package org.openejb.corba.security.config.tss;

import javax.security.auth.Subject;
import javax.security.auth.x500.X500Principal;
import org.apache.geronimo.security.DomainPrincipal;
import org.apache.geronimo.security.PrimaryDomainPrincipal;
import org.apache.geronimo.security.PrimaryRealmPrincipal;
import org.apache.geronimo.security.RealmPrincipal;
import org.omg.CSI.IdentityToken;
import org.omg.CSI.X501DistinguishedNameHelper;
import org.omg.IOP.CodecPackage.FormatMismatch;
import org.omg.IOP.CodecPackage.TypeMismatch;
import org.openejb.corba.security.SASException;
import org.openejb.corba.util.Util;

/* loaded from: input_file:zips/geronimo-jetty-j2ee-1.0.zip:geronimo-1.0/repository/openejb/jars/openejb-core-2.0.jar:org/openejb/corba/security/config/tss/TSSITTDistinguishedName.class */
public class TSSITTDistinguishedName extends TSSSASIdentityToken {
    public static final String OID = "";
    private final String realmName;
    private final String domainName;

    public TSSITTDistinguishedName(String str, String str2) {
        this.realmName = str;
        this.domainName = str2;
    }

    @Override // org.openejb.corba.security.config.tss.TSSSASIdentityToken
    public short getType() {
        return (short) 8;
    }

    @Override // org.openejb.corba.security.config.tss.TSSSASIdentityToken
    public String getOID() {
        return "";
    }

    @Override // org.openejb.corba.security.config.tss.TSSSASIdentityToken
    public Subject check(IdentityToken identityToken) throws SASException {
        try {
            byte[] extract = X501DistinguishedNameHelper.extract(Util.getCodec().decode_value(identityToken.dn(), X501DistinguishedNameHelper.type()));
            Subject subject = new Subject();
            X500Principal x500Principal = new X500Principal(extract);
            subject.getPrincipals().add(x500Principal);
            if (this.realmName != null && this.domainName != null) {
                subject.getPrincipals().add(new RealmPrincipal(this.realmName, this.domainName, x500Principal));
                subject.getPrincipals().add(new PrimaryRealmPrincipal(this.realmName, this.domainName, x500Principal));
            }
            if (this.domainName != null) {
                subject.getPrincipals().add(new DomainPrincipal(this.domainName, x500Principal));
                subject.getPrincipals().add(new PrimaryDomainPrincipal(this.domainName, x500Principal));
            }
            return subject;
        } catch (FormatMismatch e) {
            throw new SASException(1, e);
        } catch (TypeMismatch e2) {
            throw new SASException(1, e2);
        }
    }
}
