package com.iplanet.am.admin.cli;

import com.iplanet.am.util.SystemProperties;
import com.iplanet.services.ldap.JSSSocketFactory;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.iplanet.sso.SSOTokenManager;
import com.sun.identity.authentication.AuthContext;
import com.sun.identity.authentication.internal.AuthPrincipal;
import com.sun.identity.authentication.internal.InvalidAuthContextException;
import com.sun.identity.common.Constants;
import com.sun.identity.security.AdminDNAction;
import com.sun.identity.security.AdminPasswordAction;
import java.io.File;
import java.security.AccessController;
import java.util.ResourceBundle;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.login.LoginException;
import netscape.ldap.LDAPException;

/* loaded from: input_file:115766-10/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/iplanet/am/admin/cli/Authenticator.class */
class Authenticator {
    private ResourceBundle bundle;
    private SSOToken ssoToken;

    /* JADX INFO: Access modifiers changed from: package-private */
    public Authenticator(ResourceBundle resourceBundle) {
        this.bundle = resourceBundle;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSOToken getSSOToken() {
        return this.ssoToken;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void sessionBasedLogin(String str, String str2) throws AdminException {
        try {
            sessionBasedLoginInternal(str, str2);
        } catch (AdminException e) {
            logLoginFailure(str);
            throw e;
        }
    }

    private void sessionBasedLoginInternal(String str, String str2) throws AdminException {
        AuthContext authContext = getAuthContext();
        processCallback(authContext, str, str2);
        try {
            this.ssoToken = authContext.getSSOToken();
        } catch (Exception e) {
            throw new AdminException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void ldapLogin(String str, String str2) throws AdminException {
        try {
            ldapLoginInternal(str, str2);
        } catch (AdminException e) {
            logLoginFailure(str);
            throw e;
        }
    }

    void ldapLoginInternal(String str, String str2) throws AdminException {
        initializeJSS();
        if (AdminUtils.logEnabled()) {
            AdminUtils.log(this.bundle.getString("statusmsg6"));
        }
        try {
            com.sun.identity.authentication.internal.AuthContext lDAPAuthContext = getLDAPAuthContext(str, str2);
            if (lDAPAuthContext.getLoginStatus() != 3) {
                if (AdminUtils.logEnabled()) {
                    AdminUtils.log(this.bundle.getString("statusmsg9"));
                }
                throw new AdminException(this.bundle.getString("ldapauthfail"));
            }
            if (AdminUtils.logEnabled()) {
                AdminUtils.log(this.bundle.getString("statusmsg7"));
                AdminUtils.log(this.bundle.getString("statusmsg8"));
            }
            this.ssoToken = lDAPAuthContext.getSSOToken();
            AdminUtils.setSSOToken(this.ssoToken);
        } catch (InvalidAuthContextException e) {
            if (AdminUtils.logEnabled()) {
                AdminUtils.log(this.bundle.getString("ldapauthfail"), e);
            }
            throw new AdminException(this.bundle.getString("ldapauthfail"));
        } catch (LoginException e2) {
            if (AdminUtils.logEnabled()) {
                AdminUtils.log(this.bundle.getString("ldapauthfail"), e2);
            }
            throw new AdminException(this.bundle.getString("ldapauthfail"));
        }
    }

    private com.sun.identity.authentication.internal.AuthContext getLDAPAuthContext(String str, String str2) throws LoginException {
        return new com.sun.identity.authentication.internal.AuthContext(new AuthPrincipal(str), str2.toCharArray());
    }

    private void initializeJSS() throws AdminException {
        String str = SystemProperties.get(Constants.AM_ADMIN_CLI_CERTDB_DIR);
        String str2 = SystemProperties.get(Constants.AM_ADMIN_CLI_CERTDB_PREFIX);
        if (new File(new StringBuffer().append(str).append(File.separatorChar).append(str2).append("cert7.db").toString()).isFile()) {
            try {
                JSSSocketFactory.initialize(str, str2, str2, "", true);
            } catch (LDAPException e) {
                throw new AdminException(e);
            }
        }
    }

    private AuthContext getAuthContext() throws AdminException {
        try {
            AuthContext authContext = new AuthContext("/");
            authContext.login(AuthContext.IndexType.MODULE_INSTANCE, "LDAP");
            return authContext;
        } catch (LoginException e) {
            e.printStackTrace();
            throw new AdminException(this.bundle.getString("loginFailed"));
        }
    }

    private void processCallback(AuthContext authContext, String str, String str2) throws AdminException {
        while (authContext.hasMoreRequirements()) {
            Callback[] requirements = authContext.getRequirements();
            if (requirements != null) {
                setCallbackValues(requirements, str, str2);
                authContext.submitRequirements(requirements);
            }
        }
        if (authContext.getStatus() != AuthContext.Status.SUCCESS) {
            throw new AdminException(this.bundle.getString("loginFailed"));
        }
    }

    private void setCallbackValues(Callback[] callbackArr, String str, String str2) {
        for (int i = 0; i < callbackArr.length; i++) {
            if (callbackArr[i] instanceof NameCallback) {
                ((NameCallback) callbackArr[i]).setName(str);
            } else if (callbackArr[i] instanceof PasswordCallback) {
                ((PasswordCallback) callbackArr[i]).setPassword(str2.toCharArray());
            }
        }
    }

    private void logLoginFailure(String str) {
        SSOToken adminSSOToken = getAdminSSOToken();
        if (adminSSOToken != null) {
            AdminUtils.logOperation(1, new StringBuffer().append(this.bundle.getString("loginFail")).append(" ").append(str).toString(), adminSSOToken);
        }
    }

    private SSOToken getAdminSSOToken() {
        SSOToken sSOToken = null;
        try {
            sSOToken = SSOTokenManager.getInstance().createSSOToken(new AuthPrincipal((String) AccessController.doPrivileged(new AdminDNAction())), (String) AccessController.doPrivileged(new AdminPasswordAction()));
        } catch (SSOException e) {
            AdminUtils.log(e.getMessage());
        }
        return sSOToken;
    }
}
