package ru.runa.wfe.security.auth;

import com.google.common.collect.Maps;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.Map;
import javax.naming.directory.InitialDirContext;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.login.LoginException;
import ru.runa.wfe.commons.SystemProperties;
import ru.runa.wfe.commons.ftl.ExpressionEvaluator;
import ru.runa.wfe.user.Actor;

/* loaded from: input_file:ru/runa/wfe/security/auth/LdapLoginModule.class */
public class LdapLoginModule extends LoginModuleBase {
    private Hashtable<String, String> env = new Hashtable<>();

    @Override // ru.runa.wfe.security.auth.LoginModuleBase
    public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> map, Map<String, ?> map2) {
        this.env.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        this.env.put("java.naming.provider.url", SystemProperties.getResources().getStringProperty("authentication.ldap.server.url"));
        this.env.put("java.naming.security.authentication", "simple");
        this.env.put("java.naming.ldap.version", "3");
        super.initialize(subject, callbackHandler, map, map2);
    }

    private String getCredential(String str) {
        HashMap newHashMap = Maps.newHashMap();
        newHashMap.put("domain.name", SystemProperties.getResources().getStringProperty("authentication.domain.name"));
        newHashMap.put("username", str);
        return ExpressionEvaluator.substitute(SystemProperties.getResources().getStringProperty("authentication.ldap.userName.format"), newHashMap);
    }

    @Override // ru.runa.wfe.security.auth.LoginModuleBase
    protected Actor login(CallbackHandler callbackHandler) throws Exception {
        NameCallback[] nameCallbackArr = {new NameCallback("actor name: "), new PasswordCallback("password: ", false)};
        callbackHandler.handle(nameCallbackArr);
        String name = nameCallbackArr[0].getName();
        if (name == null) {
            throw new LoginException("No actor name was provided.");
        }
        char[] password = ((PasswordCallback) nameCallbackArr[1]).getPassword();
        if (password == null || password.length == 0) {
            throw new LoginException("No password was provided.");
        }
        String str = new String(password);
        this.env.put("java.naming.security.principal", getCredential(name));
        this.env.put("java.naming.security.credentials", str);
        new InitialDirContext(this.env).close();
        return this.executorDAO.getActorCaseInsensitive(name);
    }
}
