package com.ibm.wps.sso;

import java.io.UnsupportedEncodingException;
import java.security.Principal;
import java.util.Set;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import org.omg.Security.Attribute;
import org.omg.Security.AttributeType;
import org.omg.Security.DuplicateAttributeType;
import org.omg.Security.ExtensibleFamily;
import org.omg.Security.InvalidAttributeType;
import org.omg.SecurityLevel2.Credentials;

/* loaded from: input_file:wps.jar:com/ibm/wps/sso/UserDNGroupDNLoginModule.class */
public class UserDNGroupDNLoginModule extends AbstractPortalLoginModule {
    private static final String COPYRIGHT = "Licensed Materials - Property of IBM, 5724-B88, (C) Copyright IBM Corp. 2001, 2002 - All Rights reserved.";
    public static final String USER_DN_KEY = "USER_DN";
    public static final String GROUP_DN_KEY = "GROUP_DN";

    @Override // com.ibm.wps.sso.AbstractPortalLoginModule
    public boolean login() throws LoginException {
        String str;
        AbstractPortalLoginModule.tracer.entry(-1L, this, "login()");
        Credentials corbaCredential = getCorbaCredential();
        if (null == corbaCredential) {
            this.loggedIn = false;
            if (AbstractPortalLoginModule.tracer.isLogging()) {
                AbstractPortalLoginModule.tracer.text(-1L, this, "login()", "The CORBA Credential is not in the shared state");
            }
            AbstractPortalLoginModule.tracer.exit(-1L, this, "login()");
            return this.loggedIn;
        }
        ExtensibleFamily extensibleFamily = new ExtensibleFamily((short) 0, (short) 1);
        try {
            Attribute[] attributeArr = corbaCredential.get_attributes(new AttributeType[]{new AttributeType(extensibleFamily, 2), new AttributeType(extensibleFamily, 4)});
            getUserDN(attributeArr[0]);
            try {
                str = new String(attributeArr[1].value, "UTF-8");
                if (AbstractPortalLoginModule.tracer.isLogging()) {
                    AbstractPortalLoginModule.tracer.text(-1L, this, "login()", "The groupDN is \"{0}\"", str);
                }
            } catch (UnsupportedEncodingException e) {
                str = new String(attributeArr[1].value);
            }
            this.sharedState.put(GROUP_DN_KEY, str);
            AbstractPortalLoginModule.tracer.exit(-1L, this, "login()");
            this.loggedIn = true;
            return this.loggedIn;
        } catch (InvalidAttributeType e2) {
            if (AbstractPortalLoginModule.tracer.isLogging()) {
                AbstractPortalLoginModule.tracer.text(-1L, this, "login()", "Invalid Attribute Type, message:  {0}", e2.getMessage());
                AbstractPortalLoginModule.tracer.exception(-1L, this, "login()", e2);
            }
            AbstractPortalLoginModule.messager.text(4L, this, "login()", "Could not retrieve the needed attributes from the WebSphere CORBA Credential");
            this.loggedIn = false;
            throw new FailedLoginException(new StringBuffer().append("Invalid Attribute:  ").append(e2.getMessage()).toString());
        } catch (DuplicateAttributeType e3) {
            if (AbstractPortalLoginModule.tracer.isLogging()) {
                AbstractPortalLoginModule.tracer.text(-1L, this, "login()", "Duplicate Attribute Type, message:  {0}", e3.getMessage());
                AbstractPortalLoginModule.tracer.exception(-1L, this, "login()", e3);
            }
            AbstractPortalLoginModule.messager.text(4L, this, "login()", "Could not retrieve the needed attributes from the WebSphere CORBA Credential");
            this.loggedIn = false;
            throw new FailedLoginException(new StringBuffer().append("Duplicate Attribute:  ").append(e3.getMessage()).toString());
        }
    }

    private void getUserDN(Attribute attribute) {
        String str;
        AbstractPortalLoginModule.tracer.entry(-1L, this, "getUserDN()");
        try {
            str = new String(attribute.value, "UTF-8");
            if (AbstractPortalLoginModule.tracer.isLogging()) {
                AbstractPortalLoginModule.tracer.text(-1L, this, "setUserDN()", "The unparsed DN is \"{0}\"", str);
                String property = System.getProperty("file.encoding");
                AbstractPortalLoginModule.tracer.text(-1L, this, "setUserDN()", new StringBuffer().append("System encoding is ").append(property).toString());
                AbstractPortalLoginModule.tracer.text(-1L, this, "setUserDN()", new StringBuffer().append("org.omg.Security.Attribute in ").append(property).append(" is ").append(new String(attribute.value, property)).toString());
            }
        } catch (UnsupportedEncodingException e) {
            str = new String(attribute.value);
        }
        if (null == str || 0 == str.length()) {
            AbstractPortalLoginModule.tracer.exit(-1L, this, "getUserDN()");
            return;
        }
        String substring = str.substring(str.indexOf(47) + 1);
        if (AbstractPortalLoginModule.tracer.isLogging()) {
            AbstractPortalLoginModule.tracer.text(-1L, this, "getUserDN()", "The parsed DN is \"{0}\"", substring);
        }
        this.sharedState.put(USER_DN_KEY, normalizeDN(substring));
        AbstractPortalLoginModule.tracer.exit(-1L, this, "getUserDN()");
    }

    private void setUserDN() throws LoginException {
        AbstractPortalLoginModule.tracer.exit(-1L, this, "getUserDN()");
        String str = (String) this.sharedState.get(USER_DN_KEY);
        if (null == str) {
            AbstractPortalLoginModule.tracer.text(-1L, this, "setUserDN()", "Could not get the User DN from the shared state");
            AbstractPortalLoginModule.tracer.exit(-1L, this, "setUserDN()");
            return;
        }
        try {
            this.subject.getPrincipals().add(new UserDNPrincipal(str));
            AbstractPortalLoginModule.tracer.text(-1L, this, "setUserDN()", "Added the DN!");
            AbstractPortalLoginModule.tracer.exit(-1L, this, "setUserDN()");
        } catch (RuntimeException e) {
            if (AbstractPortalLoginModule.tracer.isLogging()) {
                AbstractPortalLoginModule.tracer.text(-1L, this, "setUserDN()", "Could not add the UserDNPrincipal to the Principal set");
                AbstractPortalLoginModule.tracer.exception(-1L, this, "setUserDN()", e);
            }
            AbstractPortalLoginModule.messager.text(4L, this, "setUserDN()", "Error adding the {0} to the Principal Set", "UserDNPrincipal");
            this.loggedIn = false;
            throw new FailedLoginException("Could not add the UserDNPrincipal to the Principal Set.");
        }
    }

    private void setGroupDNs() throws LoginException {
        String substring;
        AbstractPortalLoginModule.tracer.entry(-1L, this, "setGroupDNs()");
        Set<Principal> principals = this.subject.getPrincipals();
        String str = (String) this.sharedState.get(GROUP_DN_KEY);
        if (AbstractPortalLoginModule.tracer.isLogging()) {
            AbstractPortalLoginModule.tracer.text(-1L, this, "setGroupDNs()", "The unparsed DN is \"{0}\"", str);
        }
        int length = str.length();
        if (0 == length) {
            AbstractPortalLoginModule.tracer.exit(-1L, this, "setGroupDNs()");
            return;
        }
        int i = length - 1;
        int i2 = 0;
        int i3 = 0;
        while (-1 != i3) {
            i2 = str.indexOf(47, i2) + 1;
            i3 = str.indexOf(0, i2);
            if (-1 == i3) {
                substring = str.substring(i2);
            } else {
                substring = str.substring(i2, i3);
                i2 = i3 + 1;
            }
            if (AbstractPortalLoginModule.tracer.isLogging()) {
                AbstractPortalLoginModule.tracer.text(-1L, this, "setGroupDNs()", "The current parsed DN is \"{0}\"", substring);
            }
            if (0 == substring.length()) {
                break;
            }
            try {
                principals.add(new GroupDNPrincipal(normalizeDN(substring)));
                if (i3 == i) {
                    break;
                }
            } catch (RuntimeException e) {
                if (AbstractPortalLoginModule.tracer.isLogging()) {
                    AbstractPortalLoginModule.tracer.text(-1L, this, "setGroupDNs()", "Could not add the current GroupDNPrincipal to the Principal set");
                    AbstractPortalLoginModule.tracer.exception(-1L, this, "setGroupDNs()", e);
                }
                AbstractPortalLoginModule.messager.text(4L, this, "setGroupDNs()", "Error adding the {0} to the Principal Set", "GroupDNPrincipal");
                this.loggedIn = false;
                throw new FailedLoginException("Could not add the GroupDNPrincipal to the Principal Set.");
            }
        }
        AbstractPortalLoginModule.tracer.exit(-1L, this, "setGroupDNs()");
    }

    private String normalizeDN(String str) {
        String stringBuffer;
        AbstractPortalLoginModule.tracer.entry(-1L, this, "normalizeDN()");
        int indexOf = str.indexOf(", ");
        if (-1 == indexOf) {
            stringBuffer = str;
            if (AbstractPortalLoginModule.tracer.isLogging()) {
                AbstractPortalLoginModule.tracer.text(-1L, this, "normalizeDN()", "The DN is fine the way it is. . .");
            }
        } else {
            StringBuffer stringBuffer2 = new StringBuffer(str);
            while (indexOf < stringBuffer2.length() && indexOf + 1 != stringBuffer2.length()) {
                if ((0 > indexOf - 1 || '\\' != stringBuffer2.charAt(indexOf - 1)) && ',' == stringBuffer2.charAt(indexOf) && ' ' == stringBuffer2.charAt(indexOf + 1)) {
                    stringBuffer2.deleteCharAt(indexOf + 1);
                } else {
                    indexOf++;
                }
                if (AbstractPortalLoginModule.tracer.isLogging()) {
                    AbstractPortalLoginModule.tracer.text(-1L, this, "normalizeDN()", "The DN is now {0}. . .", stringBuffer2.toString());
                }
            }
            stringBuffer = stringBuffer2.toString();
        }
        AbstractPortalLoginModule.tracer.exit(-1L, this, "normalizeDN()");
        return stringBuffer;
    }

    @Override // com.ibm.wps.sso.AbstractPortalLoginModule
    public boolean commit() throws LoginException {
        AbstractPortalLoginModule.tracer.entry(-1L, this, "commit()");
        if (!this.loggedIn) {
            AbstractPortalLoginModule.tracer.text(-1L, this, "commit()", "Not logged in. . .  Nothing to do!");
            AbstractPortalLoginModule.tracer.exit(-1L, this, "commit()");
            return this.loggedIn;
        }
        setUserDN();
        setGroupDNs();
        this.loggedIn = true;
        AbstractPortalLoginModule.tracer.exit(-1L, this, "commit()");
        return this.loggedIn;
    }

    @Override // com.ibm.wps.sso.AbstractPortalLoginModule
    public boolean abort() throws LoginException {
        AbstractPortalLoginModule.tracer.entry(-1L, this, "abort()");
        if (!this.loggedIn) {
            AbstractPortalLoginModule.tracer.exit(-1L, this, "abort()");
            return this.loggedIn;
        }
        this.sharedState.remove(USER_DN_KEY);
        try {
            Set<Principal> principals = this.subject.getPrincipals();
            principals.removeAll(this.subject.getPrincipals(Class.forName("com.ibm.wps.sso.UserDNPrincipal")));
            principals.removeAll(this.subject.getPrincipals(Class.forName("com.ibm.wps.sso.GroupDNPrincipal")));
            AbstractPortalLoginModule.tracer.exit(-1L, this, "abort()");
            return true;
        } catch (ClassNotFoundException e) {
            if (AbstractPortalLoginModule.tracer.isLogging()) {
                AbstractPortalLoginModule.tracer.text(-1L, this, "abort()", "Could not remove the User/Group Principals from the principal set because the respective classes were not found");
                AbstractPortalLoginModule.tracer.exception(-1L, this, "abort()", e);
            }
            AbstractPortalLoginModule.messager.text(4L, this, "abort()", "Error removing the {0} from the Principal Set", "User/GroupDNPrincipals");
            throw new FailedLoginException("DNPrincipal Classes not found!");
        }
    }

    @Override // com.ibm.wps.sso.AbstractPortalLoginModule
    public boolean logout() throws LoginException {
        if (AbstractPortalLoginModule.tracer.isLogging()) {
            AbstractPortalLoginModule.tracer.text(-1L, this, "logout()", "Calling abort() to handle this. . .");
        }
        return abort();
    }
}
