package org.jsecurity.subject;

import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.Collection;
import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.jsecurity.authc.AuthenticationException;
import org.jsecurity.authc.AuthenticationToken;
import org.jsecurity.authc.InetAuthenticationToken;
import org.jsecurity.authz.AuthorizationException;
import org.jsecurity.authz.Permission;
import org.jsecurity.authz.UnauthenticatedException;
import org.jsecurity.io.IniResource;
import org.jsecurity.mgt.SecurityManager;
import org.jsecurity.session.InvalidSessionException;
import org.jsecurity.session.ProxiedSession;
import org.jsecurity.session.Session;
import org.jsecurity.util.ThreadContext;

/* loaded from: input_file:shindig/shindig-server-1.1-BETA1-incubating.war:WEB-INF/lib/jsecurity-0.9.0.jar:org/jsecurity/subject/DelegatingSubject.class */
public class DelegatingSubject implements Subject {
    private static final Log log = LogFactory.getLog(DelegatingSubject.class);
    protected PrincipalCollection principals;
    protected boolean authenticated;
    protected InetAddress inetAddress;
    protected Session session;
    protected SecurityManager securityManager;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:shindig/shindig-server-1.1-BETA1-incubating.war:WEB-INF/lib/jsecurity-0.9.0.jar:org/jsecurity/subject/DelegatingSubject$StoppingAwareProxiedSession.class */
    public class StoppingAwareProxiedSession extends ProxiedSession {
        private final DelegatingSubject owner;

        private StoppingAwareProxiedSession(Session session, DelegatingSubject delegatingSubject) {
            super(session);
            this.owner = delegatingSubject;
        }

        @Override // org.jsecurity.session.ProxiedSession, org.jsecurity.session.Session
        public void stop() throws InvalidSessionException {
            super.stop();
            this.owner.sessionStopped();
        }
    }

    protected static InetAddress getLocalHost() {
        try {
            return InetAddress.getLocalHost();
        } catch (UnknownHostException e) {
            return null;
        }
    }

    public DelegatingSubject(SecurityManager securityManager) {
        this(null, false, getLocalHost(), null, securityManager);
    }

    public DelegatingSubject(PrincipalCollection principalCollection, boolean z, InetAddress inetAddress, Session session, SecurityManager securityManager) {
        this.principals = new SimplePrincipalCollection();
        this.authenticated = false;
        this.inetAddress = null;
        this.session = null;
        if (securityManager == null) {
            throw new IllegalArgumentException("SecurityManager argument cannot be null.");
        }
        this.securityManager = securityManager;
        this.principals = principalCollection;
        this.authenticated = z;
        if (inetAddress != null) {
            this.inetAddress = inetAddress;
        } else {
            this.inetAddress = getLocalHost();
        }
        if (session != null) {
            this.session = new StoppingAwareProxiedSession(session, this);
        }
    }

    public SecurityManager getSecurityManager() {
        return this.securityManager;
    }

    protected boolean hasPrincipals() {
        PrincipalCollection principals = getPrincipals();
        return (principals == null || principals.isEmpty()) ? false : true;
    }

    public InetAddress getInetAddress() {
        return this.inetAddress;
    }

    @Override // org.jsecurity.subject.Subject
    public Object getPrincipal() {
        PrincipalCollection principals = getPrincipals();
        if (principals == null || principals.isEmpty()) {
            return null;
        }
        return principals.asSet().iterator().next();
    }

    @Override // org.jsecurity.subject.Subject
    public PrincipalCollection getPrincipals() {
        return this.principals;
    }

    @Override // org.jsecurity.subject.Subject
    public boolean isPermitted(String str) {
        return hasPrincipals() && this.securityManager.isPermitted(getPrincipals(), str);
    }

    @Override // org.jsecurity.subject.Subject
    public boolean isPermitted(Permission permission) {
        return hasPrincipals() && this.securityManager.isPermitted(getPrincipals(), permission);
    }

    @Override // org.jsecurity.subject.Subject
    public boolean[] isPermitted(String... strArr) {
        return hasPrincipals() ? this.securityManager.isPermitted(getPrincipals(), strArr) : new boolean[strArr.length];
    }

    @Override // org.jsecurity.subject.Subject
    public boolean[] isPermitted(List<Permission> list) {
        return hasPrincipals() ? this.securityManager.isPermitted(getPrincipals(), list) : new boolean[list.size()];
    }

    @Override // org.jsecurity.subject.Subject
    public boolean isPermittedAll(String... strArr) {
        return hasPrincipals() && this.securityManager.isPermittedAll(getPrincipals(), strArr);
    }

    @Override // org.jsecurity.subject.Subject
    public boolean isPermittedAll(Collection<Permission> collection) {
        return hasPrincipals() && this.securityManager.isPermittedAll(getPrincipals(), collection);
    }

    protected void assertAuthzCheckPossible() throws AuthorizationException {
        if (!hasPrincipals()) {
            throw new UnauthenticatedException("Identity principals are not associated with this Subject instance - authorization operations require an identity to check against.  A Subject instance will acquire these identifying principals automatically after a successful login is performed be executing " + Subject.class.getName() + ".login(AuthenticationToken) or when 'Remember Me' functionality is enabled.  This exception can also occur when the current Subject has logged out, which relinquishes its identity and essentially makes it anonymous again.  Because an identity is currently not known due to any of these conditions, authorization is denied.");
        }
    }

    @Override // org.jsecurity.subject.Subject
    public void checkPermission(String str) throws AuthorizationException {
        assertAuthzCheckPossible();
        this.securityManager.checkPermission(getPrincipals(), str);
    }

    @Override // org.jsecurity.subject.Subject
    public void checkPermission(Permission permission) throws AuthorizationException {
        assertAuthzCheckPossible();
        this.securityManager.checkPermission(getPrincipals(), permission);
    }

    @Override // org.jsecurity.subject.Subject
    public void checkPermissions(String... strArr) throws AuthorizationException {
        assertAuthzCheckPossible();
        this.securityManager.checkPermissions(getPrincipals(), strArr);
    }

    @Override // org.jsecurity.subject.Subject
    public void checkPermissions(Collection<Permission> collection) throws AuthorizationException {
        assertAuthzCheckPossible();
        this.securityManager.checkPermissions(getPrincipals(), collection);
    }

    @Override // org.jsecurity.subject.Subject
    public boolean hasRole(String str) {
        return hasPrincipals() && this.securityManager.hasRole(getPrincipals(), str);
    }

    @Override // org.jsecurity.subject.Subject
    public boolean[] hasRoles(List<String> list) {
        return hasPrincipals() ? this.securityManager.hasRoles(getPrincipals(), list) : new boolean[list.size()];
    }

    @Override // org.jsecurity.subject.Subject
    public boolean hasAllRoles(Collection<String> collection) {
        return hasPrincipals() && this.securityManager.hasAllRoles(getPrincipals(), collection);
    }

    @Override // org.jsecurity.subject.Subject
    public void checkRole(String str) throws AuthorizationException {
        assertAuthzCheckPossible();
        this.securityManager.checkRole(getPrincipals(), str);
    }

    @Override // org.jsecurity.subject.Subject
    public void checkRoles(Collection<String> collection) throws AuthorizationException {
        assertAuthzCheckPossible();
        this.securityManager.checkRoles(getPrincipals(), collection);
    }

    @Override // org.jsecurity.subject.Subject
    public void login(AuthenticationToken authenticationToken) throws AuthenticationException {
        InetAddress inetAddress;
        Subject login = this.securityManager.login(authenticationToken);
        PrincipalCollection principals = login.getPrincipals();
        if (principals == null || principals.isEmpty()) {
            throw new IllegalStateException("Principals returned from securityManager.login( token ) returned a null or empty value.  This value must be non null and populated with one or more elements.  Please check the SecurityManager implementation to ensure this happens after a successful login attempt.");
        }
        this.principals = principals;
        Session session = login.getSession(false);
        if (session == null) {
            this.session = null;
        } else if (session instanceof StoppingAwareProxiedSession) {
            this.session = session;
        } else {
            this.session = new StoppingAwareProxiedSession(session, this);
        }
        this.authenticated = true;
        if ((authenticationToken instanceof InetAuthenticationToken) && (inetAddress = ((InetAuthenticationToken) authenticationToken).getInetAddress()) != null) {
            this.inetAddress = inetAddress;
        }
        ThreadContext.bind(this);
    }

    @Override // org.jsecurity.subject.Subject
    public boolean isAuthenticated() {
        return this.authenticated;
    }

    @Override // org.jsecurity.subject.Subject
    public Session getSession() {
        return getSession(true);
    }

    @Override // org.jsecurity.subject.Subject
    public Session getSession(boolean z) {
        if (log.isTraceEnabled()) {
            log.trace("attempting to get session; create = " + z + "; session is null = " + (this.session == null) + "; session has id = " + ((this.session == null || this.session.getId() == null) ? false : true));
        }
        if (this.session == null && z) {
            if (log.isTraceEnabled()) {
                log.trace("starting session for address [" + getInetAddress() + IniResource.HEADER_SUFFIX);
            }
            this.session = new StoppingAwareProxiedSession(this.securityManager.start(getInetAddress()), this);
        }
        return this.session;
    }

    @Override // org.jsecurity.subject.Subject
    public void logout() {
        try {
            this.securityManager.logout(getPrincipals());
            this.session = null;
            this.principals = null;
            this.authenticated = false;
            this.inetAddress = null;
            this.securityManager = null;
        } catch (Throwable th) {
            this.session = null;
            this.principals = null;
            this.authenticated = false;
            this.inetAddress = null;
            this.securityManager = null;
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void sessionStopped() {
        this.session = null;
    }
}
