package com.ifsoft.jmxweb.plugin;

import com.fasterxml.jackson.core.util.MinimalPrettyPrinter;
import java.io.Serializable;
import java.security.Principal;
import java.util.concurrent.ConcurrentHashMap;
import javax.security.auth.Subject;
import javax.servlet.ServletRequest;
import org.eclipse.jetty.security.DefaultIdentityService;
import org.eclipse.jetty.security.IdentityService;
import org.eclipse.jetty.security.LoginService;
import org.eclipse.jetty.server.UserIdentity;
import org.eclipse.jetty.util.component.AbstractLifeCycle;
import org.jivesoftware.openfire.XMPPServer;
import org.jivesoftware.openfire.admin.AdminManager;
import org.jivesoftware.openfire.auth.AuthFactory;
import org.jivesoftware.openfire.auth.AuthToken;
import org.jivesoftware.openfire.auth.UnauthorizedException;
import org.jivesoftware.openfire.user.UserManager;
import org.jivesoftware.openfire.user.UserNotFoundException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:lib/jmxweb-0.9.0.jar:com/ifsoft/jmxweb/plugin/OpenfireLoginService.class */
public class OpenfireLoginService extends AbstractLifeCycle implements LoginService {
    private static final Logger Log = LoggerFactory.getLogger(OpenfireLoginService.class);
    public static final ConcurrentHashMap<String, AuthToken> authTokens = new ConcurrentHashMap<>();
    public static final ConcurrentHashMap<String, UserIdentity> identities = new ConcurrentHashMap<>();
    private String _name;
    private IdentityService _identityService = new DefaultIdentityService();
    private UserManager userManager = XMPPServer.getInstance().getUserManager();

    /* loaded from: input_file:lib/jmxweb-0.9.0.jar:com/ifsoft/jmxweb/plugin/OpenfireLoginService$KnownUser.class */
    public static class KnownUser implements UserPrincipal, Serializable {
        private static final long serialVersionUID = -6226920753748399662L;
        private final String _name;
        private final Object _credential;

        public KnownUser(String str, Object obj) {
            this._name = str;
            this._credential = obj;
        }

        @Override // com.ifsoft.jmxweb.plugin.OpenfireLoginService.UserPrincipal
        public boolean authenticate(Object obj) {
            return true;
        }

        @Override // java.security.Principal
        public String getName() {
            return this._name;
        }

        @Override // com.ifsoft.jmxweb.plugin.OpenfireLoginService.UserPrincipal
        public boolean isAuthenticated() {
            return true;
        }

        @Override // java.security.Principal
        public String toString() {
            return this._name;
        }
    }

    /* loaded from: input_file:lib/jmxweb-0.9.0.jar:com/ifsoft/jmxweb/plugin/OpenfireLoginService$RolePrincipal.class */
    public static class RolePrincipal implements Principal, Serializable {
        private static final long serialVersionUID = 2998397924051854402L;
        private final String _roleName;

        public RolePrincipal(String str) {
            this._roleName = str;
        }

        @Override // java.security.Principal
        public String getName() {
            return this._roleName;
        }
    }

    /* loaded from: input_file:lib/jmxweb-0.9.0.jar:com/ifsoft/jmxweb/plugin/OpenfireLoginService$UserPrincipal.class */
    public interface UserPrincipal extends Principal, Serializable {
        boolean authenticate(Object obj);

        boolean isAuthenticated();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public OpenfireLoginService() {
    }

    public OpenfireLoginService(String str) {
        setName(str);
    }

    public String getName() {
        return this._name;
    }

    public IdentityService getIdentityService() {
        return this._identityService;
    }

    public void setIdentityService(IdentityService identityService) {
        if (isRunning()) {
            throw new IllegalStateException("Running");
        }
        this._identityService = identityService;
    }

    public void setName(String str) {
        if (isRunning()) {
            throw new IllegalStateException("Running");
        }
        this._name = str;
    }

    protected void doStart() throws Exception {
        super.doStart();
    }

    protected void doStop() throws Exception {
        super.doStop();
    }

    public void logout(UserIdentity userIdentity) {
        Log.debug("logout {}", userIdentity);
        identities.remove(userIdentity.getUserPrincipal().getName());
    }

    public String toString() {
        return getClass().getSimpleName() + "[" + this._name + "]";
    }

    public UserIdentity login(String str, Object obj, ServletRequest servletRequest) {
        UserIdentity newUserIdentity;
        if (identities.containsKey(str)) {
            newUserIdentity = identities.get(str);
            if (!authTokens.containsKey(str)) {
                Log.debug("UserIdentity login " + str + MinimalPrettyPrinter.DEFAULT_ROOT_VALUE_SEPARATOR);
                try {
                    if (!AdminManager.getInstance().isUserAdmin(str, true)) {
                        Log.error("access denied, not admin user " + str);
                        return null;
                    }
                    authTokens.put(str, AuthFactory.authenticate(str, (String) obj));
                } catch (Exception e) {
                    Log.error("access denied " + str);
                    return null;
                } catch (UnauthorizedException e2) {
                    Log.error("access denied, bad password " + str);
                    return null;
                }
            }
        } else {
            Log.debug("UserIdentity login " + str + MinimalPrettyPrinter.DEFAULT_ROOT_VALUE_SEPARATOR);
            try {
                this.userManager.getUser(str);
                try {
                    if (!AdminManager.getInstance().isUserAdmin(str, true)) {
                        Log.error("access denied, not admin user " + str);
                        return null;
                    }
                    authTokens.put(str, AuthFactory.authenticate(str, (String) obj));
                    KnownUser knownUser = new KnownUser(str, obj);
                    Subject subject = new Subject();
                    subject.getPrincipals().add(knownUser);
                    subject.getPrivateCredentials().add(obj);
                    subject.getPrincipals().add(new RolePrincipal("jmxweb"));
                    subject.setReadOnly();
                    newUserIdentity = this._identityService.newUserIdentity(subject, knownUser, new String[]{"jmxweb"});
                    identities.put(str, newUserIdentity);
                } catch (Exception e3) {
                    Log.error("access denied " + str);
                    return null;
                } catch (UnauthorizedException e4) {
                    Log.error("access denied, bad password " + str);
                    return null;
                }
            } catch (UserNotFoundException e5) {
                return null;
            }
        }
        return newUserIdentity;
    }

    public boolean validate(UserIdentity userIdentity) {
        return true;
    }
}
