package waffle.shiro.negotiate;

import javax.security.auth.Subject;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.realm.AuthenticatingRealm;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import waffle.servlet.WindowsPrincipal;
import waffle.windows.auth.IWindowsAuthProvider;
import waffle.windows.auth.IWindowsIdentity;
import waffle.windows.auth.IWindowsSecurityContext;
import waffle.windows.auth.impl.WindowsAuthProviderImpl;

/* loaded from: input_file:waffle/shiro/negotiate/NegotiateAuthenticationRealm.class */
public class NegotiateAuthenticationRealm extends AuthenticatingRealm {
    private static final Logger LOGGER = LoggerFactory.getLogger(NegotiateAuthenticationRealm.class);
    private final IWindowsAuthProvider windowsAuthProvider = new WindowsAuthProviderImpl();

    public boolean supports(AuthenticationToken authenticationToken) {
        return authenticationToken instanceof NegotiateToken;
    }

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) {
        NegotiateToken negotiateToken = (NegotiateToken) authenticationToken;
        byte[] in = negotiateToken.getIn();
        if (negotiateToken.isNtlmPost()) {
            this.windowsAuthProvider.resetSecurityToken(negotiateToken.getConnectionId());
        }
        try {
            IWindowsSecurityContext acceptSecurityToken = this.windowsAuthProvider.acceptSecurityToken(negotiateToken.getConnectionId(), in, negotiateToken.getSecurityPackage());
            byte[] token = acceptSecurityToken.getToken();
            negotiateToken.setOut(token);
            if (token != null) {
                LOGGER.debug("continue token bytes: {}", Integer.valueOf(token.length));
            } else {
                LOGGER.debug("no continue token bytes");
            }
            if (acceptSecurityToken.isContinue() || negotiateToken.isNtlmPost()) {
                throw new AuthenticationInProgressException();
            }
            IWindowsIdentity identity = acceptSecurityToken.getIdentity();
            acceptSecurityToken.dispose();
            LOGGER.debug("logged in user: {} ({})", identity.getFqn(), identity.getSidString());
            WindowsPrincipal windowsPrincipal = new WindowsPrincipal(identity);
            negotiateToken.setPrincipal(windowsPrincipal);
            Subject subject = new Subject();
            subject.getPrincipals().add(windowsPrincipal);
            negotiateToken.setSubject(subject);
            return negotiateToken.createInfo();
        } catch (Exception e) {
            LOGGER.warn("error logging in user");
            throw new AuthenticationException(e);
        }
    }
}
