package com.hazelcast.webmonitor.security.spi.impl.jaas;

import com.hazelcast.webmonitor.model.SecurityConfigConstants;
import com.hazelcast.webmonitor.security.spi.SecurityConfigApiException;
import com.hazelcast.webmonitor.security.spi.SecurityConfigParameter;
import com.hazelcast.webmonitor.security.spi.SecurityProvider;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import javax.security.auth.login.AppConfigurationEntry;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.jaas.AuthorityGranter;
import org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider;
import org.springframework.security.authentication.jaas.memory.InMemoryConfiguration;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/classes/com/hazelcast/webmonitor/security/spi/impl/jaas/JaasSecurityProvider.class
 */
/* loaded from: input_file:com/hazelcast/webmonitor/security/spi/impl/jaas/JaasSecurityProvider.class */
public class JaasSecurityProvider implements SecurityProvider {
    public static final String JAAS_SECURITY_PROVIDER_NAME = "JAAS";
    private final PersistentJaasConfig persistentJaasConfig;

    public JaasSecurityProvider(PersistentJaasConfig persistentJaasConfig) {
        this.persistentJaasConfig = persistentJaasConfig;
    }

    @Override // com.hazelcast.webmonitor.security.spi.SecurityProvider
    public String getName() {
        return JAAS_SECURITY_PROVIDER_NAME;
    }

    @Override // com.hazelcast.webmonitor.security.spi.SecurityProvider
    public List<SecurityConfigParameter> getConfigParameters() {
        return Arrays.asList(SecurityConfigParameter.stringParam(JaasConfig.LOGIN_MODULE_CLASS_PROPERTY_NAME, "Login Module Class", "com.yourcompany.MyLoginModule"), SecurityConfigParameter.stringParam("adminGroup", "Admin Group", SecurityConfigConstants.DEFAULT_ADMIN_GROUP), SecurityConfigParameter.stringParam("userGroup", "User Group", SecurityConfigConstants.DEFAULT_USER_GROUP), SecurityConfigParameter.stringParam("readonlyUserGroup", "Read-only User Group", SecurityConfigConstants.DEFAULT_READONLY_USER_GROUP), SecurityConfigParameter.stringParam("metricsOnlyGroup", "Metrics-only Group", SecurityConfigConstants.DEFAULT_METRICS_ONLY_GROUP));
    }

    @Override // com.hazelcast.webmonitor.security.spi.SecurityProvider
    public void saveConfig(Map<String, String> map) {
        String str = map.get(JaasConfig.LOGIN_MODULE_CLASS_PROPERTY_NAME);
        String str2 = map.get("adminGroup");
        JaasConfig build = JaasConfig.builder().loginModuleClass(str).adminGroup(str2).readonlyUserGroup(map.get("readonlyUserGroup")).userGroup(map.get("userGroup")).metricsOnlyGroup(map.get("metricsOnlyGroup")).build();
        try {
            Thread.currentThread().getContextClassLoader().loadClass(str);
            this.persistentJaasConfig.write(build);
        } catch (Exception e) {
            throw new SecurityConfigApiException("Failed to load LoginModule class named [" + str + "]. Please check your classpath contains your JAAS provider JAR.", e);
        }
    }

    @Override // com.hazelcast.webmonitor.security.spi.SecurityProvider
    public AuthenticationProvider getAuthenticationProvider() {
        JaasConfig jaasConfig = this.persistentJaasConfig.get();
        DefaultJaasAuthenticationProvider defaultJaasAuthenticationProvider = new DefaultJaasAuthenticationProvider();
        defaultJaasAuthenticationProvider.setConfiguration(new InMemoryConfiguration((Map<String, AppConfigurationEntry[]>) Collections.singletonMap("SPRINGSECURITY", new AppConfigurationEntry[]{new AppConfigurationEntry(jaasConfig.getLoginModuleClass(), AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, Collections.emptyMap())})));
        defaultJaasAuthenticationProvider.setAuthorityGranters(new AuthorityGranter[]{new JaasAuthorityGranter(jaasConfig)});
        try {
            defaultJaasAuthenticationProvider.afterPropertiesSet();
            return defaultJaasAuthenticationProvider;
        } catch (Exception e) {
            throw new SecurityConfigApiException("JAAS configuration failed: " + e.getMessage(), e);
        }
    }
}
