package org.openthinclient.console.util;

import com.jgoodies.forms.builder.DefaultFormBuilder;
import com.jgoodies.forms.layout.FormLayout;
import java.awt.Component;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.Serializable;
import java.security.Key;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.prefs.BackingStoreException;
import java.util.prefs.Preferences;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SealedObject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.swing.JCheckBox;
import javax.swing.JLabel;
import javax.swing.JPanel;
import javax.swing.JPasswordField;
import javax.swing.JTextField;
import org.apache.log4j.Logger;
import org.openide.DialogDescriptor;
import org.openide.DialogDisplayer;
import org.openide.ErrorManager;
import org.openthinclient.console.ConsoleFrame;
import org.openthinclient.console.Messages;
import org.openthinclient.ldap.auth.CachingCallbackHandler;

/* loaded from: input_file:public/console/manager-console-desktop-application-2.0.0-beta-01.jar:org/openthinclient/console/util/UsernamePasswordCallbackHandler.class */
public class UsernamePasswordCallbackHandler implements CachingCallbackHandler {
    private static final Preferences prefs = ConsoleFrame.PREFERENCES_ROOT.node("credentials");
    private static final Logger logger = Logger.getLogger(UsernamePasswordCallbackHandler.class);
    private String protectionDomain;
    private Key key;
    private String username;
    private SealedObject password;
    private boolean savePassword;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:public/console/manager-console-desktop-application-2.0.0-beta-01.jar:org/openthinclient/console/util/UsernamePasswordCallbackHandler$PasswordEntryPanel.class */
    public class PasswordEntryPanel extends JPanel {
        private static final long serialVersionUID = 1;
        private final JPasswordField passwordField;
        private final JCheckBox savePasswordBox;
        private final JTextField userField;

        PasswordEntryPanel(boolean z) throws IOException {
            DefaultFormBuilder defaultFormBuilder = new DefaultFormBuilder(new FormLayout("p, 3dlu, f:p:g"), Messages.getBundle(), this);
            defaultFormBuilder.setDefaultDialogBorder();
            defaultFormBuilder.append((Component) new JLabel(Messages.getString("UsernamePassword.subtitle")), 3);
            defaultFormBuilder.nextLine();
            defaultFormBuilder.append("", (Component) new JLabel(UsernamePasswordCallbackHandler.this.protectionDomain));
            defaultFormBuilder.nextLine();
            defaultFormBuilder.appendUnrelatedComponentsGapRow();
            defaultFormBuilder.nextLine();
            this.userField = new JTextField(UsernamePasswordCallbackHandler.this.username);
            this.userField.setEnabled(true);
            defaultFormBuilder.appendI15d("UsernamePassword.username", this.userField);
            defaultFormBuilder.nextLine();
            this.passwordField = new JPasswordField();
            defaultFormBuilder.appendI15d("UsernamePassword.password", this.passwordField);
            defaultFormBuilder.nextLine();
            this.savePasswordBox = new JCheckBox(Messages.getString("UsernamePassword.savePassword"));
            defaultFormBuilder.append((Component) this.savePasswordBox, 3);
        }

        char[] getPassword() {
            return this.passwordField.getPassword();
        }

        boolean getSavePassword() {
            return this.savePasswordBox.isSelected();
        }

        String getUsername() {
            return this.userField.getText();
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    public UsernamePasswordCallbackHandler(String str, String str2, char[] cArr, boolean z) {
        this.protectionDomain = str;
        this.savePassword = z;
        try {
            this.key = KeyGenerator.getInstance("DES").generateKey();
            this.username = str2;
            this.password = scramble(cArr);
            saveCredentials(z);
        } catch (IOException e) {
            throw new RuntimeException("Can't scramble credentials", e);
        } catch (NoSuchAlgorithmException e2) {
            throw new RuntimeException("Crypto prerequisites not met", e2);
        }
    }

    public UsernamePasswordCallbackHandler(String str) {
        this.protectionDomain = str;
        try {
            this.key = KeyGenerator.getInstance("DES").generateKey();
            this.username = null;
            this.password = null;
            String storeName = getStoreName();
            if (prefs.nodeExists(storeName)) {
                Preferences node = prefs.node(storeName);
                this.username = node.get("username", "");
                byte[] byteArray = node.getByteArray("password", null);
                if (byteArray != null) {
                    try {
                        ObjectInputStream objectInputStream = new ObjectInputStream(new ByteArrayInputStream(byteArray));
                        this.password = (SealedObject) objectInputStream.readObject();
                        this.key = (Key) objectInputStream.readObject();
                    } catch (Exception e) {
                        logger.error("Can't load saved credentials - will query user");
                    }
                }
            }
        } catch (NoSuchAlgorithmException e2) {
            throw new RuntimeException("Crypto prerequisites not met", e2);
        } catch (BackingStoreException e3) {
            throw new RuntimeException("Can't access credentials", e3);
        }
    }

    private void saveCredentials(boolean z) throws IOException {
        Preferences node = prefs.node(getStoreName());
        node.put("username", this.username);
        if (z) {
            try {
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                ObjectOutputStream objectOutputStream = new ObjectOutputStream(byteArrayOutputStream);
                objectOutputStream.writeObject(this.password);
                objectOutputStream.writeObject(this.key);
                objectOutputStream.flush();
                node.putByteArray("password", byteArrayOutputStream.toByteArray());
            } catch (IOException e) {
                ErrorManager.getDefault().notify(e);
            }
        }
    }

    private String getStoreName() {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("MD5");
            messageDigest.update(this.protectionDomain.getBytes());
            byte[] digest = messageDigest.digest();
            StringBuffer stringBuffer = new StringBuffer(digest.length * 2);
            for (byte b : digest) {
                String hexString = Integer.toHexString(b & 255);
                if (hexString.length() < 2) {
                    stringBuffer.append('0');
                }
                stringBuffer.append(hexString);
            }
            return stringBuffer.toString();
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException("Can't save credentials: digest method MD5 unavailable.");
        }
    }

    @Override // javax.security.auth.callback.CallbackHandler
    public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
        for (Callback callback : callbackArr) {
            if (callback instanceof NameCallback) {
                if (null == this.username) {
                    queryForPassword();
                }
                ((NameCallback) callback).setName(this.username);
            } else if (callback instanceof PasswordCallback) {
                if (null == this.password) {
                    queryForPassword();
                }
                ((PasswordCallback) callback).setPassword((char[]) unscramble(this.password));
            }
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r2v3, types: [char[], java.io.Serializable] */
    private void queryForPassword() throws IOException {
        PasswordEntryPanel passwordEntryPanel = new PasswordEntryPanel(false);
        DialogDescriptor dialogDescriptor = new DialogDescriptor(passwordEntryPanel, Messages.getString("UsernamePassword.titleEnterPassword"), true, null);
        DialogDisplayer.getDefault().createDialog(dialogDescriptor).setVisible(true);
        if (dialogDescriptor.getValue() == DialogDescriptor.CANCEL_OPTION) {
            throw new IOException("User cancelled password entry");
        }
        this.username = passwordEntryPanel.getUsername();
        this.password = scramble(passwordEntryPanel.getPassword());
        saveCredentials(passwordEntryPanel.getSavePassword());
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r2v3, types: [char[], java.io.Serializable] */
    @Override // org.openthinclient.ldap.auth.CachingCallbackHandler
    public void purgeCache() throws IOException {
        PasswordEntryPanel passwordEntryPanel = new PasswordEntryPanel(true);
        DialogDescriptor dialogDescriptor = new DialogDescriptor(passwordEntryPanel, Messages.getString("UsernamePassword.titleLoginFailed"), true, null);
        DialogDisplayer.getDefault().createDialog(dialogDescriptor).setVisible(true);
        if (dialogDescriptor.getValue() == DialogDescriptor.CANCEL_OPTION) {
            throw new IOException("User cancelled password entry");
        }
        this.username = passwordEntryPanel.getUsername();
        this.password = scramble(passwordEntryPanel.getPassword());
        saveCredentials(passwordEntryPanel.getSavePassword());
    }

    private SealedObject scramble(Serializable serializable) throws IOException {
        try {
            Cipher cipher = Cipher.getInstance("DES/CBC/PKCS5Padding");
            cipher.init(1, this.key);
            return new SealedObject(serializable, cipher);
        } catch (IOException e) {
            throw e;
        } catch (Exception e2) {
            throw new IOException("Can't scramble: " + e2);
        }
    }

    private Object unscramble(SealedObject sealedObject) throws IOException {
        try {
            return sealedObject.getObject(this.key);
        } catch (IOException e) {
            throw e;
        } catch (Exception e2) {
            throw new IOException("Can't unscramble: " + e2);
        }
    }

    public String getProtectionDomain() {
        return this.protectionDomain;
    }

    public void setProtectionDomain(String str) throws IOException {
        try {
            deleteCredentials();
            this.protectionDomain = str;
            saveCredentials(this.savePassword);
        } catch (BackingStoreException e) {
            throw new RuntimeException("Can't access credentials", e);
        }
    }

    public void deleteCredentials() throws BackingStoreException {
        prefs.node(getStoreName()).removeNode();
    }
}
