package org.hsqldb.auth;

import de.metanome.algorithm_integration.results.BasicStatistic;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.hsqldb.lib.FrameworkLogger;

/* loaded from: input_file:org/hsqldb/auth/JaasAuthBean.class */
public class JaasAuthBean implements AuthFunctionBean {
    private static FrameworkLogger logger = FrameworkLogger.getLog(JaasAuthBean.class);
    private boolean initialized;
    private String applicationKey;
    private Pattern roleSchemaValuePattern;
    private boolean roleSchemaViaCredential;

    /* loaded from: input_file:org/hsqldb/auth/JaasAuthBean$UPCallbackHandler.class */
    public static class UPCallbackHandler implements CallbackHandler {
        private String u;
        private char[] p;

        public UPCallbackHandler(String str, String str2) {
            this.u = str;
            this.p = str2.toCharArray();
        }

        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) throws UnsupportedCallbackException {
            boolean z = false;
            boolean z2 = false;
            for (Callback callback : callbackArr) {
                if (callback instanceof NameCallback) {
                    ((NameCallback) callback).setName(this.u);
                    z = true;
                } else {
                    if (!(callback instanceof PasswordCallback)) {
                        throw new UnsupportedCallbackException(callback, "Unsupported Callback type: " + callback.getClass().getName());
                    }
                    ((PasswordCallback) callback).setPassword(this.p);
                    z2 = true;
                }
            }
            if (!z) {
                throw new IllegalStateException("Supplied Callbacks does not include a NameCallback");
            }
            if (!z2) {
                throw new IllegalStateException("Supplied Callbacks does not include a PasswordCallback");
            }
        }
    }

    public void setRoleSchemaViaCredential(boolean z) {
        this.roleSchemaViaCredential = z;
    }

    public void init() {
        if (this.applicationKey == null) {
            throw new IllegalStateException("Required property 'applicationKey' not set");
        }
        if (this.roleSchemaViaCredential && this.roleSchemaValuePattern == null) {
            throw new IllegalStateException("Properties 'roleSchemaViaCredential' and 'roleSchemaValuePattern' are mutually exclusive.  If you want JaasAuthBean to manage roles or schemas, you must set property 'roleSchemaValuePattern'.");
        }
        this.initialized = true;
    }

    public void setApplicationKey(String str) {
        this.applicationKey = str;
    }

    public void setRoleSchemaValuePattern(Pattern pattern) {
        this.roleSchemaValuePattern = pattern;
    }

    public void setRoleSchemaValuePatternString(String str) {
        setRoleSchemaValuePattern(Pattern.compile(str));
    }

    @Override // org.hsqldb.auth.AuthFunctionBean
    public String[] authenticate(String str, String str2) throws DenyException {
        if (!this.initialized) {
            throw new IllegalStateException("You must invoke the 'init' method to initialize the " + JaasAuthBean.class.getName() + " instance.");
        }
        try {
            LoginContext loginContext = new LoginContext(this.applicationKey, new UPCallbackHandler(str, str2));
            try {
                loginContext.login();
                try {
                    if (this.roleSchemaValuePattern == null) {
                        return null;
                    }
                    int i = 0;
                    ArrayList<String> arrayList = new ArrayList();
                    ArrayList arrayList2 = new ArrayList();
                    Subject subject = loginContext.getSubject();
                    if (this.roleSchemaViaCredential) {
                        Iterator it2 = new ArrayList(subject.getPublicCredentials()).iterator();
                        while (it2.hasNext()) {
                            arrayList.add(it2.next().toString());
                        }
                    } else {
                        Iterator it3 = new ArrayList(subject.getPrincipals()).iterator();
                        while (it3.hasNext()) {
                            arrayList.add(((Principal) it3.next()).getName());
                        }
                    }
                    logger.finer(Integer.toString(arrayList.size()) + " candidate " + (this.roleSchemaViaCredential ? "Credentials" : "Principals"));
                    for (String str3 : arrayList) {
                        Matcher matcher = this.roleSchemaValuePattern.matcher(str3);
                        if (matcher.matches()) {
                            i++;
                            logger.finer("    +" + i + BasicStatistic.COLUMN_VALUE_SEPARATOR + (matcher.groupCount() > 0 ? matcher.group(1) : str3));
                            arrayList2.add(matcher.groupCount() > 0 ? matcher.group(1) : str3);
                        } else {
                            i++;
                            logger.finer("    -" + i + BasicStatistic.COLUMN_VALUE_SEPARATOR + str3);
                        }
                    }
                    String[] strArr = (String[]) arrayList2.toArray(new String[0]);
                    loginContext.logout();
                    return strArr;
                } finally {
                    loginContext.logout();
                }
            } catch (LoginException e) {
                logger.finer("JSSE backend denying access:  " + e);
                throw new DenyException();
            }
        } catch (RuntimeException e2) {
            logger.severe("System JaasAuthBean failure", e2);
            throw e2;
        } catch (LoginException e3) {
            logger.severe("System JaasAuthBean failure", e3);
            throw new RuntimeException(e3);
        }
    }
}
