package com.sun.jmx.remote.security;

import com.sun.jmx.remote.util.ClassLogger;
import com.sun.jmx.remote.util.EnvHelp;
import java.io.IOException;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import javax.management.remote.JMXAuthenticator;
import javax.security.auth.AuthPermission;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.Configuration;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;

/* loaded from: classes.dex */
public final class JMXPluggableAuthenticator implements JMXAuthenticator {
    private static final String LOGIN_CONFIG_PROP = "jmx.remote.x.login.config";
    private static final String PASSWORD_FILE_PROP = "jmx.remote.x.password.file";
    private LoginContext loginContext;
    private String password;
    private String username;
    private static final String LOGIN_CONFIG_NAME = "JMXPluggableAuthenticator";
    private static final ClassLogger logger = new ClassLogger("javax.management.remote.misc", LOGIN_CONFIG_NAME);

    /* loaded from: classes.dex */
    private static class FileLoginConfig extends Configuration {
        private static final String FILE_LOGIN_MODULE = FileLoginModule.class.getName();
        private static final String PASSWORD_FILE_OPTION = "passwordFile";
        private static AppConfigurationEntry[] entries;

        public FileLoginConfig(String str) {
            Map map;
            if (str != null) {
                map = new HashMap(1);
                map.put(PASSWORD_FILE_OPTION, str);
            } else {
                map = Collections.EMPTY_MAP;
            }
            entries = new AppConfigurationEntry[]{new AppConfigurationEntry(FILE_LOGIN_MODULE, AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, map)};
        }

        @Override // javax.security.auth.login.Configuration
        public AppConfigurationEntry[] getAppConfigurationEntry(String str) {
            if (str.equals(JMXPluggableAuthenticator.LOGIN_CONFIG_NAME)) {
                return entries;
            }
            return null;
        }

        @Override // javax.security.auth.login.Configuration
        public void refresh() {
        }
    }

    /* loaded from: classes.dex */
    private final class JMXCallbackHandler implements CallbackHandler {
        private JMXCallbackHandler() {
        }

        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
            for (int i = 0; i < callbackArr.length; i++) {
                if (callbackArr[i] instanceof NameCallback) {
                    ((NameCallback) callbackArr[i]).setName(JMXPluggableAuthenticator.this.username);
                } else {
                    if (!(callbackArr[i] instanceof PasswordCallback)) {
                        throw new UnsupportedCallbackException(callbackArr[i], "Unrecognized Callback");
                    }
                    ((PasswordCallback) callbackArr[i]).setPassword(JMXPluggableAuthenticator.this.password.toCharArray());
                }
            }
        }
    }

    public JMXPluggableAuthenticator(Map map) {
        final String str;
        String str2;
        if (map != null) {
            str2 = (String) map.get(LOGIN_CONFIG_PROP);
            str = (String) map.get(PASSWORD_FILE_PROP);
        } else {
            str = null;
            str2 = null;
        }
        try {
            if (str2 != null) {
                this.loginContext = new LoginContext(str2, new JMXCallbackHandler());
                return;
            }
            SecurityManager securityManager = System.getSecurityManager();
            if (securityManager != null) {
                securityManager.checkPermission(new AuthPermission("createLoginContext.JMXPluggableAuthenticator"));
            }
            try {
                this.loginContext = (LoginContext) AccessController.doPrivileged(new PrivilegedExceptionAction() { // from class: com.sun.jmx.remote.security.JMXPluggableAuthenticator.1
                    @Override // java.security.PrivilegedExceptionAction
                    public Object run() throws LoginException {
                        return new LoginContext(JMXPluggableAuthenticator.LOGIN_CONFIG_NAME, null, new JMXCallbackHandler(), new FileLoginConfig(str));
                    }
                });
            } catch (PrivilegedActionException e) {
                throw ((LoginException) e.getException());
            }
        } catch (SecurityException e2) {
            authenticationFailure("authenticate", e2);
        } catch (LoginException e3) {
            authenticationFailure("authenticate", e3);
        }
    }

    private static void authenticationFailure(String str, Exception exc) throws SecurityException {
        String str2;
        SecurityException securityException;
        if (exc instanceof SecurityException) {
            str2 = exc.getMessage();
            securityException = (SecurityException) exc;
        } else {
            str2 = "Authentication failed! " + exc.getMessage();
            SecurityException securityException2 = new SecurityException(str2);
            EnvHelp.initCause(securityException2, exc);
            securityException = securityException2;
        }
        logException(str, str2, securityException);
        throw securityException;
    }

    private static void authenticationFailure(String str, String str2) throws SecurityException {
        String str3 = "Authentication failed! " + str2;
        SecurityException securityException = new SecurityException(str3);
        logException(str, str3, securityException);
        throw securityException;
    }

    private static void logException(String str, String str2, Exception exc) {
        if (logger.traceOn()) {
            logger.trace(str, str2);
        }
        if (logger.debugOn()) {
            logger.debug(str, exc);
        }
    }

    @Override // javax.management.remote.JMXAuthenticator
    public Subject authenticate(Object obj) {
        if (!(obj instanceof String[])) {
            if (obj == null) {
                authenticationFailure("authenticate", "Credentials required");
            }
            authenticationFailure("authenticate", "Credentials should be String[] instead of " + obj.getClass().getName());
        }
        String[] strArr = (String[]) obj;
        if (strArr.length != 2) {
            authenticationFailure("authenticate", "Credentials should have 2 elements not " + strArr.length);
        }
        this.username = strArr[0];
        this.password = strArr[1];
        if (this.username == null || this.password == null) {
            authenticationFailure("authenticate", "Username or password is null");
        }
        try {
            this.loginContext.login();
            final Subject subject = this.loginContext.getSubject();
            AccessController.doPrivileged(new PrivilegedAction() { // from class: com.sun.jmx.remote.security.JMXPluggableAuthenticator.2
                @Override // java.security.PrivilegedAction
                public Object run() {
                    subject.setReadOnly();
                    return null;
                }
            });
            return subject;
        } catch (LoginException e) {
            authenticationFailure("authenticate", e);
            return null;
        }
    }
}
