package be.gaudry.model.security;

import java.io.IOException;
import java.net.InetAddress;
import java.security.Principal;
import java.util.Iterator;
import javax.naming.NamingException;
import javax.naming.directory.InitialDirContext;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:be/gaudry/model/security/KerberosLoginAuthenticator.class */
public class KerberosLoginAuthenticator {
    private LoginContext lc;
    private static Log LOGGER = LogFactory.getLog(KerberosLoginAuthenticator.class);

    /* loaded from: input_file:be/gaudry/model/security/KerberosLoginAuthenticator$BrolCallbackHandler.class */
    private class BrolCallbackHandler implements CallbackHandler {
        private LoginBean loginBean;

        public BrolCallbackHandler(LoginBean loginBean) {
            this.loginBean = loginBean;
        }

        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
            String str;
            String login = this.loginBean.getLogin();
            String password = this.loginBean.getPassword();
            try {
                str = InetAddress.getLocalHost().getHostName();
                KerberosLoginAuthenticator.LOGGER.debug(String.format("Domain = ", str));
            } catch (Exception e) {
                str = "";
                KerberosLoginAuthenticator.LOGGER.debug(e.getMessage(), e);
            }
            for (Callback callback : callbackArr) {
                if (callback instanceof NameCallback) {
                    login = login.concat("@").concat(str);
                    ((NameCallback) callback).setName(login);
                } else {
                    if (!(callback instanceof PasswordCallback)) {
                        throw new UnsupportedCallbackException(callback, "Unrecognized Callback");
                    }
                    ((PasswordCallback) callback).setPassword(password.toCharArray());
                }
            }
        }
    }

    public Subject getSubject() {
        if (this.lc == null) {
            return null;
        }
        return this.lc.getSubject();
    }

    public boolean authenticate(LoginBean loginBean) throws LoginException {
        LoginContext loginContext = new LoginContext("KerberosSecurityAuthSSO", new BrolCallbackHandler(loginBean));
        try {
            loginContext.login();
            Iterator<Principal> it = loginContext.getSubject().getPrincipals().iterator();
            Principal principal = null;
            while (it.hasNext()) {
                principal = it.next();
            }
            if (principal != null) {
                return principal.getName().equals(loginBean.getLogin());
            }
            return false;
        } catch (LoginException e) {
            LOGGER.error(e.getMessage(), e);
            return false;
        }
    }

    public static void setSecurityConfigProperties() {
        LOGGER.debug(String.format("JAAS configuration file: %s", "be/gaudry/model/security/jaas.conf"));
        System.setProperty("java.security.auth.login.config", "be/gaudry/model/security/jaas.conf");
        LOGGER.debug(String.format("Kerberos configuration file: %s", "be/gaudry/model/security/krb5.conf"));
        System.setProperty("java.security.krb5.conf", "be/gaudry/model/security/krb5.conf");
    }

    public static boolean isKerberosSupported(String str) {
        try {
            InitialDirContext initialDirContext = new InitialDirContext();
            LOGGER.debug(String.format("ldap://%s:389 accepts %s", str, initialDirContext.getAttributes(String.format("ldap://%s:389", str), new String[]{"supportedSASLMechanisms"})));
            initialDirContext.close();
            return true;
        } catch (NamingException e) {
            LOGGER.debug(e.getMessage(), e);
            return false;
        }
    }
}
