package net.sf.jguard.jsf.authentication.callbacks;

import com.octo.captcha.service.CaptchaService;
import java.io.IOException;
import java.util.Arrays;
import javax.portlet.PortletRequest;
import javax.portlet.PortletResponse;
import javax.portlet.PortletSession;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.LanguageCallback;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import net.sf.jguard.core.CoreConstants;
import net.sf.jguard.core.authentication.AuthenticationUtils;
import net.sf.jguard.ext.SecurityConstants;
import net.sf.jguard.ext.authentication.PersistedSubject;
import net.sf.jguard.ext.authentication.callbacks.CallbackHandlerUtils;
import net.sf.jguard.ext.authentication.callbacks.JCaptchaCallback;
import net.sf.jguard.jee.authentication.http.HttpConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/jguard-jee-extras-1.1.0-beta-4.jar:net/sf/jguard/jsf/authentication/callbacks/PortletCallbackHandler.class */
public class PortletCallbackHandler implements CallbackHandler {
    private PortletRequest portletRequest;
    private PortletResponse portletResponse;
    private boolean afterRegistration;
    private static final Logger logger;
    private static String authSchemes;
    private static String loginField;
    private static String passwordField;
    static Class class$net$sf$jguard$jsf$authentication$callbacks$PortletCallbackHandler;

    public PortletCallbackHandler() {
    }

    public PortletCallbackHandler(PortletRequest portletRequest, PortletResponse portletResponse) {
        this.portletRequest = portletRequest;
        this.afterRegistration = ((Boolean) portletRequest.getAttribute(CoreConstants.REGISTRATION_DONE)).booleanValue();
        this.portletResponse = portletResponse;
    }

    @Override // javax.security.auth.callback.CallbackHandler
    public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
        boolean z = false;
        for (Callback callback : callbackArr) {
            if (callback instanceof LanguageCallback) {
                ((LanguageCallback) callback).setLocale(this.portletRequest.getLocale());
            }
        }
        logger.debug(new StringBuffer().append("authSchemes=").append(authSchemes).toString());
        for (String str : Arrays.asList(authSchemes.split(","))) {
            if (!z && "FORM".equalsIgnoreCase(str)) {
                grabFormCredentials(this.portletRequest, callbackArr);
                z = true;
            }
            if (HttpConstants.CLIENT_CERT_AUTH.equalsIgnoreCase(str) && !grabClientCertCredentials(this.portletRequest, callbackArr)) {
                logger.info(" X509 certificates are not found ");
            }
        }
    }

    public static String getAuthSchemes() {
        return authSchemes;
    }

    public static void setAuthSchemes(String str) {
        authSchemes = str;
    }

    private boolean grabFormCredentials(PortletRequest portletRequest, Callback[] callbackArr) {
        PortletSession portletSession = portletRequest.getPortletSession(true);
        for (int i = 0; i < callbackArr.length; i++) {
            if (callbackArr[i] instanceof NameCallback) {
                ((NameCallback) callbackArr[i]).setName(this.portletRequest.getParameter(loginField));
            } else if (callbackArr[i] instanceof PasswordCallback) {
                PasswordCallback passwordCallback = (PasswordCallback) callbackArr[i];
                String parameter = this.portletRequest.getParameter(passwordField);
                if (parameter == null || parameter == "") {
                    passwordCallback.setPassword(null);
                } else {
                    passwordCallback.setPassword(parameter.toCharArray());
                }
            } else if (callbackArr[i] instanceof JCaptchaCallback) {
                JCaptchaCallback jCaptchaCallback = (JCaptchaCallback) callbackArr[i];
                jCaptchaCallback.setCaptchaAnswer(this.portletRequest.getParameter(SecurityConstants.CAPTCHA_ANSWER));
                jCaptchaCallback.setCaptchaService((CaptchaService) portletSession.getPortletContext().getAttribute(SecurityConstants.CAPTCHA_SERVICE));
                if (((AuthenticationUtils) portletSession.getAttribute(CoreConstants.AUTHN_UTILS)).getSubject() == null || this.afterRegistration) {
                    jCaptchaCallback.setSkipJCaptchaChallenge(true);
                }
                jCaptchaCallback.setSessionID(portletSession.getId());
            }
        }
        return true;
    }

    private boolean grabClientCertCredentials(PortletRequest portletRequest, Callback[] callbackArr) {
        if (portletRequest.isSecure()) {
            return CallbackHandlerUtils.grabClientCertCredentials(callbackArr, (Object[]) portletRequest.getAttribute(CallbackHandlerUtils.JAVAX_SERVLET_REQUEST_X509CERTIFICATE));
        }
        logger.warn(" certificate-based authentication MUST be do in secure mode ");
        logger.warn(new StringBuffer().append(" but connection is do with the non secured protocol ").append(portletRequest.getScheme()).toString());
        return false;
    }

    public static String getLoginField() {
        return loginField;
    }

    public static void setLoginField(String str) {
        loginField = str;
    }

    public static String getPasswordField() {
        return passwordField;
    }

    public static void setPasswordField(String str) {
        passwordField = str;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$net$sf$jguard$jsf$authentication$callbacks$PortletCallbackHandler == null) {
            cls = class$("net.sf.jguard.jsf.authentication.callbacks.PortletCallbackHandler");
            class$net$sf$jguard$jsf$authentication$callbacks$PortletCallbackHandler = cls;
        } else {
            cls = class$net$sf$jguard$jsf$authentication$callbacks$PortletCallbackHandler;
        }
        logger = LoggerFactory.getLogger(cls);
        authSchemes = "FORM";
        loginField = PersistedSubject.LOGIN;
        passwordField = "password";
    }
}
