package xo;

import java.io.IOException;
import java.security.Principal;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.context.ApplicationEventPublisherAware;
import org.springframework.context.ApplicationListener;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.jaas.JaasAuthenticationToken;
import org.springframework.security.authentication.jaas.JaasGrantedAuthority;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.util.Assert;
import org.springframework.util.ObjectUtils;
import uo.k;

/* loaded from: classes3.dex */
public abstract class a implements k, ApplicationEventPublisherAware, InitializingBean, ApplicationListener<kp.b> {

    /* renamed from: a, reason: collision with root package name */
    public ApplicationEventPublisher f43116a;

    /* renamed from: b, reason: collision with root package name */
    public b[] f43117b;

    /* renamed from: c, reason: collision with root package name */
    public e[] f43118c;

    /* renamed from: d, reason: collision with root package name */
    public final nn.a f43119d = nn.h.getLog(getClass());

    /* renamed from: e, reason: collision with root package name */
    public i f43120e = new d();

    /* renamed from: f, reason: collision with root package name */
    public String f43121f = "SPRINGSECURITY";

    /* renamed from: xo.a$a, reason: collision with other inner class name */
    /* loaded from: classes3.dex */
    public class C0549a implements CallbackHandler {

        /* renamed from: a, reason: collision with root package name */
        public final Authentication f43122a;

        public C0549a(Authentication authentication) {
            this.f43122a = authentication;
        }

        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
            for (e eVar : a.this.f43118c) {
                for (Callback callback : callbackArr) {
                    eVar.handle(callback, this.f43122a);
                }
            }
        }
    }

    public void afterPropertiesSet() throws Exception {
        Assert.hasLength(this.f43121f, "loginContextName cannot be null or empty");
        Assert.notEmpty(this.f43117b, "authorityGranters cannot be null or empty");
        if (ObjectUtils.isEmpty(this.f43118c)) {
            setCallbackHandlers(new e[]{new g(), new h()});
        }
        Assert.notNull(this.f43120e, "loginExceptionResolver cannot be null");
    }

    @Override // uo.k
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        if (!(authentication instanceof UsernamePasswordAuthenticationToken)) {
            return null;
        }
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = (UsernamePasswordAuthenticationToken) authentication;
        try {
            LoginContext b10 = b(new C0549a(authentication));
            b10.login();
            HashSet hashSet = new HashSet();
            for (Principal principal : b10.getSubject().getPrincipals()) {
                for (b bVar : this.f43117b) {
                    Set<String> grant = bVar.grant(principal);
                    if (grant != null && !grant.isEmpty()) {
                        Iterator<String> it = grant.iterator();
                        while (it.hasNext()) {
                            hashSet.add(new JaasGrantedAuthority(it.next(), principal));
                        }
                    }
                }
            }
            JaasAuthenticationToken jaasAuthenticationToken = new JaasAuthenticationToken(usernamePasswordAuthenticationToken.getPrincipal(), usernamePasswordAuthenticationToken.getCredentials(), new ArrayList(hashSet), b10);
            j(jaasAuthenticationToken);
            return jaasAuthenticationToken;
        } catch (LoginException e10) {
            AuthenticationException resolveException = this.f43120e.resolveException(e10);
            i(usernamePasswordAuthenticationToken, resolveException);
            throw resolveException;
        }
    }

    public abstract LoginContext b(CallbackHandler callbackHandler) throws LoginException;

    public ApplicationEventPublisher c() {
        return this.f43116a;
    }

    public b[] d() {
        return this.f43117b;
    }

    public e[] e() {
        return this.f43118c;
    }

    public String f() {
        return this.f43121f;
    }

    public i g() {
        return this.f43120e;
    }

    public void h(kp.b bVar) {
        List<SecurityContext> securityContexts = bVar.getSecurityContexts();
        if (securityContexts.isEmpty()) {
            this.f43119d.debug("The destroyed session has no SecurityContexts");
            return;
        }
        Iterator<SecurityContext> it = securityContexts.iterator();
        while (it.hasNext()) {
            Authentication authentication = it.next().getAuthentication();
            if (authentication != null && (authentication instanceof JaasAuthenticationToken)) {
                JaasAuthenticationToken jaasAuthenticationToken = (JaasAuthenticationToken) authentication;
                try {
                    LoginContext loginContext = jaasAuthenticationToken.getLoginContext();
                    boolean isDebugEnabled = this.f43119d.isDebugEnabled();
                    if (loginContext != null) {
                        if (isDebugEnabled) {
                            this.f43119d.debug("Logging principal: [" + jaasAuthenticationToken.getPrincipal() + "] out of LoginContext");
                        }
                        loginContext.logout();
                    } else if (isDebugEnabled) {
                        this.f43119d.debug("Cannot logout principal: [" + jaasAuthenticationToken.getPrincipal() + "] from LoginContext. The LoginContext is unavailable");
                    }
                } catch (LoginException e10) {
                    this.f43119d.warn("Error error logging out of LoginContext", e10);
                }
            }
        }
    }

    public void i(UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken, AuthenticationException authenticationException) {
        ApplicationEventPublisher applicationEventPublisher = this.f43116a;
        if (applicationEventPublisher != null) {
            applicationEventPublisher.publishEvent(new yo.b(usernamePasswordAuthenticationToken, authenticationException));
        }
    }

    public void j(UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) {
        ApplicationEventPublisher applicationEventPublisher = this.f43116a;
        if (applicationEventPublisher != null) {
            applicationEventPublisher.publishEvent(new yo.c(usernamePasswordAuthenticationToken));
        }
    }

    public void onApplicationEvent(kp.b bVar) {
        h(bVar);
    }

    public void setApplicationEventPublisher(ApplicationEventPublisher applicationEventPublisher) {
        this.f43116a = applicationEventPublisher;
    }

    public void setAuthorityGranters(b[] bVarArr) {
        this.f43117b = bVarArr;
    }

    public void setCallbackHandlers(e[] eVarArr) {
        this.f43118c = eVarArr;
    }

    public void setLoginContextName(String str) {
        this.f43121f = str;
    }

    public void setLoginExceptionResolver(i iVar) {
        this.f43120e = iVar;
    }

    @Override // uo.k
    public boolean supports(Class<?> cls) {
        return UsernamePasswordAuthenticationToken.class.isAssignableFrom(cls);
    }
}
