package weblogic.security.jaspic.servlet;

import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.login.LoginException;
import javax.security.auth.message.callback.CallerPrincipalCallback;
import javax.security.auth.message.callback.GroupPrincipalCallback;
import javax.security.auth.message.callback.PasswordValidationCallback;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import weblogic.security.BaseCallbackHandler;
import weblogic.security.debug.SecurityDebugLogger;
import weblogic.security.debug.SecurityLogger;
import weblogic.security.principal.WLSGroupImpl;
import weblogic.security.principal.WLSUserImpl;
import weblogic.security.spi.WLSUser;
import weblogic.servlet.spi.SubjectHandle;

/* loaded from: input_file:weblogic/security/jaspic/servlet/JaspicCallbackHandler.class */
public class JaspicCallbackHandler extends BaseCallbackHandler {
    private Context context;
    private SecurityLogger logger;

    /* loaded from: input_file:weblogic/security/jaspic/servlet/JaspicCallbackHandler$CallerPrincipalCallbackStrategy.class */
    private class CallerPrincipalCallbackStrategy implements BaseCallbackHandler.CallbackStrategy {
        private CallerPrincipalCallbackStrategy() {
        }

        @Override // weblogic.security.BaseCallbackHandler.CallbackStrategy
        public boolean mayHandle(Callback callback) {
            return callback instanceof CallerPrincipalCallback;
        }

        @Override // weblogic.security.BaseCallbackHandler.CallbackStrategy
        public void handle(Callback callback) {
            CallerPrincipalCallback callerPrincipalCallback = (CallerPrincipalCallback) callback;
            if (callerPrincipalCallback.getSubject() == null) {
                return;
            }
            addSpecifiedPrincipal(callerPrincipalCallback);
        }

        private String getSpecifiedPrincipalName(CallerPrincipalCallback callerPrincipalCallback) {
            return callerPrincipalCallback.getPrincipal() == null ? callerPrincipalCallback.getName() : callerPrincipalCallback.getPrincipal().getName();
        }

        private void addSpecifiedPrincipal(CallerPrincipalCallback callerPrincipalCallback) {
            String specifiedPrincipalName = getSpecifiedPrincipalName(callerPrincipalCallback);
            if (specifiedPrincipalName == null || specifiedPrincipalName.equals("")) {
                JaspicCallbackHandler.this.logger.debug("CallerPrincipalCallback: using anonymous user since a null principal name was specified.");
                callerPrincipalCallback.getSubject().getPrincipals().clear();
                return;
            }
            JaspicCallbackHandler.this.logger.debug("CallerPrincipalCallback: setting WLSUserImpl principal with principal name: " + specifiedPrincipalName);
            WLSUserImpl wLSUserImpl = new WLSUserImpl(specifiedPrincipalName);
            callerPrincipalCallback.getSubject().getPrincipals().removeAll(callerPrincipalCallback.getSubject().getPrincipals(WLSUser.class));
            callerPrincipalCallback.getSubject().getPrincipals().add(wLSUserImpl);
        }
    }

    /* loaded from: input_file:weblogic/security/jaspic/servlet/JaspicCallbackHandler$Context.class */
    public interface Context {
        SubjectHandle authenticateAndSaveCredential(String str, String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws LoginException;

        SubjectHandle authenticateAndSaveCredential(String str, char[] cArr) throws LoginException;

        void populateSubject(Subject subject, SubjectHandle subjectHandle);
    }

    /* loaded from: input_file:weblogic/security/jaspic/servlet/JaspicCallbackHandler$CssPasswordValidationCallbackStrategy.class */
    private class CssPasswordValidationCallbackStrategy implements BaseCallbackHandler.CallbackStrategy {
        private CssPasswordValidationCallbackStrategy() {
        }

        @Override // weblogic.security.BaseCallbackHandler.CallbackStrategy
        public boolean mayHandle(Callback callback) {
            return callback instanceof ServletPasswordValidationCallback;
        }

        @Override // weblogic.security.BaseCallbackHandler.CallbackStrategy
        public void handle(Callback callback) {
            ServletPasswordValidationCallback servletPasswordValidationCallback = (ServletPasswordValidationCallback) callback;
            try {
                SubjectHandle authenticateAndSaveCredential = JaspicCallbackHandler.this.context.authenticateAndSaveCredential(servletPasswordValidationCallback.getUsername(), new String(servletPasswordValidationCallback.getPassword()), servletPasswordValidationCallback.getRequest(), servletPasswordValidationCallback.getResponse());
                if (authenticateAndSaveCredential == null) {
                    JaspicCallbackHandler.this.logger.debug("PasswordValidationCallback: Authentication failed for user: " + servletPasswordValidationCallback.getUsername());
                    servletPasswordValidationCallback.setResult(false);
                } else {
                    JaspicCallbackHandler.this.logger.debug("PasswordValidationCallback: Authentication succeeded for user: " + servletPasswordValidationCallback.getUsername() + " populating the security context with the resulting Subject.");
                    JaspicCallbackHandler.this.context.populateSubject(servletPasswordValidationCallback.getSubject(), authenticateAndSaveCredential);
                    servletPasswordValidationCallback.setResult(true);
                }
            } catch (LoginException e) {
                JaspicCallbackHandler.this.logger.debug("PasswordValidationCallback: LoginException encountered: " + e.getMessage());
                servletPasswordValidationCallback.setResult(false);
            }
        }
    }

    /* loaded from: input_file:weblogic/security/jaspic/servlet/JaspicCallbackHandler$GroupPrincipalCallbackStrategy.class */
    private class GroupPrincipalCallbackStrategy implements BaseCallbackHandler.CallbackStrategy {
        private GroupPrincipalCallbackStrategy() {
        }

        @Override // weblogic.security.BaseCallbackHandler.CallbackStrategy
        public boolean mayHandle(Callback callback) {
            return callback instanceof GroupPrincipalCallback;
        }

        @Override // weblogic.security.BaseCallbackHandler.CallbackStrategy
        public void handle(Callback callback) {
            GroupPrincipalCallback groupPrincipalCallback = (GroupPrincipalCallback) callback;
            if (groupPrincipalCallback.getSubject() == null) {
                JaspicCallbackHandler.this.logger.debug("GroupPrincipalCallback: no groups to add.");
                return;
            }
            for (String str : groupPrincipalCallback.getGroups()) {
                JaspicCallbackHandler.this.logger.debug("GroupPrincipalCallback: adding WLSGroupImpl for : " + str);
                groupPrincipalCallback.getSubject().getPrincipals().add(new WLSGroupImpl(str));
            }
        }
    }

    /* loaded from: input_file:weblogic/security/jaspic/servlet/JaspicCallbackHandler$PasswordValidationCallbackStrategy.class */
    private class PasswordValidationCallbackStrategy implements BaseCallbackHandler.CallbackStrategy {
        private PasswordValidationCallbackStrategy() {
        }

        @Override // weblogic.security.BaseCallbackHandler.CallbackStrategy
        public boolean mayHandle(Callback callback) {
            return (callback instanceof PasswordValidationCallback) && !(callback instanceof ServletPasswordValidationCallback);
        }

        @Override // weblogic.security.BaseCallbackHandler.CallbackStrategy
        public void handle(Callback callback) {
            PasswordValidationCallback passwordValidationCallback = (PasswordValidationCallback) callback;
            if (passwordValidationCallback.getUsername() == null || passwordValidationCallback.getPassword() == null || passwordValidationCallback.getSubject() == null) {
                return;
            }
            try {
                SubjectHandle authenticateAndSaveCredential = JaspicCallbackHandler.this.context.authenticateAndSaveCredential(passwordValidationCallback.getUsername(), passwordValidationCallback.getPassword());
                if (authenticateAndSaveCredential == null) {
                    passwordValidationCallback.setResult(false);
                } else {
                    JaspicCallbackHandler.this.context.populateSubject(passwordValidationCallback.getSubject(), authenticateAndSaveCredential);
                    passwordValidationCallback.setResult(true);
                }
            } catch (LoginException e) {
                passwordValidationCallback.setResult(false);
            }
        }
    }

    /* loaded from: input_file:weblogic/security/jaspic/servlet/JaspicCallbackHandler$WLSCertStoreCallbackStrategy.class */
    private class WLSCertStoreCallbackStrategy implements BaseCallbackHandler.CallbackStrategy {
        private WLSCertStoreCallbackStrategy() {
        }

        @Override // weblogic.security.BaseCallbackHandler.CallbackStrategy
        public boolean mayHandle(Callback callback) {
            return false;
        }

        @Override // weblogic.security.BaseCallbackHandler.CallbackStrategy
        public void handle(Callback callback) {
        }
    }

    /* loaded from: input_file:weblogic/security/jaspic/servlet/JaspicCallbackHandler$WLSPrivateKeyCallbackStrategy.class */
    private class WLSPrivateKeyCallbackStrategy implements BaseCallbackHandler.CallbackStrategy {
        private WLSPrivateKeyCallbackStrategy() {
        }

        @Override // weblogic.security.BaseCallbackHandler.CallbackStrategy
        public boolean mayHandle(Callback callback) {
            return false;
        }

        @Override // weblogic.security.BaseCallbackHandler.CallbackStrategy
        public void handle(Callback callback) {
        }
    }

    /* loaded from: input_file:weblogic/security/jaspic/servlet/JaspicCallbackHandler$WLSSecretKeyCallbackStrategy.class */
    private class WLSSecretKeyCallbackStrategy implements BaseCallbackHandler.CallbackStrategy {
        private WLSSecretKeyCallbackStrategy() {
        }

        @Override // weblogic.security.BaseCallbackHandler.CallbackStrategy
        public boolean mayHandle(Callback callback) {
            return false;
        }

        @Override // weblogic.security.BaseCallbackHandler.CallbackStrategy
        public void handle(Callback callback) {
        }
    }

    /* loaded from: input_file:weblogic/security/jaspic/servlet/JaspicCallbackHandler$WLSTrustStoreCallbackStrategy.class */
    private class WLSTrustStoreCallbackStrategy implements BaseCallbackHandler.CallbackStrategy {
        private WLSTrustStoreCallbackStrategy() {
        }

        @Override // weblogic.security.BaseCallbackHandler.CallbackStrategy
        public boolean mayHandle(Callback callback) {
            return false;
        }

        @Override // weblogic.security.BaseCallbackHandler.CallbackStrategy
        public void handle(Callback callback) {
        }
    }

    public JaspicCallbackHandler(Context context) {
        this(context, new SecurityDebugLogger(SecurityLogger.AUTHN));
    }

    public JaspicCallbackHandler(Context context, SecurityLogger securityLogger) {
        this.context = context;
        addCallbackStrategies(new PasswordValidationCallbackStrategy(), new CallerPrincipalCallbackStrategy(), new GroupPrincipalCallbackStrategy(), new CssPasswordValidationCallbackStrategy(), new WLSPrivateKeyCallbackStrategy(), new WLSTrustStoreCallbackStrategy(), new WLSSecretKeyCallbackStrategy(), new WLSCertStoreCallbackStrategy());
        this.logger = securityLogger;
    }
}
