package org.apache.geronimo.security.jaas;

import java.security.AccessController;
import java.security.Principal;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.Iterator;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import org.apache.geronimo.security.GeronimoSecurityException;
import org.apache.geronimo.security.RealmPrincipal;

/* loaded from: input_file:org/apache/geronimo/security/jaas/RemoteLoginModuleRemoteWrapper.class */
public class RemoteLoginModuleRemoteWrapper implements LoginModule {
    private String realm;
    private LoginModule module;
    private Subject internalSubject = new Subject();
    private Subject externalSubject;
    private static ClassLoader classLoader = (ClassLoader) AccessController.doPrivileged(new PrivilegedAction() { // from class: org.apache.geronimo.security.jaas.RemoteLoginModuleRemoteWrapper.1
        @Override // java.security.PrivilegedAction
        public Object run() {
            return Thread.currentThread().getContextClassLoader();
        }
    });

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        this.externalSubject = subject;
        this.realm = (String) map2.get(LoginModuleConstants.REALM_NAME);
        try {
            this.module = (LoginModule) AccessController.doPrivileged(new PrivilegedExceptionAction(this, (String) map2.get(LoginModuleConstants.MODULE)) { // from class: org.apache.geronimo.security.jaas.RemoteLoginModuleRemoteWrapper.2
                private final String val$finalClass;
                private final RemoteLoginModuleRemoteWrapper this$0;

                {
                    this.this$0 = this;
                    this.val$finalClass = r5;
                }

                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws ClassNotFoundException, InstantiationException, IllegalAccessException {
                    return Class.forName(this.val$finalClass, true, RemoteLoginModuleRemoteWrapper.classLoader).newInstance();
                }
            });
            this.module.initialize(this.internalSubject, callbackHandler, map, map2);
        } catch (PrivilegedActionException e) {
            Exception exception = e.getException();
            if (!(exception instanceof InstantiationException)) {
                throw ((GeronimoSecurityException) new GeronimoSecurityException(new StringBuffer().append("Initialize error: ").append(exception.toString()).append("\n").toString()).initCause(exception));
            }
            throw ((GeronimoSecurityException) new GeronimoSecurityException(new StringBuffer().append("Initialize error:").append(exception.getCause().getMessage()).append("\n").toString()).initCause(exception.getCause()));
        }
    }

    public boolean login() throws LoginException {
        return this.module.login();
    }

    public boolean commit() throws LoginException {
        if (!this.module.commit()) {
            return false;
        }
        Iterator<Principal> it = this.internalSubject.getPrincipals().iterator();
        while (it.hasNext()) {
            this.externalSubject.getPrincipals().add(new RealmPrincipal(this.realm, it.next()));
        }
        this.externalSubject.getPrincipals().addAll(this.internalSubject.getPrincipals());
        this.externalSubject.getPrivateCredentials().addAll(this.internalSubject.getPrivateCredentials());
        this.externalSubject.getPublicCredentials().addAll(this.internalSubject.getPublicCredentials());
        return true;
    }

    public boolean abort() throws LoginException {
        return this.module.abort();
    }

    public boolean logout() throws LoginException {
        Iterator<Principal> it = this.externalSubject.getPrincipals().iterator();
        while (it.hasNext()) {
            Principal next = it.next();
            if (next instanceof RealmPrincipal) {
                it.remove();
            }
            if (this.internalSubject.getPrincipals().contains(next)) {
                it.remove();
            }
        }
        Iterator<Object> it2 = this.externalSubject.getPrivateCredentials().iterator();
        while (it2.hasNext()) {
            if (this.internalSubject.getPrivateCredentials().contains(it2.next())) {
                it2.remove();
            }
        }
        Iterator<Object> it3 = this.externalSubject.getPublicCredentials().iterator();
        while (it3.hasNext()) {
            if (this.internalSubject.getPublicCredentials().contains(it3.next())) {
                it3.remove();
            }
        }
        return this.module.logout();
    }
}
