package com.huawei.bigdata.om.common.utils;

import java.util.HashMap;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.Configuration;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/huawei/bigdata/om/common/utils/KerberosLoginModule.class */
public class KerberosLoginModule {
    private static final Logger LOG = Logger.getLogger(KerberosLoginModule.class);
    private static final Map<String, String> BASIC_JAAS_OPTIONS = new HashMap();

    /* loaded from: input_file:com/huawei/bigdata/om/common/utils/KerberosLoginModule$LoginConfigurationKeytab.class */
    public static class LoginConfigurationKeytab extends Configuration {
        private static final Map<String, String> KEYTAB_KERBEROS_OPTIONS = new HashMap();
        private static final AppConfigurationEntry KEYTAB_KERBEROS_LOGIN = new AppConfigurationEntry(Constants.KERBEROS_LOGIN_MODULE_NAME, AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, KEYTAB_KERBEROS_OPTIONS);
        private static final AppConfigurationEntry[] KEYTAB_KERBEROS_CONF = {KEYTAB_KERBEROS_LOGIN};
        private String user;
        private String keytab;

        public LoginConfigurationKeytab(String str, String str2) {
            this.user = null;
            this.keytab = null;
            this.user = str;
            this.keytab = str2;
        }

        public AppConfigurationEntry[] getAppConfigurationEntry(String str) {
            if (!Constants.KEYTAB_KERBEROS_CONFIG_NAME.equals(str)) {
                return new AppConfigurationEntry[0];
            }
            KEYTAB_KERBEROS_OPTIONS.put("keyTab", this.keytab);
            KEYTAB_KERBEROS_OPTIONS.put("principal", this.user);
            return KEYTAB_KERBEROS_CONF;
        }

        static {
            KEYTAB_KERBEROS_OPTIONS.put("doNotPrompt", "true");
            KEYTAB_KERBEROS_OPTIONS.put("useKeyTab", "true");
            KEYTAB_KERBEROS_OPTIONS.put("storeKey", "true");
            KEYTAB_KERBEROS_OPTIONS.put("refreshKrb5Config", "true");
            KEYTAB_KERBEROS_OPTIONS.putAll(KerberosLoginModule.BASIC_JAAS_OPTIONS);
        }
    }

    /* loaded from: input_file:com/huawei/bigdata/om/common/utils/KerberosLoginModule$LoginConfigurationPwd.class */
    public static class LoginConfigurationPwd extends Configuration {
        private static final Map<String, String> PWD_KERBEROS_OPTIONS = new HashMap();
        private static final AppConfigurationEntry PWD_KERBEROS_LOGIN;
        private static final AppConfigurationEntry[] SIMPLE_CONF;

        public AppConfigurationEntry[] getAppConfigurationEntry(String str) {
            return Constants.PWD_CONFIG_NAME.equals(str) ? SIMPLE_CONF : new AppConfigurationEntry[0];
        }

        static {
            PWD_KERBEROS_OPTIONS.put("useKeyTab", "true");
            PWD_KERBEROS_OPTIONS.put("storeKey", "true");
            PWD_KERBEROS_OPTIONS.put("refreshKrb5Config", "true");
            PWD_KERBEROS_OPTIONS.putAll(KerberosLoginModule.BASIC_JAAS_OPTIONS);
            PWD_KERBEROS_OPTIONS.put("useTicketCache", "false");
            PWD_KERBEROS_LOGIN = new AppConfigurationEntry(Constants.KERBEROS_LOGIN_MODULE_NAME, AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, PWD_KERBEROS_OPTIONS);
            SIMPLE_CONF = new AppConfigurationEntry[]{PWD_KERBEROS_LOGIN};
        }
    }

    public static void logoutKDC(LoginContext loginContext) throws LoginException {
        if (loginContext == null) {
            return;
        }
        loginContext.logout();
    }

    public static CallbackHandler getUsernamePasswordHandler(final String str, final String str2) {
        return new CallbackHandler() { // from class: com.huawei.bigdata.om.common.utils.KerberosLoginModule.1
            @Override // javax.security.auth.callback.CallbackHandler
            public void handle(Callback[] callbackArr) {
                for (int i = 0; i < callbackArr.length; i++) {
                    if (callbackArr[i] instanceof NameCallback) {
                        ((NameCallback) callbackArr[i]).setName(str);
                    } else if (callbackArr[i] instanceof PasswordCallback) {
                        ((PasswordCallback) callbackArr[i]).setPassword(str2.toCharArray());
                    } else {
                        KerberosLoginModule.LOG.error("Unsupported Callback: " + callbackArr[i].getClass().getName());
                    }
                }
            }
        };
    }

    public void doAuthenticationUsePwd(String str, String str2) throws LoginException {
        if (null == str || null == str2) {
            throw new LoginException("user or passwd is null");
        }
        LoginContext loginContext = new LoginContext(Constants.PWD_CONFIG_NAME, new Subject(), getUsernamePasswordHandler(str, str2), new LoginConfigurationPwd());
        LOG.info("user accout login with password. user :" + StringHelper.replaceBlank(str));
        loginContext.login();
        LOG.info("login success.");
        loginContext.logout();
    }

    public void doAuthenticationUseKeytab(String str, String str2) throws LoginException {
        Subject subject = new Subject();
        if (null == str || null == str2) {
            throw new LoginException("user or keytab is null");
        }
        LoginContext loginContext = new LoginContext(Constants.KEYTAB_KERBEROS_CONFIG_NAME, subject, (CallbackHandler) null, new LoginConfigurationKeytab(str, str2));
        LOG.info("user accout login with keytab. user :" + StringHelper.replaceBlank(str));
        loginContext.login();
        LOG.info("login success.");
        loginContext.logout();
    }

    static {
        String str = System.getenv("HADOOP_JAAS_DEBUG");
        if (str == null || !"true".equalsIgnoreCase(str)) {
            return;
        }
        BASIC_JAAS_OPTIONS.put("debug", "true");
    }
}
