package sun.security.jgss;

import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.HashMap;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.Configuration;
import org.ietf.jgss.Oid;
import sun.security.action.GetPropertyAction;
import sun.security.util.Debug;

/* loaded from: input_file:Contents/Home/lib/rt.jar:sun/security/jgss/LoginConfigImpl.class */
public class LoginConfigImpl extends Configuration {
    private final Configuration config;
    private final GSSCaller caller;
    private final String mechName;
    private static final Debug debug = Debug.getInstance("gssloginconfig", "\t[GSS LoginConfigImpl]");
    public static final boolean HTTP_USE_GLOBAL_CREDS;

    public LoginConfigImpl(GSSCaller gSSCaller, Oid oid) {
        this.caller = gSSCaller;
        if (!oid.equals(GSSUtil.GSS_KRB5_MECH_OID)) {
            throw new IllegalArgumentException(oid.toString() + " not supported");
        }
        this.mechName = "krb5";
        this.config = (Configuration) AccessController.doPrivileged(new PrivilegedAction<Configuration>() { // from class: sun.security.jgss.LoginConfigImpl.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            /* renamed from: run */
            public Configuration run2() {
                return Configuration.getConfiguration();
            }
        });
    }

    @Override // javax.security.auth.login.Configuration
    public AppConfigurationEntry[] getAppConfigurationEntry(String str) {
        AppConfigurationEntry[] appConfigurationEntryArr = null;
        if ("OTHER".equalsIgnoreCase(str)) {
            return null;
        }
        String[] strArr = null;
        if (!"krb5".equals(this.mechName)) {
            throw new IllegalArgumentException(this.mechName + " not supported");
        }
        if (this.caller == GSSCaller.CALLER_INITIATE) {
            strArr = new String[]{"com.sun.security.jgss.krb5.initiate", "com.sun.security.jgss.initiate"};
        } else if (this.caller == GSSCaller.CALLER_ACCEPT) {
            strArr = new String[]{"com.sun.security.jgss.krb5.accept", "com.sun.security.jgss.accept"};
        } else if (this.caller == GSSCaller.CALLER_SSL_CLIENT) {
            strArr = new String[]{"com.sun.security.jgss.krb5.initiate", "com.sun.net.ssl.client"};
        } else if (this.caller == GSSCaller.CALLER_SSL_SERVER) {
            strArr = new String[]{"com.sun.security.jgss.krb5.accept", "com.sun.net.ssl.server"};
        } else if (this.caller instanceof HttpCaller) {
            strArr = new String[]{"com.sun.security.jgss.krb5.initiate"};
        } else if (this.caller == GSSCaller.CALLER_UNKNOWN) {
            throw new AssertionError((Object) "caller not defined");
        }
        for (String str2 : strArr) {
            appConfigurationEntryArr = this.config.getAppConfigurationEntry(str2);
            if (debug != null) {
                debug.println("Trying " + str2 + (appConfigurationEntryArr == null ? ": does not exist." : ": Found!"));
            }
            if (appConfigurationEntryArr != null) {
                break;
            }
        }
        if (appConfigurationEntryArr == null) {
            if (debug != null) {
                debug.println("Cannot read JGSS entry, use default values instead.");
            }
            appConfigurationEntryArr = getDefaultConfigurationEntry();
        }
        return appConfigurationEntryArr;
    }

    private AppConfigurationEntry[] getDefaultConfigurationEntry() {
        HashMap hashMap = new HashMap(2);
        if (this.mechName != null && !this.mechName.equals("krb5")) {
            return null;
        }
        if (isServerSide(this.caller)) {
            hashMap.put("useKeyTab", "true");
            hashMap.put("storeKey", "true");
            hashMap.put("doNotPrompt", "true");
            hashMap.put("principal", "*");
            hashMap.put("isInitiator", "false");
        } else {
            if (!(this.caller instanceof HttpCaller) || HTTP_USE_GLOBAL_CREDS) {
                hashMap.put("useTicketCache", "true");
            } else {
                hashMap.put("useTicketCache", "false");
            }
            hashMap.put("doNotPrompt", "false");
        }
        return new AppConfigurationEntry[]{new AppConfigurationEntry("com.sun.security.auth.module.Krb5LoginModule", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, hashMap)};
    }

    private static boolean isServerSide(GSSCaller gSSCaller) {
        return GSSCaller.CALLER_ACCEPT == gSSCaller || GSSCaller.CALLER_SSL_SERVER == gSSCaller;
    }

    static {
        HTTP_USE_GLOBAL_CREDS = !"false".equalsIgnoreCase(GetPropertyAction.privilegedGetProperty("http.use.global.creds"));
    }
}
