package de.ingrid.admin.security;

import de.ingrid.admin.IUris;
import de.ingrid.admin.security.IngridPrincipal;
import java.io.IOException;
import java.security.Principal;
import java.util.Set;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.mortbay.jetty.Request;
import org.mortbay.jetty.security.FormAuthenticator;
import org.mortbay.jetty.security.UserRealm;
import org.springframework.core.io.ClassPathResource;

/* loaded from: input_file:ingrid-iplug-ige-5.9.2.4/lib/ingrid-base-webapp-5.8.0.jar:de/ingrid/admin/security/IngridRealm.class */
public class IngridRealm implements UserRealm {
    private final Log LOG = LogFactory.getLog(IngridRealm.class);

    public IngridRealm() throws IOException {
        System.setProperty("java.security.auth.login.config", new ClassPathResource("ingrid.auth").getFile().getPath());
    }

    @Override // org.mortbay.jetty.security.UserRealm
    public Principal authenticate(String str, Object obj, Request request) {
        IngridPrincipal.KnownPrincipal knownPrincipal = null;
        try {
            RequestCallbackHandler requestCallbackHandler = new RequestCallbackHandler(request);
            String[] split = request.getRequestURL().toString().split("/base/auth/j_security_check");
            request.getSession().setAttribute("redirectUrl", request.getSession().getAttribute(FormAuthenticator.__J_URI));
            request.getSession().setAttribute(FormAuthenticator.__J_URI, split[0].concat(IUris.WELCOME));
            LoginContext loginContext = new LoginContext("IngridLogin", requestCallbackHandler);
            loginContext.login();
            Set<Principal> principals = loginContext.getSubject().getPrincipals();
            Principal next = principals.isEmpty() ? null : principals.iterator().next();
            if (next instanceof IngridPrincipal.KnownPrincipal) {
                IngridPrincipal.KnownPrincipal knownPrincipal2 = (IngridPrincipal.KnownPrincipal) next;
                knownPrincipal2.setLoginContext(loginContext);
                knownPrincipal = knownPrincipal2;
                this.LOG.info("principal has logged in: " + knownPrincipal);
            }
        } catch (LoginException e) {
            this.LOG.error("login error for user: " + str, e);
        }
        if (knownPrincipal == null) {
            this.LOG.info("login failed for userName: " + str);
        }
        return knownPrincipal;
    }

    @Override // org.mortbay.jetty.security.UserRealm
    public void disassociate(Principal principal) {
    }

    @Override // org.mortbay.jetty.security.UserRealm
    public String getName() {
        return IngridRealm.class.getSimpleName();
    }

    @Override // org.mortbay.jetty.security.UserRealm
    public Principal getPrincipal(String str) {
        throw new UnsupportedOperationException("not implemented");
    }

    @Override // org.mortbay.jetty.security.UserRealm
    public boolean isUserInRole(Principal principal, String str) {
        boolean z = false;
        if (principal instanceof IngridPrincipal.KnownPrincipal) {
            z = ((IngridPrincipal.KnownPrincipal) principal).isInRole(str);
        }
        return z;
    }

    @Override // org.mortbay.jetty.security.UserRealm
    public void logout(Principal principal) {
        try {
            if (principal instanceof IngridPrincipal.KnownPrincipal) {
                IngridPrincipal.KnownPrincipal knownPrincipal = (IngridPrincipal.KnownPrincipal) principal;
                LoginContext loginContext = knownPrincipal.getLoginContext();
                if (loginContext != null) {
                    loginContext.logout();
                }
                this.LOG.info("principal has logged out: " + knownPrincipal);
            }
        } catch (LoginException e) {
            this.LOG.warn("logout failed", e);
        }
    }

    @Override // org.mortbay.jetty.security.UserRealm
    public Principal popRole(Principal principal) {
        return principal;
    }

    @Override // org.mortbay.jetty.security.UserRealm
    public Principal pushRole(Principal principal, String str) {
        return principal;
    }

    @Override // org.mortbay.jetty.security.UserRealm
    public boolean reauthenticate(Principal principal) {
        return principal instanceof IngridPrincipal.KnownPrincipal;
    }
}
