package flex.messaging.security;

import flex.messaging.FlexContext;
import java.security.Principal;
import java.util.Iterator;
import java.util.List;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginException;
import javax.servlet.http.HttpServletRequest;
import weblogic.security.Security;
import weblogic.security.SimpleCallbackHandler;
import weblogic.security.SubjectUtils;
import weblogic.security.services.Authentication;
import weblogic.servlet.security.ServletAuthentication;

/* loaded from: input_file:flex/messaging/security/WeblogicLoginCommand.class */
public class WeblogicLoginCommand extends AppServerLoginCommand implements PrincipalConverter {

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:flex/messaging/security/WeblogicLoginCommand$SubjectPrincipal.class */
    public class SubjectPrincipal implements Principal {
        private Subject subject;

        public SubjectPrincipal(Subject subject) {
            this.subject = subject;
        }

        @Override // java.security.Principal
        public String getName() {
            return SubjectUtils.getUserPrincipal(this.subject).getName();
        }

        public Subject getSubject() {
            return this.subject;
        }
    }

    public Principal doAuthentication(String str, Object obj) {
        Principal principal = null;
        String extractPassword = extractPassword(obj);
        if (extractPassword != null) {
            if (FlexContext.getHttpResponse() != null) {
                HttpServletRequest httpRequest = FlexContext.getHttpRequest();
                int i = 1;
                try {
                    i = ServletAuthentication.login(str, extractPassword, httpRequest);
                } catch (NoSuchMethodError e) {
                    i = ServletAuthentication.weak(str, extractPassword, httpRequest);
                } catch (LoginException e2) {
                }
                if (i != 1) {
                    principal = getSubjectPrincipal(str, extractPassword);
                }
            } else {
                principal = getSubjectPrincipal(str, extractPassword);
            }
        }
        return principal;
    }

    private Principal getSubjectPrincipal(String str, String str2) {
        SubjectPrincipal subjectPrincipal = null;
        try {
            subjectPrincipal = new SubjectPrincipal(Authentication.login(new SimpleCallbackHandler(str, str2)));
        } catch (LoginException e) {
        }
        return subjectPrincipal;
    }

    private boolean doSubjectGroupAuthorization(Principal principal, List list) {
        boolean z = false;
        Subject subject = principal instanceof SubjectPrincipal ? ((SubjectPrincipal) principal).getSubject() : Security.getCurrentSubject();
        if (subject == null) {
            return false;
        }
        Iterator it = list.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            if (SubjectUtils.isUserInGroup(subject, (String) it.next())) {
                z = true;
                break;
            }
        }
        return z;
    }

    public boolean doAuthorization(Principal principal, List list) {
        boolean doSubjectGroupAuthorization;
        if (principal == null) {
            return false;
        }
        if (FlexContext.getHttpResponse() != null) {
            doSubjectGroupAuthorization = doAuthorization(principal, list, FlexContext.getHttpRequest());
            if (!doSubjectGroupAuthorization) {
                doSubjectGroupAuthorization = doSubjectGroupAuthorization(principal, list);
            }
        } else {
            doSubjectGroupAuthorization = doSubjectGroupAuthorization(principal, list);
        }
        return doSubjectGroupAuthorization;
    }

    public boolean logout(Principal principal) {
        if (FlexContext.getHttpResponse() == null) {
            return true;
        }
        ServletAuthentication.logout(FlexContext.getHttpRequest());
        return true;
    }

    public Principal convertPrincipal(Principal principal) {
        return principal instanceof SubjectPrincipal ? principal : new SubjectPrincipal(Security.getCurrentSubject());
    }
}
