package com.sun.emp.security.server;

import com.sun.emp.security.RBACSecurityException;
import com.sun.emp.security.runtime.Principal;
import com.sun.emp.security.runtime.PrincipalNotFoundException;
import com.sun.emp.security.utilities.SecurityLog;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.PushbackInputStream;
import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.PrivilegedActionException;
import java.util.Arrays;
import java.util.Date;
import java.util.Hashtable;
import java.util.Iterator;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.TextOutputCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.AccountExpiredException;
import javax.security.auth.login.CredentialExpiredException;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;

/* JADX INFO: Access modifiers changed from: package-private */
/* compiled from: SecurityServer.java */
/* loaded from: input_file:117631-02/MSF1.0.1p2/lib/secrt.jar:com/sun/emp/security/server/UserSession.class */
public class UserSession {
    private String _userName;
    private String _role;
    private LoginContext _loginContext;
    int sessionCount = 0;
    boolean iamNotHostUser = true;
    private char[] _password = null;
    private AccessControlContext _accessControlContext = null;
    private Subject _subject = new Subject();
    private Hashtable _results = new Hashtable();

    /* compiled from: SecurityServer.java */
    /* loaded from: input_file:117631-02/MSF1.0.1p2/lib/secrt.jar:com/sun/emp/security/server/UserSession$SecurityServerCallbackHandler.class */
    class SecurityServerCallbackHandler implements CallbackHandler {
        private final UserSession this$0;

        SecurityServerCallbackHandler(UserSession userSession) {
            this.this$0 = userSession;
        }

        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
            if (SecurityLog.trc.isLogging) {
                SecurityLog.trc.entry(5L, (Object) this, "handle", toString());
            }
            for (int i = 0; i < callbackArr.length; i++) {
                if (SecurityLog.trc.isLogging) {
                    SecurityLog.trc.text(10L, this, "handle", callbackArr[i].toString());
                }
                if (callbackArr[i] instanceof TextOutputCallback) {
                    TextOutputCallback textOutputCallback = (TextOutputCallback) callbackArr[i];
                    switch (textOutputCallback.getMessageType()) {
                        case Principal.MIXED_OK /* 0 */:
                            SecurityLog.out.message(1L, "com.sun.emp.security.server.SecurityServer", "main", "SecSvc_FATAL", textOutputCallback.getMessage());
                            break;
                        case Principal.ALPHA_ONLY /* 1 */:
                            SecurityLog.out.message(2L, "com.sun.emp.security.server.SecurityServer", "main", "SecSvc_FATAL", textOutputCallback.getMessage());
                            break;
                        case Principal.NUMERIC_ONLY /* 2 */:
                            SecurityLog.out.message(3L, "com.sun.emp.security.server.SecurityServer", "main", "SecSvc_FATAL", textOutputCallback.getMessage());
                            break;
                        default:
                            if (SecurityLog.trc.isLogging) {
                                SecurityLog.trc.exit(6L, (Object) this, "handle", new StringBuffer().append("Unsupported message type: ").append(textOutputCallback.getMessageType()).toString());
                            }
                            throw new IOException(new StringBuffer().append("Unsupported message type: ").append(textOutputCallback.getMessageType()).toString());
                    }
                } else if (callbackArr[i] instanceof NameCallback) {
                    NameCallback nameCallback = (NameCallback) callbackArr[i];
                    if (SecurityLog.trc.isLogging) {
                        SecurityLog.trc.text(10L, this, "handle", new StringBuffer().append("NameCallback: ").append(this.this$0._userName).toString());
                    }
                    if (this.this$0._userName == null) {
                        System.err.println(nameCallback.getPrompt());
                        System.err.flush();
                        if (SecurityLog.trc.isLogging) {
                            SecurityLog.trc.text(10L, this, "handle", new StringBuffer().append("waiting to read response to: ").append(nameCallback.getPrompt()).toString());
                        }
                        this.this$0._userName = new BufferedReader(new InputStreamReader(System.in)).readLine();
                    }
                    nameCallback.setName(this.this$0._userName);
                } else {
                    if (!(callbackArr[i] instanceof PasswordCallback)) {
                        if (SecurityLog.trc.isLogging) {
                            SecurityLog.trc.exit(6L, (Object) this, "handle", "Unrecognized Callback");
                        }
                        throw new UnsupportedCallbackException(callbackArr[i], "Unrecognized Callback");
                    }
                    PasswordCallback passwordCallback = (PasswordCallback) callbackArr[i];
                    if (SecurityLog.trc.isLogging) {
                        SecurityLog.trc.text(10L, this, "handle", new StringBuffer().append("PasswordCallback: ").append(passwordCallback.isEchoOn()).toString());
                    }
                    if (this.this$0._password == null) {
                        System.err.println(passwordCallback.getPrompt());
                        System.err.flush();
                        if (SecurityLog.trc.isLogging) {
                            SecurityLog.trc.text(10L, this, "handle", new StringBuffer().append("waiting to read response to: ").append(passwordCallback.getPrompt()).toString());
                        }
                        this.this$0._password = readPassword(System.in);
                    }
                    passwordCallback.setPassword(this.this$0._password);
                }
            }
            if (SecurityLog.trc.isLogging) {
                SecurityLog.trc.exit(6L, (Object) this, "handle");
            }
        }

        /* JADX WARN: Failed to find 'out' block for switch in B:3:0x0019. Please report as an issue. */
        private char[] readPassword(InputStream inputStream) throws IOException {
            char[] cArr = new char[128];
            char[] cArr2 = cArr;
            char[] cArr3 = cArr;
            int length = cArr3.length;
            int i = 0;
            while (true) {
                int read = inputStream.read();
                switch (read) {
                    case -1:
                    case 10:
                        break;
                    case 13:
                        int read2 = inputStream.read();
                        if (read2 != 10 && read2 != -1) {
                            if (!(inputStream instanceof PushbackInputStream)) {
                                inputStream = new PushbackInputStream(inputStream);
                            }
                            ((PushbackInputStream) inputStream).unread(read2);
                        }
                        break;
                    default:
                        length--;
                        if (length < 0) {
                            cArr3 = new char[i + 128];
                            length = (cArr3.length - i) - 1;
                            System.arraycopy(cArr2, 0, cArr3, 0, i);
                            Arrays.fill(cArr2, ' ');
                            cArr2 = cArr3;
                        }
                        int i2 = i;
                        i++;
                        cArr3[i2] = (char) read;
                }
            }
            if (i == 0) {
                return null;
            }
            char[] cArr4 = new char[i];
            System.arraycopy(cArr3, 0, cArr4, 0, i);
            Arrays.fill(cArr3, ' ');
            return cArr4;
        }
    }

    public UserSession(String str, String str2) throws LoginException {
        this._loginContext = null;
        if (SecurityLog.trc.isLogging) {
            SecurityLog.trc.entry(5L, (Object) this, "Constructor", new StringBuffer().append(str).append("(").append(str2).append(")").toString());
        }
        this._userName = str;
        this._role = str2;
        try {
            this._loginContext = new LoginContext("SecurityServer", this._subject, new SecurityServerCallbackHandler(this));
            if (SecurityLog.trc.isLogging) {
                SecurityLog.trc.exit(6L, (Object) this, "Constructor");
            }
        } catch (LoginException e) {
            if (SecurityLog.trc.isLogging) {
                SecurityLog.trc.exception(7L, this, "Constructor", e);
            }
            throw e;
        }
    }

    public String toString() {
        return new String(new StringBuffer().append(this._userName).append("(").append(this._role).append(")").toString());
    }

    public synchronized boolean Login(char[] cArr, char[] cArr2) throws Exception {
        Principal principal;
        if (SecurityLog.trc.isLogging) {
            SecurityLog.trc.entry(5L, (Object) this, "Login", toString());
        }
        String str = null;
        String str2 = null;
        if (null != cArr) {
            str = new String(cArr);
        }
        if (null != cArr2) {
            str2 = new String(cArr2);
        }
        if (cArr2 != null) {
            try {
                ((Principal) SecurityServer._som.get("Principal", this._userName)).changePassword(str, str2);
                cArr = cArr2;
            } catch (Exception e) {
                if (!SecurityLog.trc.isLogging) {
                    return false;
                }
                SecurityLog.trc.exit(6L, (Object) this, "Login", new StringBuffer().append("Authentication Failed: ").append(toString()).toString());
                return false;
            }
        }
        try {
            Iterator it = this._loginContext.getSubject().getPrincipals(Class.forName("com.sun.emp.security.runtime.Principal")).iterator();
            Principal principal2 = null;
            while (true) {
                principal = principal2;
                if (!it.hasNext()) {
                    break;
                }
                principal2 = (Principal) it.next();
            }
            if (principal != null) {
                String str3 = null;
                if (cArr != null) {
                    str3 = new String(cArr);
                }
                if (principal.validatePassword(str3)) {
                    if (!SecurityLog.trc.isLogging) {
                        return true;
                    }
                    SecurityLog.trc.exit(6L, (Object) this, "Login", new StringBuffer().append("Authentication Succeeded: ").append(toString()).toString());
                    return true;
                }
                if (!SecurityLog.trc.isLogging) {
                    return false;
                }
                SecurityLog.trc.exit(6L, (Object) this, "Login", new StringBuffer().append("Authentication Failed: ").append(toString()).toString());
                return false;
            }
            this._password = cArr;
            try {
                this._loginContext.login();
                this._password = null;
                if (!SecurityLog.trc.isLogging) {
                    return true;
                }
                SecurityLog.trc.exit(6L, (Object) this, "Login", new StringBuffer().append("Authentication Succeeded: ").append(toString()).toString());
                return true;
            } catch (FailedLoginException e2) {
                this._password = null;
                if (!SecurityLog.trc.isLogging) {
                    return false;
                }
                SecurityLog.trc.exit(6L, (Object) this, "Login", new StringBuffer().append(toString()).append(" Authentication Failed: ").append(e2).toString());
                return false;
            } catch (AccountExpiredException e3) {
                this._password = null;
                if (SecurityLog.trc.isLogging) {
                    SecurityLog.trc.exit(6L, (Object) this, "Login", new StringBuffer().append(toString()).append(" Account Expired: ").append(e3).toString());
                }
                throw e3;
            } catch (Exception e4) {
                this._password = null;
                if (SecurityLog.trc.isLogging) {
                    SecurityLog.trc.exception(7L, this, "Login", e4);
                }
                if (SecurityLog.trc.isLogging) {
                    SecurityLog.trc.exit(6L, (Object) this, "Login", new StringBuffer().append(toString()).append(" Unexpected Exception: ").append(e4).toString());
                }
                throw e4;
            } catch (CredentialExpiredException e5) {
                this._password = null;
                if (SecurityLog.trc.isLogging) {
                    SecurityLog.trc.exit(6L, (Object) this, "Login", new StringBuffer().append(toString()).append(" Credentials Expired: ").append(e5).toString());
                }
                throw e5;
            }
        } catch (Exception e6) {
            if (SecurityLog.trc.isLogging) {
                SecurityLog.trc.exception(7L, this, "Login", e6);
            }
            throw e6;
        }
    }

    public synchronized boolean HostUser() throws Exception {
        Principal principal;
        if (SecurityLog.trc.isLogging) {
            SecurityLog.trc.entry(5L, (Object) this, "HostUser", toString());
        }
        try {
            Iterator it = this._loginContext.getSubject().getPrincipals(Class.forName("com.sun.emp.security.runtime.Principal")).iterator();
            Principal principal2 = null;
            while (true) {
                principal = principal2;
                if (!it.hasNext()) {
                    break;
                }
                principal2 = (Principal) it.next();
            }
            if (principal != null) {
                if (SecurityLog.trc.isLogging) {
                    SecurityLog.trc.exit(6L, (Object) this, "HostUser", new StringBuffer().append("Trusted User Accepted: ").append(toString()).toString());
                }
                this.iamNotHostUser = false;
                return true;
            }
            try {
                Principal principal3 = (Principal) SecurityServer._som.get("Principal", this._userName);
                this._password = null;
                Date passwordExpirationDate = principal3.getPasswordExpirationDate();
                if (passwordExpirationDate != null && passwordExpirationDate.before(new Date())) {
                    throw new AccountExpiredException(new StringBuffer().append("Principal ").append(this._userName).toString());
                }
                if (principal3.getSuspendedState()) {
                    throw new CredentialExpiredException(new StringBuffer().append("Principal ").append(this._userName).append(" suspended").toString());
                }
                this._loginContext.getSubject().getPrincipals().add(principal3);
                if (SecurityLog.trc.isLogging) {
                    SecurityLog.trc.exit(6L, (Object) this, "HostUser", new StringBuffer().append("Authentication Succeeded: ").append(toString()).toString());
                }
                this.iamNotHostUser = false;
                return true;
            } catch (Exception e) {
                if (SecurityLog.trc.isLogging) {
                    SecurityLog.trc.exception(7L, this, "HostUser", e);
                }
                if (!SecurityLog.trc.isLogging) {
                    return false;
                }
                SecurityLog.trc.exit(6L, (Object) this, "HostUser", new StringBuffer().append("Authentication Failed: ").append(toString()).toString());
                return false;
            }
        } catch (Exception e2) {
            if (SecurityLog.trc.isLogging) {
                SecurityLog.trc.exception(7L, this, "HostUser", e2);
            }
            throw e2;
        }
    }

    public synchronized boolean Logout() throws Exception {
        if (SecurityLog.trc.isLogging) {
            SecurityLog.trc.entry(5L, (Object) this, "Logout", new StringBuffer().append("User session: ").append(toString()).toString());
        }
        if (this.sessionCount <= 0) {
            try {
                this._loginContext.logout();
            } catch (LoginException e) {
                if (SecurityLog.trc.isLogging) {
                    SecurityLog.trc.exit(6L, (Object) this, "Logout", new StringBuffer().append(toString()).append(" LoginException: ").append(e).toString());
                }
                throw e;
            } catch (Exception e2) {
                if (SecurityLog.trc.isLogging) {
                    SecurityLog.trc.exception(7L, this, "Logout", e2);
                }
                if (SecurityLog.trc.isLogging) {
                    SecurityLog.trc.exit(6L, (Object) this, "Logout", new StringBuffer().append(toString()).append(" Unexpected Exception: ").append(e2).toString());
                }
                throw e2;
            }
        }
        if (!SecurityLog.trc.isLogging) {
            return true;
        }
        SecurityLog.trc.exit(6L, (Object) this, "Logout", new StringBuffer().append("Logged out successfully: ").append(toString()).toString());
        return true;
    }

    public synchronized boolean Refresh() throws Exception {
        if (SecurityLog.trc.isLogging) {
            SecurityLog.trc.entry(5L, (Object) this, "Refresh", new StringBuffer().append("User session: ").append(toString()).toString());
        }
        this._accessControlContext = null;
        this._results = new Hashtable();
        r9 = null;
        try {
            for (Principal principal : this._subject.getPrincipals(Class.forName("com.sun.emp.security.runtime.Principal"))) {
                if (principal != null && SecurityLog.trc.isLogging) {
                    SecurityLog.trc.text(8L, this, "Refresh", new StringBuffer().append("Subject contains more than one Principal: ").append(principal.getName()).toString());
                }
            }
            if (SecurityLog.trc.isLogging) {
                SecurityLog.trc.text(10L, this, "Refresh", new StringBuffer().append("Subject contains authenticated Principal: ").append(principal.getName()).toString());
            }
            Principal principal2 = (Principal) SecurityServer._som.get("Principal", this._userName);
            this._subject.getPrincipals().remove(principal);
            this._subject.getPrincipals().add(principal2);
            if (SecurityLog.trc.isLogging) {
                SecurityLog.trc.text(10L, this, "Refresh", new StringBuffer().append("replaced ").append(principal.getName()).append(" Principal ").append(principal).append(" in Subject with ").append(principal2).toString());
            }
            if (!SecurityLog.trc.isLogging) {
                return true;
            }
            SecurityLog.trc.exit(6L, (Object) this, "Refresh", new StringBuffer().append("Refreshed successfully: ").append(toString()).toString());
            return true;
        } catch (PrincipalNotFoundException e) {
            if (SecurityLog.trc.isLogging) {
                SecurityLog.trc.exception(7L, this, "Refresh", e);
            }
            throw e;
        } catch (Exception e2) {
            if (SecurityLog.trc.isLogging) {
                SecurityLog.trc.exception(7L, this, "Refresh", e2);
            }
            throw e2;
        }
    }

    public synchronized boolean CheckAccess(String str, String str2, String str3) throws Exception {
        SecurityServerAction securityServerAction;
        if (SecurityLog.trc.isLogging) {
            SecurityLog.trc.entry(5L, (Object) this, "CheckAccess", new StringBuffer().append("User session ").append(toString()).append(" Permission: ").append(str).append(" ").append(str2).append(" ").append(str3).toString());
        }
        synchronized (SecurityServer.m_actions) {
            securityServerAction = (SecurityServerAction) SecurityServer.m_actions.get(new StringBuffer().append(str).append(":").append(str2).append(":").append(str3).toString());
            if (securityServerAction == null) {
                if (SecurityLog.trc.isLogging) {
                    SecurityLog.trc.text(10L, this, "CheckAccess", new StringBuffer().append("adding SecurityServerAction ").append(str).append(":").append(str2).append(":").append(str3).toString());
                }
                securityServerAction = new SecurityServerAction(str, str2, str3);
                SecurityServer.m_actions.put(new StringBuffer().append(str).append(":").append(str2).append(":").append(str3).toString(), securityServerAction);
            }
        }
        Boolean bool = (Boolean) this._results.get(securityServerAction);
        if (bool != null) {
            if (SecurityLog.trc.isLogging) {
                SecurityLog.trc.exit(6L, (Object) this, "CheckAccess", new StringBuffer().append("cached access result for ").append(toString()).append(": ").append(bool).toString());
            }
            return bool.booleanValue();
        }
        try {
            if (this._accessControlContext == null) {
                this._accessControlContext = (AccessControlContext) Subject.doAs(this._loginContext.getSubject(), securityServerAction);
            } else {
                AccessController.doPrivileged(securityServerAction, this._accessControlContext);
            }
            if (SecurityLog.trc.isLogging) {
                SecurityLog.trc.exit(6L, (Object) this, "CheckAccess", new StringBuffer().append("Authorized: User session ").append(toString()).append(" Permission: ").append(str).append(" ").append(str2).append(" ").append(str3).toString());
            }
            this._results.put(securityServerAction, new Boolean(true));
            return true;
        } catch (SecurityException e) {
            if (SecurityLog.trc.isLogging) {
                SecurityLog.trc.exit(6L, (Object) this, "CheckAccess", new StringBuffer().append(toString()).append(" SecurityException: ").append(e).toString());
            }
            throw e;
        } catch (PrivilegedActionException e2) {
            if (SecurityLog.trc.isLogging) {
                SecurityLog.trc.exit(6L, (Object) this, "CheckAccess", new StringBuffer().append(" PrivilegedActionException: ").append(e2).toString());
            }
            if (!(e2.getException() instanceof RBACSecurityException)) {
                throw e2.getException();
            }
            if (!((RBACSecurityException) e2.getException()).getPrimitiveException().equals("AccessControlException")) {
                throw e2.getException();
            }
            this._results.put(securityServerAction, new Boolean(false));
            return false;
        } catch (Exception e3) {
            if (SecurityLog.trc.isLogging) {
                SecurityLog.trc.exception(7L, this, "CheckAccess", e3);
            }
            if (SecurityLog.trc.isLogging) {
                SecurityLog.trc.exit(6L, (Object) this, "CheckAccess", new StringBuffer().append(toString()).append(" Unexpected Exception: ").append(e3).toString());
            }
            throw e3;
        }
    }
}
