package org.forgerock.openam.authentication.modules.common;

import com.sun.identity.authentication.spi.AuthLoginException;
import com.sun.identity.shared.debug.Debug;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.login.LoginException;
import javax.security.auth.message.AuthException;
import javax.security.auth.message.AuthStatus;
import javax.security.auth.message.MessageInfo;

/* loaded from: input_file:org/forgerock/openam/authentication/modules/common/JaspiAuthLoginModule.class */
public abstract class JaspiAuthLoginModule extends AuthLoginModule {
    private final Debug debug;
    private final String resourceBundleName;
    private final JaspiAuthModuleWrapper jaspiAuthModule;

    public JaspiAuthLoginModule(String str, JaspiAuthModuleWrapper jaspiAuthModuleWrapper) {
        this.resourceBundleName = str;
        this.jaspiAuthModule = jaspiAuthModuleWrapper;
        this.debug = Debug.getInstance(str);
    }

    @Override // org.forgerock.openam.authentication.modules.common.AuthLoginModule
    public void init(Subject subject, Map map, Map map2) {
        try {
            this.jaspiAuthModule.initialize(getCallbackHandler(), generateConfig(subject, map, map2));
        } catch (AuthException e) {
            this.debug.error("Failed to initialise the underlying JASPI Server Auth Module.", e);
        }
    }

    protected abstract Map<String, Object> generateConfig(Subject subject, Map map, Map map2);

    @Override // org.forgerock.openam.authentication.modules.common.AuthLoginModule
    public int process(Callback[] callbackArr, int i) throws LoginException {
        if (i == 1) {
            Subject subject = new Subject();
            MessageInfo prepareMessageInfo = this.jaspiAuthModule.prepareMessageInfo(getHttpServletRequest(), getHttpServletResponse());
            if (process(prepareMessageInfo, subject, callbackArr)) {
                AuthStatus validateRequest = this.jaspiAuthModule.validateRequest(prepareMessageInfo, subject);
                if (AuthStatus.SUCCESS.equals(validateRequest)) {
                    this.debug.message("Successfully validated request");
                    return -1;
                }
                if (AuthStatus.SEND_SUCCESS.equals(validateRequest)) {
                    this.debug.message("Successfully validated request");
                    return -1;
                }
                if (AuthStatus.SEND_FAILURE.equals(validateRequest)) {
                    this.debug.error("The underlying JASPI Authentication Module has failed.");
                    throw new AuthLoginException(this.resourceBundleName, "authFailed", (Object[]) null);
                }
                if (AuthStatus.SEND_CONTINUE.equals(validateRequest)) {
                    this.debug.message("JASPI Authentication Module returned SEND_CONTINUE so ignoring the module");
                    return 0;
                }
            }
        }
        throw new AuthLoginException(this.resourceBundleName, "incorrectState", (Object[]) null);
    }

    protected abstract boolean process(MessageInfo messageInfo, Subject subject, Callback[] callbackArr) throws LoginException;
}
