package org.alfresco.repo.security.authentication;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import net.sf.acegisecurity.Authentication;
import org.alfresco.service.cmr.security.PermissionService;

/* loaded from: input_file:org/alfresco/repo/security/authentication/ChainingAuthenticationComponentImpl.class */
public class ChainingAuthenticationComponentImpl implements AuthenticationComponent {
    private NTLMMode ntlmMode = null;
    private List<AuthenticationComponent> authenticationComponents;
    private AuthenticationComponent mutableAuthenticationComponent;

    public List<AuthenticationComponent> getAuthenticationComponents() {
        return this.authenticationComponents;
    }

    public void setAuthenticationComponents(List<AuthenticationComponent> list) {
        this.authenticationComponents = list;
    }

    public AuthenticationComponent getMutableAuthenticationComponent() {
        return this.mutableAuthenticationComponent;
    }

    public void setMutableAuthenticationComponent(AuthenticationComponent authenticationComponent) {
        this.mutableAuthenticationComponent = authenticationComponent;
    }

    public void setNtlmMode(NTLMMode nTLMMode) {
        this.ntlmMode = nTLMMode;
    }

    @Override // org.alfresco.repo.security.authentication.AuthenticationComponent
    public void authenticate(String str, char[] cArr) throws AuthenticationException {
        Iterator<AuthenticationComponent> it = getUsableAuthenticationComponents().iterator();
        while (it.hasNext()) {
            try {
                it.next().authenticate(str, cArr);
                return;
            } catch (AuthenticationException e) {
            }
        }
        throw new AuthenticationException("Failed to authenticate");
    }

    @Override // org.alfresco.repo.security.authentication.AuthenticationComponent
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        if (this.ntlmMode == null) {
            for (AuthenticationComponent authenticationComponent : getUsableAuthenticationComponents()) {
                if (authenticationComponent.getNTLMMode() != NTLMMode.NONE) {
                    if (authenticationComponent.getNTLMMode() == NTLMMode.PASS_THROUGH) {
                        return authenticationComponent.authenticate(authentication);
                    }
                    throw new AuthenticationException("The first authentication component to support NTLM supports MD4 hashing");
                }
            }
            throw new AuthenticationException("No NTLM passthrough authentication to use");
        }
        switch (this.ntlmMode) {
            case NONE:
                throw new AuthenticationException("NTLM is not supported");
            case MD4_PROVIDER:
                throw new AuthenticationException("NTLM passthrough is not supported then configured for MD4 hashing");
            case PASS_THROUGH:
                for (AuthenticationComponent authenticationComponent2 : getUsableAuthenticationComponents()) {
                    if (authenticationComponent2.getNTLMMode() == NTLMMode.PASS_THROUGH) {
                        return authenticationComponent2.authenticate(authentication);
                    }
                }
                throw new AuthenticationException("No NTLM passthrough authentication to use");
            default:
                throw new AuthenticationException("No NTLM passthrough authentication to use");
        }
    }

    @Override // org.alfresco.repo.security.authentication.AuthenticationComponent
    public void clearCurrentSecurityContext() {
        AuthenticationUtil.clearCurrentSecurityContext();
    }

    @Override // org.alfresco.repo.security.authentication.AuthenticationComponent
    public Authentication getCurrentAuthentication() throws AuthenticationException {
        return AuthenticationUtil.getCurrentAuthentication();
    }

    @Override // org.alfresco.repo.security.authentication.AuthenticationComponent
    public String getCurrentUserName() throws AuthenticationException {
        return AuthenticationUtil.getCurrentUserName();
    }

    @Override // org.alfresco.repo.security.authentication.AuthenticationComponent
    public String getGuestUserName() {
        return PermissionService.GUEST_AUTHORITY.toLowerCase();
    }

    @Override // org.alfresco.repo.security.authentication.AuthenticationComponent
    public String getMD4HashedPassword(String str) {
        if (this.ntlmMode == null) {
            for (AuthenticationComponent authenticationComponent : getUsableAuthenticationComponents()) {
                if (authenticationComponent.getNTLMMode() != NTLMMode.NONE) {
                    if (authenticationComponent.getNTLMMode() == NTLMMode.PASS_THROUGH) {
                        throw new AuthenticationException("The first authentication component to support NTLM supports passthrough");
                    }
                    return authenticationComponent.getMD4HashedPassword(str);
                }
            }
            throw new AuthenticationException("No MD4 provider available");
        }
        switch (this.ntlmMode) {
            case NONE:
                throw new AuthenticationException("NTLM is not supported");
            case MD4_PROVIDER:
                for (AuthenticationComponent authenticationComponent2 : getUsableAuthenticationComponents()) {
                    if (authenticationComponent2.getNTLMMode() == NTLMMode.MD4_PROVIDER) {
                        return authenticationComponent2.getMD4HashedPassword(str);
                    }
                }
                throw new AuthenticationException("No MD4 provider available");
            case PASS_THROUGH:
                throw new AuthenticationException("NTLM passthrough is not supported then configured for MD4 hashing");
            default:
                throw new AuthenticationException("No MD4 provider available");
        }
    }

    @Override // org.alfresco.repo.security.authentication.AuthenticationComponent
    public NTLMMode getNTLMMode() {
        if (this.ntlmMode == null) {
            for (AuthenticationComponent authenticationComponent : getUsableAuthenticationComponents()) {
                if (authenticationComponent.getNTLMMode() != NTLMMode.NONE) {
                    return authenticationComponent.getNTLMMode();
                }
            }
            return NTLMMode.NONE;
        }
        switch (this.ntlmMode) {
            case NONE:
                return NTLMMode.NONE;
            case MD4_PROVIDER:
                Iterator<AuthenticationComponent> it = getUsableAuthenticationComponents().iterator();
                while (it.hasNext()) {
                    if (it.next().getNTLMMode() == NTLMMode.MD4_PROVIDER) {
                        return NTLMMode.MD4_PROVIDER;
                    }
                }
                return NTLMMode.NONE;
            case PASS_THROUGH:
                Iterator<AuthenticationComponent> it2 = getUsableAuthenticationComponents().iterator();
                while (it2.hasNext()) {
                    if (it2.next().getNTLMMode() == NTLMMode.PASS_THROUGH) {
                        return NTLMMode.PASS_THROUGH;
                    }
                }
                return NTLMMode.NONE;
            default:
                return NTLMMode.NONE;
        }
    }

    @Override // org.alfresco.repo.security.authentication.AuthenticationComponent
    public String getSystemUserName() {
        return AuthenticationUtil.SYSTEM_USER_NAME;
    }

    @Override // org.alfresco.repo.security.authentication.AuthenticationComponent
    public boolean guestUserAuthenticationAllowed() {
        Iterator<AuthenticationComponent> it = getUsableAuthenticationComponents().iterator();
        while (it.hasNext()) {
            if (it.next().guestUserAuthenticationAllowed()) {
                return true;
            }
        }
        return false;
    }

    @Override // org.alfresco.repo.security.authentication.AuthenticationComponent
    public Authentication setCurrentAuthentication(Authentication authentication) {
        return AuthenticationUtil.setCurrentAuthentication(authentication);
    }

    @Override // org.alfresco.repo.security.authentication.AuthenticationComponent
    public Authentication setCurrentUser(String str) {
        Iterator<AuthenticationComponent> it = getUsableAuthenticationComponents().iterator();
        while (it.hasNext()) {
            try {
                return it.next().setCurrentUser(str);
            } catch (AuthenticationException e) {
            }
        }
        throw new AuthenticationException("Failed to set current user " + str);
    }

    @Override // org.alfresco.repo.security.authentication.AuthenticationComponent
    public Authentication setGuestUserAsCurrentUser() {
        Iterator<AuthenticationComponent> it = getUsableAuthenticationComponents().iterator();
        while (it.hasNext()) {
            try {
                return it.next().setGuestUserAsCurrentUser();
            } catch (AuthenticationException e) {
            }
        }
        throw new AuthenticationException("Guest authentication is not allowed");
    }

    @Override // org.alfresco.repo.security.authentication.AuthenticationComponent
    public Authentication setSystemUserAsCurrentUser() {
        return setCurrentUser(getSystemUserName());
    }

    private List<AuthenticationComponent> getUsableAuthenticationComponents() {
        if (this.mutableAuthenticationComponent == null) {
            return this.authenticationComponents;
        }
        ArrayList arrayList = new ArrayList(this.authenticationComponents == null ? 1 : this.authenticationComponents.size() + 1);
        arrayList.add(this.mutableAuthenticationComponent);
        if (this.authenticationComponents != null) {
            arrayList.addAll(this.authenticationComponents);
        }
        return arrayList;
    }
}
