package org.wso2.wsas.security;

import java.io.File;
import java.util.Collections;
import javax.management.remote.JMXAuthenticator;
import javax.management.remote.JMXPrincipal;
import javax.security.auth.Subject;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.utils.ServerConfiguration;
import org.wso2.utils.security.CryptoException;
import org.wso2.utils.security.CryptoUtil;
import org.wso2.wsas.persistence.PersistenceManager;
import org.wso2.wsas.persistence.dataobject.ServiceUserDO;

/* loaded from: input_file:org/wso2/wsas/security/WSASJMXAuthenticator.class */
public class WSASJMXAuthenticator implements JMXAuthenticator {
    private static Log log;
    static Class class$org$wso2$wsas$security$WSASJMXAuthenticator;

    public Subject authenticate(Object obj) {
        if (!(obj instanceof String[])) {
            if (obj == null) {
                throw new SecurityException("Credentials required");
            }
            throw new SecurityException("Credentials should be String[]");
        }
        String[] strArr = (String[]) obj;
        if (strArr.length < 2) {
            throw new SecurityException("Credentials should have at least username & password");
        }
        String str = strArr[0];
        String str2 = strArr[1];
        boolean z = false;
        ServiceUserDO user = new PersistenceManager().getUser(str);
        if (user != null) {
            ServerConfiguration serverConfiguration = ServerConfiguration.getInstance();
            try {
                if (new String(new CryptoUtil(new File(serverConfiguration.getFirstProperty("Security.KeyStore.Location")).getAbsolutePath(), serverConfiguration.getFirstProperty("Security.KeyStore.Password"), serverConfiguration.getFirstProperty("Security.KeyStore.KeyAlias"), serverConfiguration.getFirstProperty("Security.KeyStore.KeyPassword"), serverConfiguration.getFirstProperty("Security.KeyStore.Type")).base64DecodeAndDecrypt(user.getPassword())).equals(str2)) {
                    z = true;
                }
            } catch (CryptoException e) {
                log.error("Could not decrypt password", e);
                throw new SecurityException("Could not decrypt password", e);
            }
        }
        if (z) {
            return new Subject(true, Collections.singleton(new JMXPrincipal(str)), Collections.EMPTY_SET, Collections.EMPTY_SET);
        }
        throw new SecurityException("Username and/or password are incorrect, or you do not have the necessary access rights.");
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$wso2$wsas$security$WSASJMXAuthenticator == null) {
            cls = class$("org.wso2.wsas.security.WSASJMXAuthenticator");
            class$org$wso2$wsas$security$WSASJMXAuthenticator = cls;
        } else {
            cls = class$org$wso2$wsas$security$WSASJMXAuthenticator;
        }
        log = LogFactory.getLog(cls);
    }
}
