package com.edulib.ice.security.authentication;

import com.edulib.ice.core.ICECore;
import com.edulib.ice.security.ICEGroupPrincipal;
import com.edulib.ice.security.ICESubject;
import com.edulib.ice.security.ICEUserPrincipal;
import com.edulib.ice.security.authentication.exceptions.ICEUserFailedLoginException;
import com.edulib.ice.util.ICEPasswordUtil;
import com.edulib.ice.util.ICEProperties;
import com.edulib.ice.util.ICEXmlUtil;
import com.edulib.ice.util.configuration.ICEConfiguration;
import com.edulib.ice.util.configuration.ICEConfigurationFactory;
import com.edulib.ice.util.log.ICELog;
import com.edulib.ice.util.resources.BundleConstants;
import com.edulib.ice.util.resources.ICEResourceFactory;
import com.edulib.muse.xmldb.XmlDBManager;
import com.installshield.database.designtime.ISTableConst;
import com.installshield.qjml.QJML;
import java.io.File;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Map;
import java.util.ResourceBundle;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.SAXException;

/* loaded from: input_file:install/data/9c285435c4e09b0Muse_Applications/2.1.0.1/assembly.dat:acbf824bf0a1940ada7f616f8941b821/ice.jar:com/edulib/ice/security/authentication/ICELoginModuleXMLDB.class */
public class ICELoginModuleXMLDB implements LoginModule {
    public static final String XMLDB_URL = "xmldb:exist:http://@localhost:8000/xmldb/exist/xmlrpc";
    private String xmldbURL = null;
    private String userID = null;
    private String partnerID = null;
    private String userPassword = null;
    private String userName = null;
    private String userHome = null;
    private String userGroup = null;
    private String encryption = null;
    private boolean expired = false;
    private String userExpiry = null;
    private long userExpiryLong = 0;
    private ICESubject iceSubject = null;
    private Subject subject = null;
    private CallbackHandler callbackHandler = null;
    private Map sharedState = null;
    private Map options = null;
    private boolean succeeded = false;
    private boolean commitSucceeded = false;
    private ICEUserPrincipal userPrincipal = null;
    private ICEGroupPrincipal groupPrincipal = null;
    private ICELog log = null;
    private int maxSessionsPerUser = 0;
    private Hashtable userSessionsTable = null;
    private HashMap subjectProperties = null;
    private ResourceBundle resourceBundle = null;

    public final void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        this.subject = subject;
        this.callbackHandler = callbackHandler;
        this.sharedState = map;
        this.options = map2;
        this.xmldbURL = (String) map2.get("xmldbURL");
        this.subjectProperties = new HashMap();
    }

    public final boolean login() throws LoginException {
        this.resourceBundle = ICECore.getICEResourceBundle();
        if (this.xmldbURL == null || this.xmldbURL.trim().equals("")) {
            throw new LoginException(ICEResourceFactory.getMessage(this.resourceBundle, null, BundleConstants.ERROR_LOGIN_PARAM_EMPTY, "xmdbURL"));
        }
        if (this.callbackHandler == null) {
            throw new LoginException(ICEResourceFactory.getMessage(this.resourceBundle, null, BundleConstants.ERROR_LOGIN_NOCALLBACK, "CallbackHandler"));
        }
        Callback[] callbackArr = {new ICECallback()};
        try {
            this.callbackHandler.handle(callbackArr);
            ICECallback iCECallback = (ICECallback) callbackArr[0];
            this.iceSubject = ((ICECallback) callbackArr[0]).getSubject();
            this.log = ((ICECallback) callbackArr[0]).getLog();
            this.userID = ((ICECallback) callbackArr[0]).getParameter("customerID");
            this.partnerID = ((ICECallback) callbackArr[0]).getParameter("userID");
            if (this.partnerID != null && this.partnerID.trim().length() > 0) {
                this.partnerID = this.partnerID.split("\\.")[0];
            }
            this.userPassword = ((ICECallback) callbackArr[0]).getParameter("userPwd");
            this.encryption = ((ICECallback) callbackArr[0]).getParameter("encryption");
            if (this.encryption != null && this.encryption.trim().equals("")) {
                this.encryption = null;
            }
            if (this.userPassword == null) {
                this.userPassword = new String(new char[0]);
            }
            this.userSessionsTable = (Hashtable) this.iceSubject.getLocalProperty("userSessionsTable");
            if (this.userSessionsTable == null) {
                this.userSessionsTable = new Hashtable();
            }
            if (this.iceSubject.getSubject() != null) {
                this.subject = this.iceSubject.getSubject();
            } else {
                this.iceSubject.setSubject(this.subject);
            }
            if (iCECallback.getResourceBundle() != null) {
                this.resourceBundle = iCECallback.getResourceBundle();
            }
            if (this.userID == null) {
                this.log.log(1, (Object) this, "Login failed: User ID not present. Nothing to authenticate.");
                throw new ICEUserFailedLoginException(ICEResourceFactory.getMessage(this.resourceBundle, this.log, BundleConstants.ERROR_LOGIN_PARAM_EMPTY, "User ID"));
            }
            this.log.log(4, (Object) this, "Authenticating user: " + this.userID + "...");
            if (this.encryption != null) {
                this.log.log(8, (Object) this, "Using encryption: " + this.encryption);
                try {
                    MessageDigest.getInstance(this.encryption);
                } catch (NoSuchAlgorithmException e) {
                    this.log.log(1, (Object) this, "Login failed: Unsupported encryption algorithm: " + this.encryption);
                    throw new ICEUserFailedLoginException(ICEResourceFactory.getMessage(this.resourceBundle, this.log, BundleConstants.ERROR_LOGIN_ENCRYPTION, this.encryption));
                }
            }
            this.log.log(8, (Object) this, "Password file location: " + this.xmldbURL);
            try {
                Document createXmlDocument = ICEXmlUtil.createXmlDocument(XmlDBManager.getClient(this.xmldbURL).getXMLResource("/db/security/PWD", "PWD." + this.partnerID + ".xml"), false);
                if (createXmlDocument.getDocumentElement() == null) {
                    this.log.log(1, (Object) this, "Login failed: Error reading configuration files");
                    throw new LoginException(ICEResourceFactory.getMessage(this.resourceBundle, this.log, BundleConstants.ERROR_LOGIN_CONFIG, new String[0]));
                }
                NodeList elementsByTagName = createXmlDocument.getDocumentElement().getElementsByTagName("USER_RECORD");
                int length = elementsByTagName.getLength();
                for (int i = 0; i < length; i++) {
                    Node item = elementsByTagName.item(i);
                    String searchNodeValue = searchNodeValue(item, ISTableConst.IS_ACTION_PARAMETER_ID);
                    if (searchNodeValue != null) {
                        try {
                            if (searchNodeValue.equals(this.userID)) {
                                String searchNodeValue2 = searchNodeValue(item, "PWD");
                                String searchNodeAttribValue = searchNodeAttribValue(item, "PWD", "encryption");
                                if (searchNodeAttribValue != null && this.encryption != null && !searchNodeAttribValue.equals(this.encryption)) {
                                    throw new LoginException(ICEResourceFactory.getMessage(this.resourceBundle, this.log, BundleConstants.ERROR_LOGIN_ALGORTIM, new String[0]));
                                }
                                if (searchNodeValue2 == null || !checkPassword(this.userPassword, this.encryption, searchNodeValue2, searchNodeAttribValue)) {
                                    this.succeeded = false;
                                    throw new ICEUserFailedLoginException(ICEResourceFactory.getMessage(this.resourceBundle, this.log, BundleConstants.ERROR_LOGIN, ""));
                                }
                                this.userName = searchNodeValue(item, "NAME");
                                if (searchNodeValue(item, "HOME") != null) {
                                    this.userHome = ICEConfiguration.resolveVariables(searchNodeValue(item, "HOME"));
                                }
                                this.userGroup = searchNodeValue(item, "GROUP");
                                this.userExpiry = searchNodeValue(item, "EXPIRY");
                                if (this.userExpiry != null && this.userExpiry.trim().length() != 0) {
                                    SimpleDateFormat simpleDateFormat = new SimpleDateFormat("MM/dd/yyyy");
                                    simpleDateFormat.setLenient(true);
                                    try {
                                        Date parse = simpleDateFormat.parse(this.userExpiry);
                                        this.userExpiryLong = parse.getTime();
                                        if (new Date().after(parse)) {
                                            this.expired = true;
                                        }
                                    } catch (ParseException e2) {
                                        this.expired = false;
                                    }
                                }
                                if (this.expired) {
                                    throw new FailedLoginException(ICEResourceFactory.getMessage(this.resourceBundle, this.log, BundleConstants.ERROR_SECURITY_EXPIRED, new String[0]));
                                }
                                this.succeeded = true;
                                loadUserProfile(this.userHome);
                                if (this.maxSessionsPerUser > 0) {
                                    synchronized (this.userSessionsTable) {
                                        if (this.userSessionsTable.containsKey(this.userID)) {
                                            int intValue = ((Integer) this.userSessionsTable.get(this.userID)).intValue();
                                            this.log.log(8, (Object) this, "Current number of running sessions for user " + this.userID + ": " + intValue);
                                            if (intValue >= this.maxSessionsPerUser) {
                                                this.succeeded = false;
                                                throw new LoginException(ICEResourceFactory.getMessage(this.resourceBundle, this.log, BundleConstants.LIMIT_MAX_SESSION, this.userID));
                                            }
                                            this.userSessionsTable.put(this.userID, new Integer(intValue + 1));
                                        } else {
                                            this.userSessionsTable.put(this.userID, new Integer(1));
                                        }
                                    }
                                }
                                return this.succeeded;
                            }
                        } catch (NullPointerException e3) {
                            throw new LoginException(ICEResourceFactory.getMessage(this.resourceBundle, this.log, BundleConstants.ERROR_GENERAL, "Login", e3.getLocalizedMessage()));
                        }
                    }
                }
                if (0 != 0) {
                    return false;
                }
                this.succeeded = false;
                throw new ICEUserFailedLoginException(ICEResourceFactory.getMessage(this.resourceBundle, this.log, BundleConstants.ERROR_LOGIN, ""));
            } catch (IOException e4) {
                this.log.log(1, (Object) this, "Login failed: " + e4.getMessage());
                throw new LoginException(ICEResourceFactory.getMessage(this.resourceBundle, this.log, BundleConstants.ERROR_GENERAL, "Login", e4.getMessage()));
            } catch (SAXException e5) {
                if (e5.getException() != null) {
                    this.log.log(1, (Object) this, "Login failed: " + e5.getException().getMessage());
                    throw new LoginException(ICEResourceFactory.getMessage(this.resourceBundle, this.log, BundleConstants.ERROR_GENERAL, "Login", e5.getException().getLocalizedMessage()));
                }
                this.log.log(1, (Object) this, "Login failed: " + e5.getMessage());
                throw new LoginException(ICEResourceFactory.getMessage(this.resourceBundle, this.log, BundleConstants.ERROR_GENERAL, "Login", e5.getLocalizedMessage()));
            } catch (Exception e6) {
                this.log.log(1, (Object) this, "Login failed: " + e6.getMessage());
                throw new LoginException(ICEResourceFactory.getMessage(this.resourceBundle, this.log, BundleConstants.ERROR_GENERAL, "Login", e6.getLocalizedMessage()));
            }
        } catch (IOException e7) {
            this.log.log(1, (Object) this, e7.toString());
            throw new LoginException(ICEResourceFactory.getMessage(this.resourceBundle, this.log, BundleConstants.ERROR_GENERAL, "Login", e7.toString()));
        } catch (UnsupportedCallbackException e8) {
            this.log.log(1, (Object) this, "Login failed: " + e8.getCallback().toString() + " not available to garner authentication information from the user.");
            throw new LoginException(ICEResourceFactory.getMessage(this.resourceBundle, this.log, BundleConstants.ERROR_LOGIN_NOCALLBACK, e8.getCallback().toString()));
        }
    }

    public boolean commit() throws LoginException {
        if (!this.succeeded) {
            this.log.log(8, (Object) this, "Authentication failed. Cannot proceed to phase 2");
            return false;
        }
        this.log.log(8, (Object) this, "Phase 1 of authentication succeeded. Proceeding to phase 2.");
        this.userPrincipal = new ICEUserPrincipal();
        this.userPrincipal.setUserName(this.userID);
        if (!this.subject.getPrincipals().contains(this.userPrincipal)) {
            this.subject.getPrincipals().add(this.userPrincipal);
        }
        this.groupPrincipal = new ICEGroupPrincipal();
        this.groupPrincipal.setUserGroup(this.userGroup);
        if (!this.subject.getPrincipals().contains(this.groupPrincipal)) {
            this.subject.getPrincipals().add(this.groupPrincipal);
        }
        this.sharedState.put("userID", this.userID);
        this.sharedState.put("userFullName", this.userName);
        this.sharedState.put("userGroup", this.userGroup);
        this.sharedState.put("userHome", this.userHome);
        this.iceSubject.setUserName(this.userID);
        this.iceSubject.setUserFullName(this.userName);
        this.iceSubject.setUserHome(this.userHome);
        this.iceSubject.setUserGroup(this.userGroup);
        this.iceSubject.setUserExpiry(this.userExpiryLong);
        ICEProperties iCEProperties = (ICEProperties) this.subjectProperties.get("userProperties");
        if (iCEProperties != null) {
            iCEProperties.setValue("partnerID", this.partnerID);
            iCEProperties.setValue("customerID", this.userID);
            this.iceSubject.setUserProperties(iCEProperties);
        } else {
            ICEProperties iCEProperties2 = new ICEProperties();
            iCEProperties2.setValue("partnerID", this.partnerID);
            iCEProperties2.setValue("customerID", this.userID);
            this.iceSubject.setUserProperties(iCEProperties2);
        }
        String str = (String) this.subjectProperties.get("userProfilesLocation");
        if (str != null) {
            this.iceSubject.setUserProfilesLocation(str);
        }
        String str2 = (String) this.subjectProperties.get("userStyleSheets");
        if (str2 != null) {
            this.iceSubject.setUserStyleSheetsLocation(str2);
        }
        String str3 = (String) this.subjectProperties.get("userScriptsLocation");
        if (str3 != null) {
            this.iceSubject.setUserScriptsLocation(str3);
        }
        String str4 = (String) this.subjectProperties.get("userWorkroomLocation");
        if (str4 != null) {
            this.iceSubject.setUserWorkroomLocation(str4);
        }
        String str5 = (String) this.subjectProperties.get("userModulesLocation");
        if (str5 != null) {
            this.iceSubject.setUserModulesLocation(str5);
        }
        String str6 = (String) this.subjectProperties.get("userPackagesLocation");
        if (str6 != null) {
            this.iceSubject.setUserPackagesLocation(str6);
        }
        String str7 = (String) this.subjectProperties.get("useDocumentRepository");
        if (str7 != null) {
            this.iceSubject.setUseDocumentRepository(Boolean.valueOf(str7).booleanValue());
        }
        String str8 = (String) this.subjectProperties.get("documentRepositoryName");
        if (str8 != null) {
            this.iceSubject.setDocumentRepositoryName(str8);
        }
        this.commitSucceeded = true;
        this.log.log(8, (Object) this, "Phase 2 of authentication succeeded. Proceeding...");
        this.log.log(4, (Object) this, "Authentication succeeded.");
        return true;
    }

    public final boolean abort() throws LoginException {
        if (!this.succeeded) {
            this.log.log(8, (Object) this, "Login failed. Aborting...");
            return false;
        }
        if (!this.succeeded || this.commitSucceeded) {
            this.log.log(8, (Object) this, "Authentication succeeded, but someone else commit failed... Logout");
            logout();
            return true;
        }
        this.log.log(8, (Object) this, "Authentication failed. Aborting...");
        logout();
        return true;
    }

    public final boolean logout() throws LoginException {
        this.log.log(8, (Object) this, "Log out.");
        this.succeeded = false;
        this.succeeded = this.commitSucceeded;
        this.userName = null;
        this.userPassword = null;
        if (this.userSessionsTable != null) {
            synchronized (this.userSessionsTable) {
                if (this.userSessionsTable.containsKey(this.userID)) {
                    int intValue = ((Integer) this.userSessionsTable.get(this.userID)).intValue();
                    if (intValue > 0) {
                        intValue--;
                        this.userSessionsTable.put(this.userID, new Integer(intValue));
                    }
                    this.log.log(8, (Object) this, "Current number of running sessions for user " + this.userID + ": " + intValue);
                }
            }
        }
        return this.subject.getPrincipals().remove(this.userPrincipal);
    }

    private boolean checkPassword(String str, String str2, String str3, String str4) {
        try {
            if (str2 == null) {
                return str4 == null ? str3.equals(str) : str3.equals(new String(ICEPasswordUtil.encode(str, str4, true), QJML.QJML_ENCODING));
            }
            byte[] bytes = str3.getBytes(QJML.QJML_ENCODING);
            if (str4 == null) {
                bytes = ICEPasswordUtil.encode(str3, str2, true);
            }
            return str.equals(new String(bytes, QJML.QJML_ENCODING));
        } catch (UnsupportedEncodingException e) {
            return false;
        } catch (NoSuchAlgorithmException e2) {
            return false;
        } catch (Exception e3) {
            return false;
        }
    }

    private static String searchNodeValue(Node node, String str) {
        return ICEXmlUtil.searchNodeValue(node, str);
    }

    private static String searchNodeAttribValue(Node node, String str, String str2) {
        Node searchNode;
        if (str2 == null || (searchNode = ICEXmlUtil.searchNode(node, str)) == null || searchNode.getNodeType() != 1) {
            return null;
        }
        String attribute = ((Element) searchNode).getAttribute(str2);
        if (attribute != null && attribute.trim().equals("")) {
            attribute = null;
        }
        return attribute;
    }

    private void loadUserProfile(String str) throws LoginException {
        if (str != null) {
            this.log.log(8, (Object) this, "Loading user profile...");
            try {
                String str2 = str + File.separator + "profile.xml";
                ICEConfiguration makeConfiguration = ICEConfigurationFactory.makeConfiguration();
                makeConfiguration.load(str2);
                String value = makeConfiguration.getValue("PROPERTIES");
                if (value != null) {
                    ICEProperties iCEProperties = new ICEProperties(value);
                    this.subjectProperties.put("userProperties", iCEProperties);
                    makeConfiguration.setProperties(iCEProperties);
                }
                this.maxSessionsPerUser = this.iceSubject.getMaxUserSessions();
                String value2 = makeConfiguration.getValue("MAX_USER_CONCURRENT_SESSIONS");
                if (value2 != null) {
                    try {
                        this.maxSessionsPerUser = Integer.parseInt(value2);
                    } catch (NumberFormatException e) {
                        this.maxSessionsPerUser = this.iceSubject.getMaxUserSessions();
                    }
                }
                this.log.log(8, (Object) this, "Maximum sessions for user " + this.userID + ": " + this.maxSessionsPerUser);
                this.subjectProperties.put("userProfilesLocation", makeConfiguration.getValue("PROFILES"));
                this.subjectProperties.put("userStyleSheets", makeConfiguration.getValue("STYLE_SHEETS"));
                this.subjectProperties.put("userScriptsLocation", makeConfiguration.getValue("SCRIPTS"));
                this.subjectProperties.put("userWorkroomLocation", makeConfiguration.getValue("WORKROOM"));
                this.subjectProperties.put("userModulesLocation", makeConfiguration.getValue("MODULES"));
                this.subjectProperties.put("userPackagesLocation", makeConfiguration.getValue("PACKAGES"));
                String bool = Boolean.TRUE.toString();
                String attributeRawValue = makeConfiguration.getAttributeRawValue("DOCUMENT_REPOSITORY", "use");
                if (attributeRawValue != null && attributeRawValue.trim().length() > 0) {
                    bool = Boolean.valueOf(attributeRawValue).toString();
                }
                this.subjectProperties.put("useDocumentRepository", bool);
                this.subjectProperties.put("documentRepositoryName", makeConfiguration.getValue("DOCUMENT_REPOSITORY"));
                NodeList childNodes = ICEXmlUtil.createXmlDocument(new File(str2), false).getDocumentElement().getChildNodes();
                int length = childNodes.getLength();
                HashSet hashSet = new HashSet();
                for (String str3 : new String[]{"PROPERTIES", "PROFILES", "STYLE_SHEETS", "SCRIPTS", "WORKROOM", "MODULES", "PACKAGES", "MAX_USER_CONCURRENT_SESSIONS"}) {
                    hashSet.add(str3);
                }
                for (int i = 0; i < length; i++) {
                    Node item = childNodes.item(i);
                    if (item.getNodeType() == 1) {
                        String nodeName = item.getNodeName();
                        if (!hashSet.contains(nodeName)) {
                            this.iceSubject.setLocalProperty(nodeName, item.getFirstChild() != null ? item.getFirstChild().getNodeValue() : "");
                        }
                    }
                }
            } catch (IOException e2) {
            } catch (Exception e3) {
                throw new LoginException(ICEResourceFactory.getMessage(this.resourceBundle, this.log, BundleConstants.ERROR_GENERAL, "Login", e3.getLocalizedMessage()));
            }
        }
    }
}
