package com.sun.enterprise.security.ee.authentication.glassfish.pam;

import com.sun.enterprise.security.auth.realm.AbstractGlassFishRealmState;
import com.sun.enterprise.security.auth.realm.Realm;
import com.sun.enterprise.security.auth.realm.exceptions.BadRealmException;
import com.sun.enterprise.security.auth.realm.exceptions.NoSuchRealmException;
import com.sun.enterprise.security.auth.realm.exceptions.NoSuchUserException;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Properties;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.jvnet.hk2.annotations.Service;
import org.jvnet.libpam.PAM;
import org.jvnet.libpam.PAMException;
import org.jvnet.libpam.UnixUser;

@Service
/* loaded from: input_file:com/sun/enterprise/security/ee/authentication/glassfish/pam/PamRealm.class */
public final class PamRealm extends Realm {
    public static final String AUTH_TYPE = "pam";
    private static final String PAM_SERVICE = "sshd";

    @Override // com.sun.enterprise.security.auth.realm.AbstractGlassFishRealmState
    public synchronized void init(Properties properties) throws BadRealmException, NoSuchRealmException {
        super.init(properties);
        String property = properties.getProperty(AbstractGlassFishRealmState.JAAS_CONTEXT_PARAM);
        if (property == null) {
            throw new BadRealmException("No jaas-context defined");
        }
        setProperty(AbstractGlassFishRealmState.JAAS_CONTEXT_PARAM, property);
    }

    @Override // com.sun.enterprise.security.auth.realm.AbstractGlassFishRealmState
    public String getAuthType() {
        return AUTH_TYPE;
    }

    public String[] authenticate(String str, String str2) {
        UnixUser unixUser = null;
        try {
            unixUser = new PAM(getPamService()).authenticate(str, str2);
        } catch (PAMException e) {
            _logger.log(Level.SEVERE, "pam_exception_authenticate", (Throwable) e);
        }
        if (unixUser == null) {
            return null;
        }
        _logger.log(Level.FINE, () -> {
            return "PAM login succeeded for: " + str;
        });
        Set<String> groups = unixUser.getGroups();
        return groups != null ? (String[]) groups.toArray(i -> {
            return new String[i];
        }) : new String[0];
    }

    @Override // com.sun.enterprise.security.auth.realm.GlassFishUserStore
    public Enumeration<String> getGroupNames(String str) throws NoSuchUserException {
        try {
            return Collections.enumeration(new UnixUser(str).getGroups());
        } catch (PAMException e) {
            Logger.getLogger(PamRealm.class.getName()).log(Level.SEVERE, "pam_exception_getgroupsofuser", (Throwable) e);
            return null;
        }
    }

    public String getPamService() {
        return PAM_SERVICE;
    }
}
