package org.opennms.web.springframework.security;

import java.io.IOException;
import java.security.Principal;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import org.opennms.netmgt.config.users.User;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.GrantedAuthority;

/* loaded from: input_file:org/opennms/web/springframework/security/LoginModuleUtils.class */
public abstract class LoginModuleUtils {
    public static volatile Logger LOG = LoggerFactory.getLogger(LoginModuleUtils.class);

    protected LoginModuleUtils() {
    }

    public static boolean doLogin(LoginHandler loginHandler) throws LoginException {
        LOG.debug("OpenNMSLoginModule: login()");
        NameCallback[] nameCallbackArr = {new NameCallback("Username: "), new PasswordCallback("Password: ", false)};
        try {
            loginHandler.callbackHandler().handle(nameCallbackArr);
            String name = nameCallbackArr[0].getName();
            loginHandler.setUser(name);
            if (name == null) {
                LOG.debug("Username can not be null.");
                throw new LoginException("Username can not be null.");
            }
            if (((PasswordCallback) nameCallbackArr[1]).getPassword() == null) {
                LOG.debug("Password can not be null.");
                throw new LoginException("Password can not be null.");
            }
            String str = new String(((PasswordCallback) nameCallbackArr[1]).getPassword());
            try {
                User user = loginHandler.userConfig().getUser(name);
                SpringSecurityUser byUsername = loginHandler.springSecurityUserDao().getByUsername(name);
                if (user == null) {
                    String str2 = "User  " + name + " does not exist.";
                    LOG.debug(str2);
                    throw new FailedLoginException(str2);
                }
                if (!loginHandler.userConfig().comparePasswords(name, str)) {
                    LOG.debug("Login failed: passwords did not match.");
                    throw new FailedLoginException("Login failed: passwords did not match.");
                }
                boolean z = false;
                HashSet hashSet = new HashSet();
                Iterator<? extends GrantedAuthority> it = byUsername.getAuthorities().iterator();
                while (it.hasNext()) {
                    Set<Principal> createPrincipals = loginHandler.createPrincipals(it.next());
                    Iterator<Principal> it2 = createPrincipals.iterator();
                    while (it2.hasNext()) {
                        if ("admin".equals(it2.next().getName())) {
                            z = true;
                        }
                    }
                    hashSet.addAll(createPrincipals);
                }
                loginHandler.setPrincipals(hashSet);
                if (z) {
                    LOG.debug("Successfully logged in {}.", name);
                    return true;
                }
                String str3 = "User " + name + " is not an administrator!  OSGi console access is forbidden.";
                LOG.debug(str3);
                throw new LoginException(str3);
            } catch (Exception e) {
                String str4 = "Failed to retrieve user " + name + " from OpenNMS UserConfig.";
                LOG.debug(str4, e);
                throw new LoginException(str4);
            }
        } catch (IOException e2) {
            LOG.debug("IO exception while attempting to prompt for username and password.", e2);
            throw new LoginException(e2.getMessage());
        } catch (UnsupportedCallbackException e3) {
            LOG.debug("Username or password prompt not supported.", e3);
            throw new LoginException(e3.getMessage() + " not available to obtain information from user.");
        }
    }
}
