package org.apache.karaf.jaas.modules.syncope;

import java.io.IOException;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import org.apache.felix.utils.json.JSONParser;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.util.EntityUtils;
import org.apache.karaf.jaas.boot.principal.RolePrincipal;
import org.apache.karaf.jaas.boot.principal.UserPrincipal;
import org.apache.karaf.jaas.modules.AbstractKarafLoginModule;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/karaf/jaas/modules/syncope/SyncopeLoginModule.class */
public class SyncopeLoginModule extends AbstractKarafLoginModule {
    private static final Logger LOGGER = LoggerFactory.getLogger(SyncopeLoginModule.class);
    public static final String ADDRESS = "address";
    public static final String VERSION = "version";
    public static final String USE_ROLES_FOR_SYNCOPE2 = "useRolesForSyncope2";
    public static final String ADMIN_USER = "admin.user";
    public static final String ADMIN_PASSWORD = "admin.password";
    private String address;
    private String version;
    private boolean useRolesForSyncope2;

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> map, Map<String, ?> map2) {
        super.initialize(subject, callbackHandler, map2);
        this.address = (String) map2.get(ADDRESS);
        this.version = (String) map2.get("version");
        if (map2.containsKey(USE_ROLES_FOR_SYNCOPE2)) {
            this.useRolesForSyncope2 = Boolean.parseBoolean((String) map2.get(USE_ROLES_FOR_SYNCOPE2));
        }
    }

    public boolean login() throws LoginException {
        NameCallback[] nameCallbackArr = {new NameCallback("Username: "), new PasswordCallback("Password: ", false)};
        try {
            this.callbackHandler.handle(nameCallbackArr);
            this.user = nameCallbackArr[0].getName();
            char[] password = ((PasswordCallback) nameCallbackArr[1]).getPassword();
            if (password == null) {
                password = new char[0];
            }
            String str = new String(password);
            this.principals = new HashSet();
            LOGGER.debug("Authenticate user {} on Syncope located {}", this.user, this.address);
            DefaultHttpClient defaultHttpClient = new DefaultHttpClient();
            defaultHttpClient.getCredentialsProvider().setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(this.user, str));
            HttpGet httpGet = new HttpGet(this.address + "/users/self");
            boolean z = this.version != null && (this.version.equals("2.x") || this.version.equals("2"));
            if (z) {
                httpGet.setHeader("Content-Type", "application/json");
            } else {
                httpGet.setHeader("Content-Type", "application/xml");
            }
            new ArrayList();
            try {
                CloseableHttpResponse execute = defaultHttpClient.execute((HttpUriRequest) httpGet);
                LOGGER.debug("Syncope HTTP response status code: {}", Integer.valueOf(execute.getStatusLine().getStatusCode()));
                if (execute.getStatusLine().getStatusCode() != 200) {
                    LOGGER.warn("User {} not authenticated", this.user);
                    return false;
                }
                LOGGER.debug("User {} authenticated", this.user);
                LOGGER.debug("Populating principals with user");
                this.principals.add(new UserPrincipal(this.user));
                LOGGER.debug("Retrieving user {} roles", this.user);
                String entityUtils = EntityUtils.toString(execute.getEntity());
                List<String> extractingRolesSyncope2 = z ? extractingRolesSyncope2(entityUtils) : extractingRolesSyncope1(entityUtils);
                LOGGER.debug("Populating principals with roles");
                Iterator<String> it = extractingRolesSyncope2.iterator();
                while (it.hasNext()) {
                    this.principals.add(new RolePrincipal(it.next()));
                }
                this.succeeded = true;
                return true;
            } catch (Exception e) {
                LOGGER.error("User {} authentication failed", this.user, e);
                throw new LoginException("User " + this.user + " authentication failed: " + e.getMessage());
            }
        } catch (IOException e2) {
            throw new LoginException(e2.getMessage());
        } catch (UnsupportedCallbackException e3) {
            throw new LoginException(e3.getMessage() + " not available to obtain information from user.");
        }
    }

    protected List<String> extractingRolesSyncope1(String str) throws Exception {
        int indexOf;
        ArrayList arrayList = new ArrayList();
        if (str != null && !str.isEmpty() && (indexOf = str.indexOf("<memberships>")) != -1) {
            String substring = str.substring(indexOf + "<memberships>".length());
            String substring2 = substring.substring(0, substring.indexOf("</memberships>"));
            int indexOf2 = substring2.indexOf("<roleName>");
            while (true) {
                int i = indexOf2;
                if (i == -1) {
                    break;
                }
                String substring3 = substring2.substring(i + "<roleName>".length());
                int indexOf3 = substring3.indexOf("</roleName>");
                if (indexOf3 == -1) {
                }
                arrayList.add(substring3.substring(0, indexOf3));
                substring2 = substring3.substring(indexOf3 + "</roleName>".length());
                indexOf2 = substring2.indexOf("<roleName>");
            }
        }
        return arrayList;
    }

    protected List<String> extractingRolesSyncope2(String str) throws Exception {
        ArrayList arrayList = new ArrayList();
        if (str != null && !str.isEmpty()) {
            JSONParser jSONParser = new JSONParser(str);
            if (this.useRolesForSyncope2) {
                return (List) jSONParser.getParsed().get("roles");
            }
            List<Map> list = (List) jSONParser.getParsed().get("memberships");
            if (list != null) {
                for (Map map : list) {
                    if (map.containsKey("groupName")) {
                        arrayList.add(map.get("groupName"));
                    }
                }
            }
        }
        return arrayList;
    }
}
