package cern.rbac.util.authentication;

import cern.rbac.client.authentication.AuthenticationException;
import cern.rbac.client.authentication.LoginDialog;
import cern.rbac.common.RbaToken;
import cern.rbac.common.authentication.LoginPolicy;
import cern.rbac.util.RbaUtils;
import cern.rbac.util.holder.ClientTierTokenHolder;
import cern.rbac.util.lookup.RbaTokenLookup;
import javax.security.auth.login.LoginException;

/* loaded from: input_file:BOOT-INF/lib/rbac-util-4.3.2.jar:cern/rbac/util/authentication/RbaAuthenticator.class */
public class RbaAuthenticator {
    private RbaAuthenticator() {
    }

    public static void login(LoginPolicy loginPolicy) throws AuthenticationException {
        LoginDialog loginDialog = new LoginDialog(null, "RbaAuthenticator");
        try {
            loginDialog.login(loginPolicy);
            ClientTierTokenHolder.setRbaToken(loginDialog.getRbaSubject().getAppToken());
        } catch (LoginException e) {
            throw new AuthenticationException(e);
        }
    }

    public static RbaToken loginExplicitIfPersonalTokenNotPresent() throws AuthenticationException {
        LoginDialog loginDialog = new LoginDialog(null, "Please authentication with your PERSONAL account");
        try {
            loginDialog.login(LoginPolicy.EXPLICIT);
            RbaToken findRbaToken = RbaTokenLookup.findRbaToken();
            if (findRbaToken == null || findRbaToken.isEmpty() || !findRbaToken.isValid() || !RbaUtils.isPersonalToken(findRbaToken)) {
                findRbaToken = loginDialog.getRbaSubject().getAppToken();
            }
            if (RbaUtils.isPersonalToken(findRbaToken)) {
                return findRbaToken;
            }
            String name = findRbaToken.getUser().getName();
            String upperCase = findRbaToken.getUser().getAccountType().toString().toUpperCase();
            try {
                loginDialog.logout();
                throw new AuthenticationException("'" + name + "' is not a PERSONAL account. It is of type " + upperCase);
            } catch (LoginException e) {
                throw new AuthenticationException(e);
            }
        } catch (LoginException e2) {
            throw new AuthenticationException(e2);
        }
    }
}
