package net.jradius.security.auth;

import java.io.IOException;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.CredentialExpiredException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import net.jradius.client.RadiusClient;
import net.jradius.dictionary.Attr_UserName;
import net.jradius.dictionary.Attr_UserPassword;
import net.jradius.log.RadiusLog;
import net.jradius.packet.AccessAccept;
import net.jradius.packet.AccessRequest;
import net.jradius.packet.RadiusResponse;
import net.jradius.packet.attribute.AttributeFactory;
import net.jradius.packet.attribute.AttributeList;
import net.jradius.security.JRadiusPrincipal;

/* loaded from: input_file:remote-poller/lib/remote-poller.jar:lib/jradius-core-1.0.0-20080911.jar:net/jradius/security/auth/JRadiusModule.class */
public class JRadiusModule implements LoginModule {
    private Subject subject;
    private CallbackHandler callbackHandler;
    private Map sharedState;
    private Map options;
    private String userName;
    private JRadiusPrincipal principal;
    private RadiusClient radiusClient;
    private AttributeList authAttributes;
    private AttributeList acctAttributes;
    private boolean debug = false;
    private boolean authenticated = false;
    private boolean committed = false;
    private int retries = 3;
    private int attempts = 0;

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        this.subject = subject;
        this.callbackHandler = callbackHandler;
        this.sharedState = map;
        this.options = map2;
        this.debug = "true".equalsIgnoreCase((String) map2.get("debug"));
    }

    public boolean commit() throws LoginException {
        if (!this.authenticated) {
            return false;
        }
        this.principal = new JRadiusPrincipal(this.userName);
        if (!this.subject.getPrincipals().contains(this.principal)) {
            this.subject.getPrincipals().add(this.principal);
        }
        this.attempts = 0;
        this.committed = true;
        return true;
    }

    public boolean login() throws LoginException {
        if (this.callbackHandler == null) {
            throw new LoginException("No CallbackHandler for this JRadius LoginModule.");
        }
        if (this.radiusClient == null) {
            this.radiusClient = new RadiusClient();
        }
        Callback nameCallback = new NameCallback("User Name: ");
        PasswordCallback passwordCallback = new PasswordCallback("Password: ", true);
        JRadiusCallback jRadiusCallback = new JRadiusCallback(this.radiusClient);
        try {
            this.callbackHandler.handle(new Callback[]{nameCallback, passwordCallback, jRadiusCallback});
            this.userName = nameCallback.getName();
            String str = new String(passwordCallback.getPassword());
            try {
                AccessRequest accessRequest = new AccessRequest(this.radiusClient, jRadiusCallback.getAuthAttributes());
                accessRequest.addAttribute(AttributeFactory.newAttribute(Attr_UserName.NAME, this.userName, "="));
                accessRequest.addAttribute(AttributeFactory.newAttribute(Attr_UserPassword.NAME, str, "="));
                if (this.debug) {
                    RadiusLog.debug("Sending:\n" + accessRequest.toString());
                }
                RadiusResponse authenticate = this.radiusClient.authenticate(accessRequest, jRadiusCallback.getRadiusAuthenticator(), this.retries);
                if (authenticate == null) {
                    throw new LoginException("no reply from remote RADIUS server");
                }
                if (this.debug) {
                    RadiusLog.debug("Received:\n" + authenticate.toString());
                }
                if (!(authenticate instanceof AccessAccept)) {
                    throw new CredentialExpiredException("authentication failed");
                }
                this.authenticated = true;
                return true;
            } catch (Exception e) {
                throw new LoginException(e.getMessage());
            }
        } catch (IOException e2) {
            throw new LoginException(e2.getMessage());
        } catch (UnsupportedCallbackException e3) {
            StringBuffer stringBuffer = new StringBuffer("Error: Callback ");
            stringBuffer.append(e3.getCallback().toString());
            stringBuffer.append(" not supported.");
            throw new LoginException(stringBuffer.toString());
        }
    }

    public boolean logout() throws LoginException {
        this.subject.getPrincipals().remove(this.principal);
        this.authenticated = false;
        this.committed = false;
        this.userName = null;
        this.principal = null;
        this.attempts = 0;
        return true;
    }

    public boolean abort() throws LoginException {
        if (!this.authenticated) {
            return false;
        }
        if (!this.authenticated || this.committed) {
            logout();
            return true;
        }
        this.authenticated = false;
        this.attempts = 0;
        return true;
    }
}
