package com.sshtools.server.shiro;

import com.sshtools.common.Connection;
import com.sshtools.common.ConnectionListenerAdapter;
import com.sshtools.server.PasswordAuthenticationProvider;
import com.sshtools.server.SshServerContext;
import com.sshtools.server.auth.PasswordChangeException;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/sshtools/server/shiro/ShiroPasswordAuthenticationProvider.class */
public class ShiroPasswordAuthenticationProvider extends PasswordAuthenticationProvider {
    public static final String SUBJECT = "shiroSubject";
    private static Logger log = LoggerFactory.getLogger(ShiroPasswordAuthenticationProvider.class);
    private static boolean initialized = false;

    public static void initialize(String str) {
        if (initialized) {
            return;
        }
        SecurityUtils.setSecurityManager((SecurityManager) new IniSecurityManagerFactory(str).getInstance());
        initialized = true;
    }

    public void init(String[] strArr) {
        if (strArr.length > 0) {
            initialize(strArr[0]);
        }
    }

    public boolean verifyPassword(Connection<SshServerContext> connection, String str, String str2) throws PasswordChangeException {
        if (log.isDebugEnabled()) {
            log.debug("Verifying password for " + str);
        }
        try {
            if (!connection.getIoSession().containsAttribute(SUBJECT)) {
                connection.getIoSession().setAttribute(SUBJECT, new Subject.Builder().buildSubject());
            }
            Subject subject = (Subject) connection.getIoSession().getAttribute(SUBJECT);
            if (!subject.isAuthenticated()) {
                if (log.isDebugEnabled()) {
                    log.debug(String.valueOf(str) + " is not already authenticated");
                }
                subject.login(new UsernamePasswordToken(str, str2));
                connection.addListener(new ConnectionListenerAdapter<SshServerContext>() { // from class: com.sshtools.server.shiro.ShiroPasswordAuthenticationProvider.1
                    public void endSession(Connection<SshServerContext> connection2) {
                        ((Subject) connection2.getIoSession().getAttribute(ShiroPasswordAuthenticationProvider.SUBJECT)).logout();
                    }
                });
            }
            if (!log.isDebugEnabled()) {
                return true;
            }
            log.debug(String.valueOf(str) + " has authenticated");
            return true;
        } catch (AuthenticationException e) {
            if (!log.isDebugEnabled()) {
                return false;
            }
            log.debug(String.valueOf(str) + " authentication failed", e);
            return false;
        }
    }

    public boolean changePassword(Connection<SshServerContext> connection, String str, String str2, String str3) throws PasswordChangeException {
        return false;
    }
}
