package org.apache.geronimo.security.realm.providers;

import java.io.Serializable;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;

/* loaded from: input_file:zips/geronimo-jetty-j2ee-1.0-SNAPSHOT.zip:geronimo-1.0-SNAPSHOT/repository/geronimo/jars/geronimo-security-1.0-SNAPSHOT.jar:org/apache/geronimo/security/realm/providers/RepeatedFailureLockoutLoginModule.class */
public class RepeatedFailureLockoutLoginModule implements LoginModule {
    public static final String FAILURE_COUNT_OPTION = "failureCount";
    public static final String FAILURE_PERIOD_OPTION = "failurePeriodSecs";
    public static final String LOCKOUT_DURATION_OPTION = "lockoutDurationSecs";
    private static final HashMap userData = new HashMap();
    private CallbackHandler handler;
    private String username;
    private int failureCount = 5;
    private int failurePeriod = 300000;
    private int lockoutDuration = 1800000;

    /* loaded from: input_file:zips/geronimo-jetty-j2ee-1.0-SNAPSHOT.zip:geronimo-1.0-SNAPSHOT/repository/geronimo/jars/geronimo-security-1.0-SNAPSHOT.jar:org/apache/geronimo/security/realm/providers/RepeatedFailureLockoutLoginModule$LoginHistory.class */
    private static class LoginHistory implements Serializable {
        private String user;
        private LinkedList data = new LinkedList();
        private long lockExpires = -1;

        public LoginHistory(String str) {
            this.user = str;
        }

        public String getUser() {
            return this.user;
        }

        public synchronized boolean isLoginAllowed(int i, int i2, int i3) {
            long currentTimeMillis = System.currentTimeMillis();
            cleanup(currentTimeMillis - i2);
            if (this.lockExpires > currentTimeMillis) {
                return false;
            }
            if (this.data.size() < i3) {
                return true;
            }
            this.lockExpires = ((Long) this.data.getLast()).longValue() + i;
            return this.lockExpires <= currentTimeMillis;
        }

        public synchronized void addFailure() {
            this.data.add(new Long(System.currentTimeMillis()));
        }

        public synchronized void cleanup(long j) {
            Iterator it = this.data.iterator();
            while (it.hasNext() && ((Long) it.next()).longValue() < j) {
                it.remove();
            }
        }
    }

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        String str = (String) map2.get(FAILURE_COUNT_OPTION);
        if (str != null) {
            String trim = str.trim();
            if (!trim.equals("")) {
                this.failureCount = Integer.parseInt(trim);
            }
        }
        String str2 = (String) map2.get(FAILURE_PERIOD_OPTION);
        if (str2 != null) {
            String trim2 = str2.trim();
            if (!trim2.equals("")) {
                this.failurePeriod = Integer.parseInt(trim2) * 1000;
            }
        }
        String str3 = (String) map2.get(LOCKOUT_DURATION_OPTION);
        if (str3 != null) {
            String trim3 = str3.trim();
            if (!trim3.equals("")) {
                this.lockoutDuration = Integer.parseInt(trim3) * 1000;
            }
        }
        this.handler = callbackHandler;
    }

    public boolean login() throws LoginException {
        LoginHistory loginHistory;
        NameCallback[] nameCallbackArr = {new NameCallback("User name:")};
        try {
            this.handler.handle(nameCallbackArr);
            if (nameCallbackArr.length != 1) {
                throw new IllegalStateException("Number of callbacks changed by server!");
            }
            this.username = nameCallbackArr[0].getName();
            if (this.username == null) {
                return false;
            }
            synchronized (userData) {
                loginHistory = (LoginHistory) userData.get(this.username);
            }
            if (loginHistory == null || loginHistory.isLoginAllowed(this.lockoutDuration, this.failurePeriod, this.failureCount)) {
                return true;
            }
            this.username = null;
            throw new FailedLoginException("Maximum login failures exceeded; try again later");
        } catch (Exception e) {
            throw new LoginException(new StringBuffer().append("Unable to process callback: ").append(e).toString());
        }
    }

    public boolean commit() throws LoginException {
        return this.username != null;
    }

    public boolean abort() throws LoginException {
        LoginHistory loginHistory;
        if (this.username == null) {
            return false;
        }
        synchronized (userData) {
            loginHistory = (LoginHistory) userData.get(this.username);
            if (loginHistory == null) {
                loginHistory = new LoginHistory(this.username);
                userData.put(this.username, loginHistory);
            }
        }
        loginHistory.addFailure();
        this.username = null;
        return true;
    }

    public boolean logout() throws LoginException {
        this.username = null;
        this.handler = null;
        return true;
    }
}
