package io.jans.model.security;

import io.jans.model.security.event.Authenticated;
import jakarta.annotation.PostConstruct;
import jakarta.annotation.Priority;
import jakarta.enterprise.context.RequestScoped;
import jakarta.enterprise.event.Event;
import jakarta.enterprise.inject.Alternative;
import jakarta.inject.Inject;
import jakarta.inject.Named;
import java.io.Serializable;
import java.lang.annotation.Annotation;
import java.security.Principal;
import java.security.acl.Group;
import java.util.HashMap;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginException;
import org.slf4j.Logger;

@Named
@Alternative
@Priority(2010)
@RequestScoped
/* loaded from: input_file:io/jans/model/security/Identity.class */
public class Identity implements Serializable {
    private static final long serialVersionUID = 3751659008033189259L;
    public static final String EVENT_LOGIN_SUCCESSFUL = "org.jboss.seam.security.loginSuccessful";
    public static final String ROLES_GROUP = "Roles";

    @Inject
    private Logger log;

    @Inject
    private Credentials credentials;

    @Inject
    private Event<String> event;
    private Principal principal;
    private HashMap<String, Object> workingParameters;
    private Subject subject;

    @PostConstruct
    public void create() {
        this.subject = new Subject();
    }

    public boolean isLoggedIn() {
        return getPrincipal() != null;
    }

    public boolean tryLogin() {
        if (getPrincipal() == null && this.credentials.isSet()) {
            quietLogin();
        }
        return isLoggedIn();
    }

    public String login() {
        try {
            if (isLoggedIn()) {
                return "loggedIn";
            }
            authenticate();
            if (!isLoggedIn()) {
                throw new LoginException();
            }
            if (this.log.isDebugEnabled()) {
                this.log.debug("Login successful for: " + this.credentials.getUsername());
            }
            this.event.select(new Annotation[]{Authenticated.Literal.INSTANCE}).fire(EVENT_LOGIN_SUCCESSFUL);
            return "loggedIn";
        } catch (LoginException e) {
            this.credentials.invalidate();
            if (!this.log.isDebugEnabled()) {
                return null;
            }
            this.log.debug("Login failed for: " + this.credentials.getUsername(), e);
            return null;
        }
    }

    public void quietLogin() {
        try {
            if (!isLoggedIn() && this.credentials.isSet()) {
                authenticate();
            }
        } catch (LoginException e) {
            this.credentials.invalidate();
        }
    }

    public synchronized void authenticate() throws LoginException {
        if (isLoggedIn() || this.credentials.isInvalid()) {
            return;
        }
        this.principal = new SimplePrincipal(this.credentials.getUsername());
        this.credentials.setPassword(null);
    }

    public void acceptExternallyAuthenticatedPrincipal(Principal principal) {
        this.principal = principal;
    }

    public Principal getPrincipal() {
        return this.principal;
    }

    public Subject getSubject() {
        return this.subject;
    }

    public Credentials getCredentials() {
        return this.credentials;
    }

    public void unAuthenticate() {
        this.principal = null;
        this.credentials.clear();
        this.subject = new Subject();
    }

    public void logout() {
        if (isLoggedIn()) {
            unAuthenticate();
        }
    }

    private synchronized void initWorkingParamaters() {
        if (this.workingParameters == null) {
            this.workingParameters = new HashMap<>();
        }
    }

    public HashMap<String, Object> getWorkingParameters() {
        initWorkingParamaters();
        return this.workingParameters;
    }

    public boolean isSetWorkingParameter(String str) {
        return getWorkingParameters().containsKey(str);
    }

    public Object getWorkingParameter(String str) {
        return getWorkingParameters().get(str);
    }

    public void setWorkingParameter(String str, Object obj) {
        getWorkingParameters().put(str, obj);
    }

    public boolean addRole(String str) {
        if (str == null || "".equals(str) || !isLoggedIn()) {
            return false;
        }
        for (Group group : getSubject().getPrincipals(Group.class)) {
            if (ROLES_GROUP.equals(group.getName())) {
                return group.addMember(new Role(str));
            }
        }
        SimpleGroup simpleGroup = new SimpleGroup(ROLES_GROUP);
        simpleGroup.addMember(new Role(str));
        getSubject().getPrincipals().add(simpleGroup);
        return true;
    }

    public boolean hasRole(String str) {
        tryLogin();
        for (Group group : getSubject().getPrincipals(Group.class)) {
            if (ROLES_GROUP.equals(group.getName())) {
                return group.isMember(new Role(str));
            }
        }
        return false;
    }
}
