package flex.messaging.security;

import flex.messaging.FlexContext;
import flex.messaging.util.PropertyStringResourceLoader;
import java.security.Principal;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.management.InstanceNotFoundException;
import javax.management.MBeanException;
import javax.management.MalformedObjectNameException;
import javax.management.ObjectInstance;
import javax.management.ObjectName;
import javax.management.QueryExp;
import javax.management.ReflectionException;
import javax.servlet.ServletConfig;
import javax.servlet.http.HttpSession;
import jrun.security.JRunSecurityException;
import jrun.servlet.WebApplication;
import jrun.servlet.security.AuthenticatedUser;
import jrun.servlet.security.ServletUsers;
import jrun.servlet.security.WebAppSecurityService;
import jrunx.kernel.JRun;

/* loaded from: input_file:WEB-INF/lib/flex-messaging-opt.jar:flex/messaging/security/JRunLoginCommand.class */
public class JRunLoginCommand extends AppServerLoginCommand {
    private WebAppSecurityService appSecurity;
    private ServletUsers usersService;
    private static final int AUTH_FAILED = 10060;
    private static final int SEC_MANAGER_REQ_FOR_AUTH = 10061;
    private static final int NO_SEC_MANAGER = 20050;
    private static final int NO_SEC_SRVC_OR_USERS = 20051;

    @Override // flex.messaging.security.AppServerLoginCommand, flex.messaging.security.LoginCommand
    public void start(ServletConfig servletConfig) {
        try {
            Class.forName("jrun.servlet.security.AuthenticatedUser");
            Class.forName("jrun.servlet.security.WebAppSecurityService");
            Class.forName("jrun.servlet.JRunServletContext");
            if (JRun.server != null) {
                try {
                    ObjectInstance objectInstance = null;
                    Set queryMBeans = JRun.server.queryMBeans(new ObjectName("ServletEngineService." + servletConfig.getServletContext().getWebApplication().getName() + ":service=WebAppSecurityService"), (QueryExp) null);
                    if (queryMBeans != null) {
                        Iterator it = queryMBeans.iterator();
                        if (it.hasNext()) {
                            objectInstance = (ObjectInstance) it.next();
                        }
                    }
                    if (objectInstance != null) {
                        Object invoke = JRun.server.invoke(objectInstance.getObjectName(), "getWebAppSecurity", (Object[]) null, (String[]) null);
                        if (invoke instanceof WebAppSecurityService) {
                            this.appSecurity = (WebAppSecurityService) invoke;
                        }
                    }
                    Set queryMBeans2 = JRun.server.queryMBeans(new ObjectName("ServletEngineService:service=ServletUsersService"), (QueryExp) null);
                    if (queryMBeans2 != null) {
                        Iterator it2 = queryMBeans2.iterator();
                        if (it2.hasNext()) {
                            objectInstance = (ObjectInstance) it2.next();
                        }
                    }
                    if (objectInstance != null) {
                        Object invoke2 = JRun.server.invoke(objectInstance.getObjectName(), "getServletUsers", (Object[]) null, (String[]) null);
                        if (invoke2 instanceof ServletUsers) {
                            this.usersService = (ServletUsers) invoke2;
                        }
                    }
                } catch (MBeanException e) {
                    Exception targetException = e.getTargetException();
                    SecurityException securityException = new SecurityException(new PropertyStringResourceLoader(PropertyStringResourceLoader.VENDORS_BUNDLE));
                    securityException.setMessage(NO_SEC_SRVC_OR_USERS);
                    securityException.setRootCause(targetException);
                    throw securityException;
                } catch (ReflectionException e2) {
                    SecurityException securityException2 = new SecurityException(new PropertyStringResourceLoader(PropertyStringResourceLoader.VENDORS_BUNDLE));
                    securityException2.setMessage(NO_SEC_SRVC_OR_USERS);
                    securityException2.setRootCause(e2);
                    throw securityException2;
                } catch (MalformedObjectNameException e3) {
                    SecurityException securityException3 = new SecurityException(new PropertyStringResourceLoader(PropertyStringResourceLoader.VENDORS_BUNDLE));
                    securityException3.setMessage(NO_SEC_SRVC_OR_USERS);
                    securityException3.setRootCause(e3);
                    throw securityException3;
                } catch (InstanceNotFoundException e4) {
                    SecurityException securityException4 = new SecurityException(new PropertyStringResourceLoader(PropertyStringResourceLoader.VENDORS_BUNDLE));
                    securityException4.setMessage(NO_SEC_SRVC_OR_USERS);
                    securityException4.setRootCause(e4);
                    throw securityException4;
                } catch (NullPointerException e5) {
                    SecurityException securityException5 = new SecurityException(new PropertyStringResourceLoader(PropertyStringResourceLoader.VENDORS_BUNDLE));
                    securityException5.setMessage(NO_SEC_SRVC_OR_USERS);
                    securityException5.setRootCause(e5);
                    throw securityException5;
                }
            }
        } catch (Throwable th) {
            SecurityException securityException6 = new SecurityException(new PropertyStringResourceLoader(PropertyStringResourceLoader.VENDORS_BUNDLE));
            securityException6.setMessage(NO_SEC_MANAGER);
            throw securityException6;
        }
    }

    @Override // flex.messaging.security.LoginCommand
    public Principal doAuthentication(String str, Object obj) throws SecurityException {
        SecurityException securityException;
        AuthenticatedUser authenticate;
        if (this.appSecurity == null) {
            start(FlexContext.getServletConfig());
        }
        try {
            String extractPassword = extractPassword(obj);
            if (extractPassword == null) {
                return null;
            }
            if (FlexContext.getHttpResponse() != null) {
                authenticate = this.appSecurity.authenticate(str, extractPassword, FlexContext.getHttpRequest().getSession(true));
            } else {
                HttpSession createSession = FlexContext.getServletConfig().getServletContext().getWebApplication().getSessionService().createSession("temp");
                authenticate = this.appSecurity.authenticate(str, extractPassword, createSession);
                createSession.invalidate();
            }
            return authenticate.getPrincipal();
        } catch (Exception e) {
            if (e instanceof SecurityException) {
                securityException = (SecurityException) e;
            } else if (e instanceof MBeanException) {
                Exception targetException = e.getTargetException();
                securityException = new SecurityException();
                securityException.setMessage(AUTH_FAILED);
                securityException.setRootCause(targetException);
            } else if (e instanceof JRunSecurityException) {
                securityException = new SecurityException();
                securityException.setMessage(AUTH_FAILED);
                securityException.setRootCause(e);
            } else {
                securityException = new SecurityException();
                securityException.setMessage(SEC_MANAGER_REQ_FOR_AUTH);
            }
            securityException.setCode(SecurityException.CLIENT_AUTHENTICATION_CODE);
            throw securityException;
        }
    }

    @Override // flex.messaging.security.AppServerLoginCommand, flex.messaging.security.LoginCommand
    public boolean doAuthorization(Principal principal, List list) throws SecurityException {
        if (this.appSecurity == null) {
            start(FlexContext.getServletConfig());
        }
        boolean z = false;
        if (FlexContext.getHttpResponse() == null) {
            int i = 0;
            while (true) {
                if (i >= list.size()) {
                    break;
                }
                if (this.appSecurity.isPrincipalInRole(principal, (String) list.get(i))) {
                    z = true;
                    break;
                }
                i++;
            }
        } else {
            z = doAuthorization(principal, list, FlexContext.getHttpRequest());
        }
        return z;
    }

    @Override // flex.messaging.security.LoginCommand
    public boolean logout(Principal principal) throws SecurityException {
        if (FlexContext.getHttpResponse() == null) {
            return true;
        }
        try {
            WebApplication webApplication = FlexContext.getServletConfig().getServletContext().getWebApplication();
            this.usersService.getUser(FlexContext.getHttpRequest().getSession().getId(), webApplication).logoff();
            return true;
        } catch (NullPointerException e) {
            return true;
        }
    }

    @Override // flex.messaging.security.AppServerLoginCommand, flex.messaging.security.LoginCommand
    public void stop() {
        this.usersService = null;
        this.appSecurity = null;
    }
}
