package net.sourceforge.jradiusclient.jaas;

import java.io.IOException;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.CredentialExpiredException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import net.sourceforge.jradiusclient.RadiusClient;
import net.sourceforge.jradiusclient.RadiusPacket;
import net.sourceforge.jradiusclient.exception.InvalidParameterException;
import net.sourceforge.jradiusclient.exception.RadiusException;
import net.sourceforge.jradiusclient.packets.PapAccessRequest;

/* loaded from: input_file:net/sourceforge/jradiusclient/jaas/RadiusLoginModule.class */
public class RadiusLoginModule implements LoginModule {
    public static final int MAX_CHALLENGE_ATTEMPTS = 3;
    private Subject radiusSubject;
    private CallbackHandler callbackHandler;
    private Map sharedState;
    private Map moduleOptions;
    private String userName;
    private RadiusPrincipal userPrincipal;
    private RadiusClient radiusClient;
    private boolean authenticationSucceeded = false;
    private boolean authenticationCommitted = false;
    private int challengedAttempts = 0;

    public boolean abort() throws LoginException {
        if (!this.authenticationSucceeded) {
            return false;
        }
        if (!this.authenticationSucceeded || this.authenticationCommitted) {
            logout();
            return true;
        }
        this.authenticationSucceeded = false;
        this.userName = null;
        this.radiusClient = null;
        this.userPrincipal = null;
        this.challengedAttempts = 0;
        return true;
    }

    public boolean commit() throws LoginException {
        if (!this.authenticationSucceeded) {
            return false;
        }
        this.userPrincipal = new RadiusPrincipal(this.userName);
        if (!this.radiusSubject.getPrincipals().contains(this.userPrincipal)) {
            this.radiusSubject.getPrincipals().add(this.userPrincipal);
        }
        this.userName = null;
        this.radiusClient = null;
        this.challengedAttempts = 0;
        this.authenticationCommitted = true;
        return true;
    }

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        this.radiusSubject = subject;
        this.callbackHandler = callbackHandler;
        this.sharedState = map;
        this.moduleOptions = map2;
    }

    public boolean login() throws LoginException {
        if (this.callbackHandler == null) {
            throw new LoginException("Error: No callback handler installed to gather username and password.");
        }
        Callback nameCallback = new NameCallback("User Name: ");
        PasswordCallback passwordCallback = new PasswordCallback("Password: ", true);
        RadiusCallback radiusCallback = new RadiusCallback();
        try {
            this.callbackHandler.handle(new Callback[]{nameCallback, passwordCallback, radiusCallback});
            this.userName = nameCallback.getName();
            char[] password = passwordCallback.getPassword();
            if (password == null) {
                password = new char[0];
            }
            passwordCallback.clearPassword();
            try {
                this.radiusClient = new RadiusClient(radiusCallback.getHostName(), radiusCallback.getAuthPort(), radiusCallback.getAcctPort(), radiusCallback.getSharedSecret());
                authenticate(new PapAccessRequest(this.userName, String.valueOf(password)), radiusCallback.getNumRetries());
                for (int i = 0; i < password.length; i++) {
                    password[i] = ' ';
                }
                this.authenticationSucceeded = true;
                return true;
            } catch (InvalidParameterException e) {
                StringBuffer stringBuffer = new StringBuffer("Configuration of the RADIUS client is incorrect. ");
                stringBuffer.append(e.getMessage());
                throw new LoginException(stringBuffer.toString());
            } catch (RadiusException e2) {
                StringBuffer stringBuffer2 = new StringBuffer("Configuration of the RADIUS client is incorrect. ");
                stringBuffer2.append(e2.getMessage());
                throw new LoginException(stringBuffer2.toString());
            }
        } catch (IOException e3) {
            throw new LoginException(e3.getMessage());
        } catch (UnsupportedCallbackException e4) {
            StringBuffer stringBuffer3 = new StringBuffer("Error: callback ");
            stringBuffer3.append(e4.getCallback().toString());
            stringBuffer3.append(" not supported.");
            throw new LoginException(stringBuffer3.toString());
        }
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:3:0x000e. Please report as an issue. */
    private void authenticate(RadiusPacket radiusPacket, int i) throws LoginException {
        try {
            RadiusPacket authenticate = this.radiusClient.authenticate(radiusPacket, i);
            switch (authenticate.getPacketType()) {
                case 2:
                    return;
                case 3:
                    throw new CredentialExpiredException("Incorrect User Name or Password.");
                case 11:
                    if (this.challengedAttempts > 3) {
                        this.challengedAttempts = 0;
                        throw new LoginException("Maximum number of challenge retries exceeded.");
                    }
                    Callback[] callbackArr = {new PasswordCallback(String.valueOf(authenticate.getAttribute(18).getValue()), true)};
                    try {
                        this.callbackHandler.handle(callbackArr);
                        String valueOf = String.valueOf(((PasswordCallback) callbackArr[0]).getPassword());
                        if (valueOf == null) {
                            valueOf = new String(RadiusPacket.EMPTYSTRING);
                        }
                        ((PasswordCallback) callbackArr[0]).clearPassword();
                        this.challengedAttempts++;
                        authenticate(new PapAccessRequest(this.userName, String.valueOf(valueOf)), 1);
                        return;
                    } catch (IOException e) {
                        throw new LoginException(e.getMessage());
                    } catch (UnsupportedCallbackException e2) {
                        StringBuffer stringBuffer = new StringBuffer("Error: callback ");
                        stringBuffer.append(e2.getCallback().toString());
                        stringBuffer.append(" not supported.");
                        throw new LoginException(stringBuffer.toString());
                    }
                default:
                    throw new LoginException("Received an Invalid response from the RADIUS Server.");
            }
        } catch (InvalidParameterException e3) {
            throw new LoginException(e3.getMessage());
        } catch (RadiusException e4) {
            throw new LoginException(e4.getMessage());
        }
    }

    public boolean logout() throws LoginException {
        this.radiusSubject.getPrincipals().remove(this.userPrincipal);
        this.authenticationCommitted = false;
        this.authenticationSucceeded = false;
        this.userName = null;
        this.radiusClient = null;
        this.userPrincipal = null;
        this.challengedAttempts = 0;
        return true;
    }
}
