package tigase.http.jetty.security;

import java.security.Principal;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.Subject;
import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
import org.eclipse.jetty.security.AbstractLoginService;
import org.eclipse.jetty.security.DefaultIdentityService;
import org.eclipse.jetty.security.IdentityService;
import org.eclipse.jetty.security.LoginService;
import org.eclipse.jetty.server.UserIdentity;
import org.eclipse.jetty.util.security.Credential;
import org.eclipse.jetty.util.security.Password;
import tigase.http.AuthProvider;
import tigase.xmpp.jid.BareJID;

/* loaded from: input_file:tigase/http/jetty/security/TigasePlainLoginService.class */
public class TigasePlainLoginService implements LoginService {
    private static final Logger log = Logger.getLogger(TigasePlainLoginService.class.getCanonicalName());
    private DefaultIdentityService identityService = new DefaultIdentityService();
    private AuthProvider authProvider;

    public TigasePlainLoginService(AuthProvider authProvider) {
        this.authProvider = null;
        this.authProvider = authProvider;
    }

    public String getName() {
        return "TigasePlain";
    }

    public UserIdentity login(String str, Object obj, ServletRequest servletRequest) {
        AuthProvider.JWTPayload authenticateWithCookie;
        if ((servletRequest instanceof HttpServletRequest) && (authenticateWithCookie = this.authProvider.authenticateWithCookie((HttpServletRequest) servletRequest)) != null) {
            return newUserIdentity(authenticateWithCookie.subject());
        }
        String str2 = null;
        if (obj instanceof String) {
            str2 = (String) obj;
        }
        if (obj instanceof Password) {
            str2 = ((Password) obj).toString();
        }
        if (str2 == null) {
            return null;
        }
        BareJID bareJIDInstanceNS = BareJID.bareJIDInstanceNS(str);
        boolean z = false;
        try {
            z = getAuthProvider().checkCredentials(str, str2);
        } catch (Exception e) {
            log.log(Level.FINE, "not authorized used = " + String.valueOf(bareJIDInstanceNS), (Throwable) e);
        }
        if (z) {
            return newUserIdentity(bareJIDInstanceNS);
        }
        return null;
    }

    private UserIdentity newUserIdentity(BareJID bareJID) {
        Principal userPrincipal = new AbstractLoginService.UserPrincipal(bareJID.toString(), (Credential) null);
        Subject subject = new Subject();
        subject.getPrincipals().add(userPrincipal);
        subject.setReadOnly();
        return getIdentityService().newUserIdentity(subject, userPrincipal, (String[]) getAuthProvider().getRoles(bareJID).toArray(new String[0]));
    }

    public boolean validate(UserIdentity userIdentity) {
        return true;
    }

    public IdentityService getIdentityService() {
        return this.identityService;
    }

    public void setIdentityService(IdentityService identityService) {
        this.identityService = (DefaultIdentityService) identityService;
    }

    public void logout(UserIdentity userIdentity) {
    }

    public AuthProvider getAuthProvider() {
        return this.authProvider;
    }

    public void setAuthProvider(AuthProvider authProvider) {
        this.authProvider = authProvider;
    }
}
