package net.sf.michaelo.tomcat.realm;

import java.security.Principal;
import java.util.ArrayList;
import java.util.Iterator;
import javax.naming.NamingException;
import org.apache.catalina.Group;
import org.apache.catalina.Role;
import org.apache.catalina.User;
import org.apache.catalina.UserDatabase;
import org.apache.catalina.realm.GenericPrincipal;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.Oid;

/* loaded from: input_file:net/sf/michaelo/tomcat/realm/GssAwareUserDatabaseRealm.class */
public class GssAwareUserDatabaseRealm extends GssAwareRealmBase<UserDatabase> {
    public String getInfo() {
        return "net.sf.michaelo.realm.GssAwareUserDatabaseRealm/1.0";
    }

    protected String getName() {
        return "GssAwareUserDatabaseRealm";
    }

    @Override // net.sf.michaelo.tomcat.realm.GssAwareRealmBase
    public Principal authenticate(GSSName gSSName, Oid oid, GSSCredential gSSCredential) {
        try {
            UserDatabase lookupResource = lookupResource();
            String gSSName2 = gSSName.toString();
            User findUser = lookupResource.findUser(gSSName2);
            if (findUser == null) {
                return null;
            }
            ArrayList arrayList = new ArrayList();
            Iterator roles = findUser.getRoles();
            while (roles.hasNext()) {
                arrayList.add(((Role) roles.next()).getName());
            }
            Iterator groups = findUser.getGroups();
            while (groups.hasNext()) {
                Iterator roles2 = ((Group) groups.next()).getRoles();
                while (roles2.hasNext()) {
                    arrayList.add(((Role) roles2.next()).getName());
                }
            }
            return new GenericPrincipal(this, gSSName2, (String) null, arrayList, findUser);
        } catch (NamingException e) {
            this.logger.error(this.sm.getString("userDatabaseRealm.lookupFailed", this.resourceName), e);
            return null;
        }
    }

    public boolean hasRole(Principal principal, String str) {
        if (principal instanceof GenericPrincipal) {
            GenericPrincipal genericPrincipal = (GenericPrincipal) principal;
            if (genericPrincipal.getUserPrincipal() instanceof User) {
                principal = genericPrincipal.getUserPrincipal();
            }
        }
        if (!(principal instanceof User)) {
            return super.hasRole(principal, str);
        }
        if ("*".equals(str)) {
            return true;
        }
        if (str == null) {
            return false;
        }
        User user = (User) principal;
        try {
            Role findRole = lookupResource().findRole(str);
            if (findRole == null) {
                return false;
            }
            if (user.isInRole(findRole)) {
                return true;
            }
            Iterator groups = user.getGroups();
            while (groups.hasNext()) {
                if (((Group) groups.next()).isInRole(findRole)) {
                    return true;
                }
            }
            return false;
        } catch (NamingException e) {
            this.logger.error(this.sm.getString("userDatabaseRealm.lookupFailed", this.resourceName), e);
            return false;
        }
    }
}
