
                r0 = r9
                r1 = r7
                int r1 = r1.length
                if (r0 >= r1) goto L78
                r0 = r7
                r1 = r9
                r0 = r0[r1]
                r10 = r0
                r0 = r8
                if (r0 != 0) goto L2c
                r0 = r10
                boolean r0 = r0 instanceof javax.security.auth.callback.NameCallback
                if (r0 == 0) goto L4b
                r0 = r10
                javax.security.auth.callback.NameCallback r0 = (javax.security.auth.callback.NameCallback) r0
                r1 = r6
                java.lang.String r1 = r1.userName
                r0.setName(r1)
                goto L72
            L2c:
                r0 = r10
                boolean r0 = r0 instanceof weblogic.security.auth.callback.IdentityDomainUserCallback
                if (r0 == 0) goto L4b
                r0 = r10
                weblogic.security.auth.callback.IdentityDomainUserCallback r0 = (weblogic.security.auth.callback.IdentityDomainUserCallback) r0
                weblogic.security.auth.callback.IdentityDomainNames r1 = new weblogic.security.auth.callback.IdentityDomainNames
                r2 = r1
                r3 = r6
                java.lang.String r3 = r3.userName
                r4 = r8
                r2.<init>(r3, r4)
                r0.setUser(r1)
                goto L72
            L4b:
                r0 = r10
                boolean r0 = r0 instanceof javax.security.auth.callback.PasswordCallback
                if (r0 == 0) goto L65
                r0 = r10
                javax.security.auth.callback.PasswordCallback r0 = (javax.security.auth.callback.PasswordCallback) r0
                r1 = r6
                java.lang.String r1 = r1.password
                char[] r1 = r1.toCharArray()
                r0.setPassword(r1)
                goto L72
            L65:
                javax.security.auth.callback.UnsupportedCallbackException r0 = new javax.security.auth.callback.UnsupportedCallbackException
                r1 = r0
                r2 = r7
                r3 = r9
                r2 = r2[r3]
                java.lang.String r3 = "Unrecognized Callback"
                r1.<init>(r2, r3)
                throw r0
            L72:
                int r9 = r9 + 1
                goto L6
            L78:
                return
            */
            throw new UnsupportedOperationException("Method not decompiled: weblogic.management.mbeanservers.internal.JMXAuthenticator.JMXCallbackHandler.handle(javax.security.auth.callback.Callback[]):void");
        }
    }

    public Subject authenticate(Object obj) {
        JMXContext jMXContext;
        Subject subject;
        try {
            if (obj == null) {
                AuthenticatedSubject currentSubject = SecurityServiceManager.getCurrentSubject(kernelId);
                return (System.getSecurityManager() == null || !SecurityServiceManager.isKernelIdentity(currentSubject) || (jMXContext = JMXContextHelper.getJMXContext(false)) == null || (subject = jMXContext.getSubject()) == null || !SecurityServiceManager.isKernelIdentity(SecurityServiceManager.getASFromWire(AuthenticatedSubject.getFromSubject(subject)))) ? AuthenticatedSubject.ANON.getSubject() : currentSubject.getSubject();
            }
            if (!(obj instanceof String[])) {
                throw new SecurityException("Invalid JMX credential type passed to JMX connector: " + obj.getClass().getName());
            }
            String[] strArr = (String[]) obj;
            if (strArr.length < 2 || strArr[0] == null || strArr[1] == null) {
                throw new SecurityException("Invalid JMX credential, empty username and/or password");
            }
            AuthenticatedSubject authenticate = this.authenticator.authenticate(new SimpleCallbackHandler(strArr[0], strArr[1]));
            AuthenticatedSubject currentSubject2 = SecurityServiceManager.getCurrentSubject(kernelId);
            return (currentSubject2.equals(authenticate) && currentSubject2.getQOS() == authenticate.getQOS()) ? currentSubject2.getSubject() : authenticate.getSubject();
        } catch (LoginException e) {
            throw new SecurityException(e);
        }
    }
}
