package org.eclipse.jetty.security.jaspi;

import java.io.IOException;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.message.callback.CallerPrincipalCallback;
import javax.security.auth.message.callback.CertStoreCallback;
import javax.security.auth.message.callback.GroupPrincipalCallback;
import javax.security.auth.message.callback.PasswordValidationCallback;
import javax.security.auth.message.callback.PrivateKeyCallback;
import javax.security.auth.message.callback.SecretKeyCallback;
import javax.security.auth.message.callback.TrustStoreCallback;
import org.eclipse.jetty.security.LoginService;
import org.eclipse.jetty.security.authentication.LoginCallbackImpl;
import org.eclipse.jetty.security.jaspi.callback.CredentialValidationCallback;
import org.eclipse.jetty.server.UserIdentity;

/* loaded from: input_file:jetty-all-9.2.9.v20150224.jar:org/eclipse/jetty/security/jaspi/ServletCallbackHandler.class */
public class ServletCallbackHandler implements CallbackHandler {
    private final LoginService _loginService;
    private final ThreadLocal<CallerPrincipalCallback> _callerPrincipals = new ThreadLocal<>();
    private final ThreadLocal<GroupPrincipalCallback> _groupPrincipals = new ThreadLocal<>();

    public ServletCallbackHandler(LoginService loginService) {
        this._loginService = loginService;
    }

    @Override // javax.security.auth.callback.CallbackHandler
    public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
        for (Callback callback : callbackArr) {
            if (callback instanceof CallerPrincipalCallback) {
                this._callerPrincipals.set((CallerPrincipalCallback) callback);
            } else if (callback instanceof GroupPrincipalCallback) {
                this._groupPrincipals.set((GroupPrincipalCallback) callback);
            } else if (callback instanceof PasswordValidationCallback) {
                PasswordValidationCallback passwordValidationCallback = (PasswordValidationCallback) callback;
                passwordValidationCallback.getSubject();
                UserIdentity login = this._loginService.login(passwordValidationCallback.getUsername(), passwordValidationCallback.getPassword());
                if (login != null) {
                    passwordValidationCallback.setResult(true);
                    passwordValidationCallback.getSubject().getPrincipals().addAll(login.getSubject().getPrincipals());
                    passwordValidationCallback.getSubject().getPrivateCredentials().add(login);
                }
            } else if (callback instanceof CredentialValidationCallback) {
                CredentialValidationCallback credentialValidationCallback = (CredentialValidationCallback) callback;
                LoginCallbackImpl loginCallbackImpl = new LoginCallbackImpl(credentialValidationCallback.getSubject(), credentialValidationCallback.getUsername(), credentialValidationCallback.getCredential());
                UserIdentity login2 = this._loginService.login(credentialValidationCallback.getUsername(), credentialValidationCallback.getCredential());
                if (login2 != null) {
                    loginCallbackImpl.setUserPrincipal(login2.getUserPrincipal());
                    credentialValidationCallback.getSubject().getPrivateCredentials().add(loginCallbackImpl);
                    credentialValidationCallback.setResult(true);
                    credentialValidationCallback.getSubject().getPrincipals().addAll(login2.getSubject().getPrincipals());
                    credentialValidationCallback.getSubject().getPrivateCredentials().add(login2);
                }
            } else if (!(callback instanceof CertStoreCallback) && !(callback instanceof PrivateKeyCallback) && !(callback instanceof SecretKeyCallback) && !(callback instanceof TrustStoreCallback)) {
                throw new UnsupportedCallbackException(callback);
            }
        }
    }

    public CallerPrincipalCallback getThreadCallerPrincipalCallback() {
        CallerPrincipalCallback callerPrincipalCallback = this._callerPrincipals.get();
        this._callerPrincipals.set(null);
        return callerPrincipalCallback;
    }

    public GroupPrincipalCallback getThreadGroupPrincipalCallback() {
        GroupPrincipalCallback groupPrincipalCallback = this._groupPrincipals.get();
        this._groupPrincipals.set(null);
        return groupPrincipalCallback;
    }
}
