package com.sun.identity.authentication.modules.application;

import com.iplanet.am.util.Debug;
import com.iplanet.am.util.SystemProperties;
import com.sun.identity.authentication.spi.AMLoginModule;
import com.sun.identity.authentication.spi.AuthLoginException;
import com.sun.identity.authentication.util.ISAuthConstants;
import com.sun.identity.common.Constants;
import com.sun.identity.security.DecodeAction;
import java.security.AccessController;
import java.security.Principal;
import java.util.HashMap;
import java.util.Locale;
import java.util.Map;
import java.util.ResourceBundle;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.servlet.http.HttpServletRequest;

/* JADX WARN: Classes with same name are omitted:
  input_file:117586-20/SUNWamclt/reloc/$PRODUCT_DIR/lib/am_services.jar:com/sun/identity/authentication/modules/application/Application.class
 */
/* loaded from: input_file:117586-20/SUNWamsdk/reloc/$PRODUCT_DIR/lib/am_services.jar:com/sun/identity/authentication/modules/application/Application.class */
public class Application extends AMLoginModule {
    private static String secret;
    private static final String amAuthApplication = "amAuthApplication";
    private static Debug debug = Debug.getInstance(amAuthApplication);
    private static boolean ldapSSL;
    private static String ldapHost;
    private static int ldapPort;
    private static String rootSuffix;
    private String userTokenId = null;
    private Principal userPrincipal = null;
    private String errorMsg = null;
    private ResourceBundle bundle = null;

    @Override // com.sun.identity.authentication.spi.AMLoginModule
    public void init(Subject subject, Map map, Map map2) {
        try {
            debug.message("in initialize...");
            Locale loginLocale = getLoginLocale();
            this.bundle = AMLoginModule.amCache.getResBundle(amAuthApplication, loginLocale);
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("ApplicationAuth resbundle locale=").append(loginLocale).toString());
            }
        } catch (Exception e) {
            debug.error(new StringBuffer().append("ApplicationAuthModule Init: ").append(e.getMessage()).toString());
            if (debug.messageEnabled()) {
                debug.message("Stack trace: ", e);
            }
            this.errorMsg = "appInitFalied";
        }
        if (secret == null || secret.equals("")) {
            debug.error("ApplicationAuthModule Init failed : null secret");
            this.errorMsg = "nullSecret";
        }
    }

    @Override // com.sun.identity.authentication.spi.AMLoginModule
    public int process(Callback[] callbackArr, int i) throws AuthLoginException {
        if (this.errorMsg != null) {
            throw new AuthLoginException(amAuthApplication, this.errorMsg, null);
        }
        HttpServletRequest httpServletRequest = getHttpServletRequest();
        String str = null;
        String str2 = null;
        if (httpServletRequest != null) {
            str = httpServletRequest.getParameter("IDToken0");
            str2 = httpServletRequest.getParameter("IDToken1");
            if (str == null && str2 == null) {
                str = httpServletRequest.getParameter("Login.Token0");
                str2 = httpServletRequest.getParameter("Login.Token1");
            }
        }
        if (str2 == null && str == null) {
            Map sendCallback = sendCallback();
            if (sendCallback == null) {
                throw new AuthLoginException(amAuthApplication, "wrongSecret", null);
            }
            str2 = (String) sendCallback.get("secret");
            str = (String) sendCallback.get("uid");
        }
        if (str2 == null) {
            throw new AuthLoginException(amAuthApplication, "wrongSecret", null);
        }
        if (!str2.equals(secret)) {
            debug.error(new StringBuffer().append("App.validate, secret not matched: ").append(str).toString());
            setFailureID(this.userTokenId);
            throw new AuthLoginException(amAuthApplication, "wrongSecret", null);
        }
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("App.validate, secret matched : ").append(str).toString());
        }
        if (str == null || str.equals("")) {
            this.userTokenId = "amService-gateway";
        } else {
            this.userTokenId = new StringBuffer().append(ISAuthConstants.APPLICATION_USER_PREFIX).append(str).toString();
        }
        if (dnEntryExist(this.userTokenId)) {
            return -1;
        }
        debug.error(new StringBuffer().append(this.userTokenId).append(" is not a valid ldap entry").toString());
        setFailureID(this.userTokenId);
        throw new AuthLoginException(amAuthApplication, "wrongSecret", null);
    }

    private boolean dnEntryExist(String str) {
        return isValidUserEntry(new StringBuffer().append("cn=").append(str).append(",ou=DSAME Users,").append(rootSuffix).toString());
    }

    @Override // com.sun.identity.authentication.spi.AMLoginModule
    public Principal getPrincipal() {
        if (this.userPrincipal != null) {
            return this.userPrincipal;
        }
        if (this.userTokenId == null) {
            return null;
        }
        this.userPrincipal = new ApplicationPrincipal(this.userTokenId);
        return this.userPrincipal;
    }

    private Map sendCallback() {
        String name;
        try {
            CallbackHandler callbackHandler = getCallbackHandler();
            if (callbackHandler == null) {
                throw new AuthLoginException(amAuthApplication, "NoCallbackHandler", null);
            }
            NameCallback[] nameCallbackArr = {new NameCallback(this.bundle.getString("appname")), new PasswordCallback(this.bundle.getString("secret"), true)};
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("Callback is.. :").append(nameCallbackArr).toString());
            }
            callbackHandler.handle(nameCallbackArr);
            HashMap hashMap = new HashMap();
            for (NameCallback nameCallback : nameCallbackArr) {
                if (nameCallback instanceof PasswordCallback) {
                    char[] password = ((PasswordCallback) nameCallback).getPassword();
                    if (password != null) {
                        hashMap.put("secret", new String(password));
                    }
                } else if ((nameCallback instanceof NameCallback) && (name = nameCallback.getName()) != null) {
                    hashMap.put("uid", name);
                }
            }
            return hashMap;
        } catch (Exception e) {
            debug.error(new StringBuffer().append("sendCallback: ").append(e.getMessage()).toString());
            if (!debug.messageEnabled()) {
                return null;
            }
            debug.message("Stack trace: ", e);
            return null;
        }
    }

    static {
        secret = null;
        ldapSSL = false;
        ldapHost = null;
        ldapPort = 389;
        rootSuffix = null;
        debug.message("Application module getting secret");
        secret = (String) AccessController.doPrivileged(new DecodeAction(SystemProperties.get(Constants.AM_SERVICES_SECRET).trim()));
        ldapHost = SystemProperties.get(Constants.AM_DIRECTORY_HOST);
        ldapPort = Integer.parseInt(SystemProperties.get(Constants.AM_DIRECTORY_PORT));
        ldapSSL = Boolean.valueOf(SystemProperties.get(Constants.AM_DIRECTORY_SSL_ENABLED)).booleanValue();
        rootSuffix = SystemProperties.get(Constants.AM_ROOT_SUFFIX);
    }
}
