package ru.runa.wfe.security.logic;

import java.security.Principal;
import java.util.List;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.Configuration;
import javax.security.auth.login.LoginContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.annotation.Required;
import ru.runa.wfe.commons.logic.CommonLogic;
import ru.runa.wfe.security.AuthenticationException;
import ru.runa.wfe.security.auth.KerberosCallbackHandler;
import ru.runa.wfe.security.auth.LoginModuleConfiguration;
import ru.runa.wfe.security.auth.PasswordLoginModuleCallbackHandler;
import ru.runa.wfe.security.auth.PrincipalCallbackHandler;
import ru.runa.wfe.security.auth.SubjectPrincipalsHelper;
import ru.runa.wfe.security.auth.TrustedLoginModuleCallbackHandler;
import ru.runa.wfe.user.Actor;
import ru.runa.wfe.user.User;

/* loaded from: input_file:ru/runa/wfe/security/logic/AuthenticationLogic.class */
public class AuthenticationLogic extends CommonLogic {
    private static final Log log = LogFactory.getLog(AuthenticationLogic.class);
    private List<LoginHandler> loginHandlers;

    @Required
    public void setLoginHandlers(List<LoginHandler> list) {
        this.loginHandlers = list;
    }

    public User authenticate(Principal principal) throws AuthenticationException {
        return authenticate(new PrincipalCallbackHandler(principal), AuthType.OTHER);
    }

    public User authenticate(byte[] bArr) throws AuthenticationException {
        return authenticate(new KerberosCallbackHandler(bArr), AuthType.KERBEROS);
    }

    public User authenticate(String str, String str2) throws AuthenticationException {
        return authenticate(new PasswordLoginModuleCallbackHandler(str, str2), AuthType.DB);
    }

    public User authenticate(User user, String str) throws AuthenticationException {
        return authenticate(new TrustedLoginModuleCallbackHandler(user, str), AuthType.TRUSTED);
    }

    private User authenticate(CallbackHandler callbackHandler, AuthType authType) throws AuthenticationException {
        try {
            LoginContext loginContext = new LoginContext(LoginModuleConfiguration.APP_NAME, (Subject) null, callbackHandler, Configuration.getConfiguration());
            loginContext.login();
            User user = SubjectPrincipalsHelper.getUser(loginContext.getSubject());
            SubjectPrincipalsHelper.validateUser(user);
            callHandlers(user.getActor(), authType);
            log.debug(user.getName() + " successfully authenticated");
            return user;
        } catch (Exception e) {
            throw new AuthenticationException(e);
        }
    }

    private void callHandlers(Actor actor, AuthType authType) {
        for (LoginHandler loginHandler : this.loginHandlers) {
            try {
                loginHandler.onUserLogin(actor, authType);
            } catch (Throwable th) {
                log.warn("Exception while calling loginHandler " + loginHandler, th);
            }
        }
    }
}
