package weblogic.security.service;

import java.io.IOException;
import java.security.AccessController;
import java.security.Principal;
import java.security.PrivilegedAction;
import java.security.Security;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import weblogic.common.internal.LogOutputStream;
import weblogic.management.Admin;
import weblogic.management.security.ProviderMBean;
import weblogic.management.security.RealmMBean;
import weblogic.management.security.authentication.IdentityAsserterMBean;
import weblogic.management.security.authentication.UserLockoutManagerMBean;
import weblogic.rmi.spi.HostID;
import weblogic.security.SecurityLogger;
import weblogic.security.SubjectUtils;
import weblogic.security.acl.internal.AuthenticatedSubject;
import weblogic.security.service.SecurityService;
import weblogic.security.spi.AuditAtnEvent;
import weblogic.security.spi.AuditSeverity;
import weblogic.security.spi.AuthenticationProvider;
import weblogic.security.spi.ChallengeIdentityAsserter;
import weblogic.security.spi.IdentityAsserter;
import weblogic.security.spi.IdentityAssertionException;
import weblogic.security.spi.PrincipalValidator;
import weblogic.utils.collections.SecondChanceCacheMap;

/* loaded from: input_file:weblogic.jar:weblogic/security/service/PrincipalAuthenticator.class */
public class PrincipalAuthenticator implements SecurityService {
    protected static final String assertionTag = "$$ASSERTION$$";
    private RealmMBean realmMBean;
    private UserLockoutManager userLockoutManager;
    private String realmName = null;
    private String defLogConfProv = null;
    private AuthenticationProvider[] providerList = null;
    private HashMap validationMap = new HashMap();
    private HashMap assertionMap = new HashMap();
    private HashMap assertionEncodingMap = new HashMap();
    private Auditor auditor = null;
    private boolean run = false;
    private boolean debug = false;
    private LogOutputStream log = null;
    private long idCacheTTL = Long.getLong(Admin.ADMIN_IACACHETTL_PROP, 300).longValue() * 1000;
    private IdentityCache idCache = new IdentityCache(this.idCacheTTL, null);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:weblogic.jar:weblogic/security/service/PrincipalAuthenticator$IdentityCache.class */
    public static final class IdentityCache {
        private final SecondChanceCacheMap cache;
        private long cacheEOL;
        private long cacheTTL;

        private IdentityCache(long j) {
            this.cache = new SecondChanceCacheMap(1000);
            this.cacheEOL = 0L;
            this.cacheTTL = 0L;
            this.cacheTTL = j;
            if (this.cacheTTL != 0) {
                this.cacheEOL = System.currentTimeMillis() + this.cacheTTL;
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        public AuthenticatedSubject getCachedIdentity(String str) {
            if (this.cacheTTL < 0) {
                return null;
            }
            checkTTL();
            return (AuthenticatedSubject) this.cache.get(str);
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void putCachedIdentity(String str, AuthenticatedSubject authenticatedSubject) {
            if (this.cacheTTL < 0) {
                return;
            }
            checkTTL();
            if (this.cache.containsKey(str)) {
                return;
            }
            this.cache.put(str, authenticatedSubject);
        }

        private void checkTTL() {
            if (this.cacheTTL == 0) {
                return;
            }
            long currentTimeMillis = System.currentTimeMillis();
            if (currentTimeMillis > this.cacheEOL) {
                synchronized (this.cache) {
                    if (currentTimeMillis > this.cacheEOL) {
                        this.cacheEOL = currentTimeMillis + this.cacheTTL;
                        this.cache.clear();
                    }
                }
            }
        }

        IdentityCache(long j, AnonymousClass1 anonymousClass1) {
            this(j);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:weblogic.jar:weblogic/security/service/PrincipalAuthenticator$ImpersonationCallbackHandler.class */
    public static final class ImpersonationCallbackHandler implements CallbackHandler {
        private final String username;

        private ImpersonationCallbackHandler(String str) {
            this.username = str;
        }

        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
            for (int i = 0; i < callbackArr.length; i++) {
                if (callbackArr[i] instanceof NameCallback) {
                    ((NameCallback) callbackArr[i]).setName(this.username);
                }
            }
        }

        ImpersonationCallbackHandler(String str, AnonymousClass1 anonymousClass1) {
            this(str);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:weblogic.jar:weblogic/security/service/PrincipalAuthenticator$PACallbackHandler.class */
    public static final class PACallbackHandler implements CallbackHandler {
        private CallbackHandler delegate;
        private String retrievedName;

        private PACallbackHandler(CallbackHandler callbackHandler) {
            this.delegate = null;
            this.retrievedName = null;
            this.delegate = callbackHandler;
        }

        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
            this.delegate.handle(callbackArr);
            for (int i = 0; i < callbackArr.length; i++) {
                if ((callbackArr[i] instanceof NameCallback) && this.retrievedName == null) {
                    this.retrievedName = ((NameCallback) callbackArr[i]).getName();
                }
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        public String getRetrievedName() {
            return this.retrievedName;
        }

        PACallbackHandler(CallbackHandler callbackHandler, AnonymousClass1 anonymousClass1) {
            this(callbackHandler);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:weblogic.jar:weblogic/security/service/PrincipalAuthenticator$TagType.class */
    public static class TagType {
        private String tag;
        public static final TagType AUTHENTICATION = new TagType("AUTHENTICATION");
        public static final TagType ASSERTION = new TagType("ASSERTION");

        private TagType(String str) {
            this.tag = str;
        }
    }

    @Override // weblogic.security.service.SecurityService
    public void initialize(String str, ProviderMBean[] providerMBeanArr) {
        UserLockoutManagerMBean userLockoutManager;
        this.debug = Admin.getInstance().getLocalServer().getServerDebug().getDebugSecurityAtn();
        if (this.debug) {
            this.log = SecurityServiceManager.getSecurityDebugLog();
        }
        this.realmName = str;
        this.defLogConfProv = Security.getProperty("login.configuration.provider");
        if (providerMBeanArr == null || providerMBeanArr.length == 0) {
            throw new SecurityServiceRuntimeException(SecurityLogger.getNoAuthMBeansInvConfig());
        }
        this.realmMBean = providerMBeanArr[0].getRealm();
        this.auditor = (Auditor) SecurityServiceManager.getSecurityServiceInternal(str, SecurityService.ServiceType.AUDIT);
        this.providerList = new AuthenticationProvider[providerMBeanArr.length];
        for (int i = 0; i < providerMBeanArr.length; i++) {
            try {
                this.providerList[i] = (AuthenticationProvider) SecurityServiceManager.createSecurityProvider(providerMBeanArr[i], this.auditor);
                PrincipalValidator principalValidator = this.providerList[i].getPrincipalValidator();
                if (principalValidator != null) {
                    Class principalBaseClass = principalValidator.getPrincipalBaseClass();
                    if (!this.validationMap.containsKey(principalBaseClass)) {
                        this.validationMap.put(principalBaseClass, principalValidator);
                    } else if (!((PrincipalValidator) this.validationMap.get(principalBaseClass)).getClass().equals(principalValidator.getClass())) {
                        throw new SecurityException(SecurityLogger.getConfigErrorPrinValidatorMapping(principalBaseClass.getName()));
                    }
                }
                if (providerMBeanArr[i] instanceof IdentityAsserterMBean) {
                    IdentityAsserterMBean identityAsserterMBean = (IdentityAsserterMBean) providerMBeanArr[i];
                    String[] activeTypes = identityAsserterMBean.getActiveTypes();
                    for (int i2 = 0; activeTypes != null && i2 < activeTypes.length; i2++) {
                        if (!this.assertionMap.containsKey(activeTypes[i2])) {
                            this.assertionMap.put(activeTypes[i2], this.providerList[i]);
                            if (identityAsserterMBean.getBase64DecodingRequired()) {
                                this.assertionEncodingMap.put(activeTypes[i2], Boolean.TRUE);
                            } else {
                                this.assertionEncodingMap.put(activeTypes[i2], Boolean.FALSE);
                            }
                        }
                    }
                }
            } catch (Exception e) {
                this.providerList = null;
                SecurityLogger.logStackTrace(e);
                throw new SecurityServiceRuntimeException(SecurityLogger.getProblemInitAuthProv(e.toString()));
            }
        }
        if (this.realmMBean == null || (userLockoutManager = this.realmMBean.getUserLockoutManager()) == null) {
            return;
        }
        this.userLockoutManager = new UserLockoutManager();
        this.userLockoutManager.init(userLockoutManager);
    }

    @Override // weblogic.security.service.SecurityService
    public void start() {
        this.run = true;
    }

    @Override // weblogic.security.service.SecurityService
    public void suspend() {
        this.run = false;
    }

    @Override // weblogic.security.service.SecurityService
    public void shutdown() {
        this.providerList = null;
        this.assertionMap.clear();
    }

    public PrincipalAuthenticator() {
    }

    public PrincipalAuthenticator(String str, ProviderMBean[] providerMBeanArr) {
        initialize(str, providerMBeanArr);
    }

    public AuthenticatedSubject authenticate(CallbackHandler callbackHandler) throws LoginException {
        if (callbackHandler == null) {
            throw new LoginException(SecurityLogger.getNoCallbackHandlerSuppliedPA());
        }
        if (this.debug) {
            this.log.debug("PrincipalAuthenticator.authenticate");
        }
        return authInternal(callbackHandler, TagType.AUTHENTICATION);
    }

    private AuthenticatedSubject authInternal(CallbackHandler callbackHandler, TagType tagType) throws LoginException {
        String retrievedName;
        String retrievedName2;
        if (callbackHandler == null) {
            return SubjectUtils.getAnonymousSubject();
        }
        if (this.providerList == null) {
            if (this.debug) {
                this.log.debug("PrincipalAuthenticator.authInternal - No configured providers");
            }
            throw new LoginException(SecurityLogger.getNoConfiguredAuthProviders());
        }
        PACallbackHandler pACallbackHandler = new PACallbackHandler(callbackHandler, null);
        AccessController.doPrivileged(new PrivilegedAction(this) { // from class: weblogic.security.service.PrincipalAuthenticator.1
            private final PrincipalAuthenticator this$0;

            {
                this.this$0 = this;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                Security.setProperty("login.configuration.provider", "weblogic.security.service.ServerConfiguration");
                return null;
            }
        });
        LoginContext loginContext = tagType == TagType.AUTHENTICATION ? new LoginContext(this.realmName, pACallbackHandler) : new LoginContext(new StringBuffer().append(this.realmName).append(assertionTag).toString(), pACallbackHandler);
        try {
            try {
                loginContext.login();
                if (this.auditor != null) {
                    this.auditor.writeEvent(new AuditAtnEventImpl(AuditSeverity.SUCCESS, pACallbackHandler.getRetrievedName(), AuditAtnEvent.AtnEventType.AUTHENTICATE, null));
                }
                if (this.userLockoutManager != null && (retrievedName2 = pACallbackHandler.getRetrievedName()) != null) {
                    if (this.userLockoutManager.isLocked(retrievedName2)) {
                        if (this.debug) {
                            this.log.debug("PrincipalAuthenticator.authInternal - LoginException: userLockoutManager");
                        }
                        throw new LoginException(SecurityLogger.getAuthFailedUserLockedOut(retrievedName2));
                    }
                    if (1 != 0) {
                        this.userLockoutManager.logSuccess(retrievedName2);
                    }
                }
                Subject subject = loginContext.getSubject();
                Object[] array = removeDuplicatePrincipals(subject.getPrincipals()).toArray();
                for (Class cls : this.validationMap.keySet()) {
                    PrincipalValidator principalValidator = (PrincipalValidator) this.validationMap.get(cls);
                    for (int i = 0; i < array.length; i++) {
                        if (cls.isInstance(array[i])) {
                            AccessController.doPrivileged(PrivilegedActions.getSignPrincipalAction(principalValidator, (Principal) array[i]));
                        }
                    }
                }
                return new AuthenticatedSubject(subject);
            } catch (LoginException e) {
                if (this.auditor != null) {
                    this.auditor.writeEvent(new AuditAtnEventImpl(AuditSeverity.FAILURE, pACallbackHandler.getRetrievedName(), AuditAtnEvent.AtnEventType.AUTHENTICATE, e));
                }
                if (this.debug) {
                    this.log.debug("PrincipalAuthenticator.authInternal - LoginException");
                }
                if (this.userLockoutManager != null && (retrievedName = pACallbackHandler.getRetrievedName()) != null && !this.userLockoutManager.isLocked(retrievedName)) {
                    this.userLockoutManager.logFailure(retrievedName);
                }
                throw e;
            }
        } finally {
            AccessController.doPrivileged(new PrivilegedAction(this) { // from class: weblogic.security.service.PrincipalAuthenticator.2
                private final PrincipalAuthenticator this$0;

                {
                    this.this$0 = this;
                }

                @Override // java.security.PrivilegedAction
                public Object run() {
                    if (this.this$0.defLogConfProv != null) {
                        Security.setProperty("login.configuration.provider", this.this$0.defLogConfProv);
                        return null;
                    }
                    Security.setProperty("login.configuration.provider", "com.sun.security.auth.login.ConfigFile");
                    return null;
                }
            });
        }
    }

    public Map getAssertionsEncodingMap() {
        return this.assertionEncodingMap;
    }

    public boolean doesTokenRequireBase64Decoding(Object obj) {
        return ((Boolean) obj).booleanValue();
    }

    public AuthenticatedSubject assertIdentity(String str, Object obj) throws LoginException {
        if (this.debug) {
            this.log.debug(new StringBuffer().append("PrincipalAuthenticator.assertIdentity - Token Type: ").append(str).toString());
        }
        if (str == null) {
            throw new LoginException(SecurityLogger.getNullTokenTypeParam());
        }
        if (obj == null) {
            throw new LoginException(SecurityLogger.getNullTokenParam());
        }
        if (str.equals(IdentityAsserter.AU_TYPE) && (obj instanceof AuthenticatedSubject)) {
            return (AuthenticatedSubject) obj;
        }
        if (this.providerList == null) {
            if (this.debug) {
                this.log.debug("PrincipalAuthenticator.assertIdentity - No configured providers");
            }
            throw new LoginException(SecurityLogger.getNoConfiguredAuthProviders());
        }
        if (!this.assertionMap.containsKey(str)) {
            if (this.debug) {
                this.log.debug("PrincipalAuthenticator.assertIdentity - Unsupported Token Type");
            }
            throw new LoginException(SecurityLogger.getIAHdlrUnsupTokenType(str));
        }
        try {
            CallbackHandler assertIdentity = ((AuthenticationProvider) this.assertionMap.get(str)).getIdentityAsserter().assertIdentity(str, obj);
            if (assertIdentity == null) {
                if (this.auditor != null) {
                    this.auditor.writeEvent(new AuditAtnEventImpl(AuditSeverity.SUCCESS, "anonymous user", AuditAtnEvent.AtnEventType.ASSERTIDENTITY, null));
                }
                if (this.debug) {
                    this.log.debug("PrincipalAuthenticator.assertIdentity - returning anonymous");
                }
                return SubjectUtils.getAnonymousSubject();
            }
            NameCallback nameCallback = new NameCallback("username");
            try {
                assertIdentity.handle(new Callback[]{nameCallback});
                String name = nameCallback.getName();
                if (name == null || name.length() == 0) {
                    if (this.auditor != null) {
                        this.auditor.writeEvent(new AuditAtnEventImpl(AuditSeverity.FAILURE, "", AuditAtnEvent.AtnEventType.ASSERTIDENTITY, null));
                    }
                    if (this.debug) {
                        this.log.debug("PrincipalAuthenticator.assertIdentity - UserName Not Supplied");
                    }
                    throw new LoginException(SecurityLogger.getIdentityAssertionHdlrNoUser());
                }
                AuthenticatedSubject cachedIdentity = this.idCache.getCachedIdentity(name);
                if (cachedIdentity != null) {
                    if (this.auditor != null) {
                        this.auditor.writeEvent(new AuditAtnEventImpl(AuditSeverity.SUCCESS, name, AuditAtnEvent.AtnEventType.ASSERTIDENTITY, null));
                    }
                    if (this.debug) {
                        this.log.debug("PrincipalAuthenticator.assertIdentity - getCachedIdentity succeeded");
                    }
                    return cachedIdentity;
                }
                AuthenticatedSubject authInternal = authInternal(assertIdentity, TagType.ASSERTION);
                if (authInternal != null) {
                    if (this.auditor != null) {
                        this.auditor.writeEvent(new AuditAtnEventImpl(AuditSeverity.SUCCESS, name, AuditAtnEvent.AtnEventType.ASSERTIDENTITY, null));
                    } else if (this.auditor != null) {
                        this.auditor.writeEvent(new AuditAtnEventImpl(AuditSeverity.FAILURE, name, AuditAtnEvent.AtnEventType.ASSERTIDENTITY, null));
                    }
                    this.idCache.putCachedIdentity(name, authInternal);
                }
                return authInternal;
            } catch (IOException e) {
                if (this.auditor != null) {
                    this.auditor.writeEvent(new AuditAtnEventImpl(AuditSeverity.FAILURE, "", AuditAtnEvent.AtnEventType.ASSERTIDENTITY, e));
                }
                if (this.debug) {
                    this.log.debug("PrincipalAuthenticator.assertIdentity - IOException");
                }
                throw new LoginException(SecurityLogger.getIdentityAssertionHdlrFailedExc(e.toString()));
            } catch (UnsupportedCallbackException e2) {
                if (this.auditor != null) {
                    this.auditor.writeEvent(new AuditAtnEventImpl(AuditSeverity.FAILURE, "", AuditAtnEvent.AtnEventType.ASSERTIDENTITY, e2));
                }
                if (this.debug) {
                    this.log.debug("PrincipalAuthenticator.assertIdentity - UnsupportedCallbackException");
                }
                throw new LoginException(SecurityLogger.getIdentityAssertionHdlrFailedExc(e2.toString()));
            }
        } catch (IdentityAssertionException e3) {
            if (this.auditor != null) {
                this.auditor.writeEvent(new AuditAtnEventImpl(AuditSeverity.FAILURE, "", AuditAtnEvent.AtnEventType.ASSERTIDENTITY, e3));
            }
            if (this.debug) {
                this.log.debug("PrincipalAuthenticator.assertIdentity - IdentityAssertionException");
            }
            throw new LoginException(SecurityLogger.getIdentityAssertionFailedExc(e3.toString()));
        }
    }

    public boolean isTokenTypeSupported(String str) {
        if (str == null) {
            return false;
        }
        if (str.equalsIgnoreCase(IdentityAsserter.AU_TYPE)) {
            return true;
        }
        return this.providerList != null && this.assertionMap.containsKey(str);
    }

    public AuthenticatedSubject impersonateIdentity(String str) throws LoginException {
        if (str == null) {
            if (this.auditor != null) {
                this.auditor.writeEvent(new AuditAtnEventImpl(AuditSeverity.SUCCESS, "anonymous user", AuditAtnEvent.AtnEventType.IMPERSONATEIDENTITY, null));
            }
            if (this.debug) {
                this.log.debug("PrincipalAuthenticator.impersonateIdentity - returning anonymous");
            }
            return SubjectUtils.getAnonymousSubject();
        }
        if (this.debug) {
            this.log.debug(new StringBuffer().append("PrincipalAuthenticator.impersonateIdentity - Username: ").append(str).toString());
        }
        if (this.providerList == null) {
            if (this.debug) {
                this.log.debug("PrincipalAuthenticator.impersonateIdentity - No configured providers");
            }
            throw new LoginException(SecurityLogger.getNoConfiguredAuthProviders());
        }
        AuthenticatedSubject cachedIdentity = this.idCache.getCachedIdentity(str);
        if (cachedIdentity != null) {
            if (this.auditor != null) {
                this.auditor.writeEvent(new AuditAtnEventImpl(AuditSeverity.SUCCESS, str, AuditAtnEvent.AtnEventType.IMPERSONATEIDENTITY, null));
            }
            if (this.debug) {
                this.log.debug("PrincipalAuthenticator.impersonateIdentity - getCachedIdentity succeeded");
            }
            return cachedIdentity;
        }
        AuthenticatedSubject authInternal = authInternal(new ImpersonationCallbackHandler(str, null), TagType.ASSERTION);
        if (authInternal != null) {
            if (this.auditor != null) {
                this.auditor.writeEvent(new AuditAtnEventImpl(AuditSeverity.SUCCESS, str, AuditAtnEvent.AtnEventType.IMPERSONATEIDENTITY, null));
            }
            this.idCache.putCachedIdentity(str, authInternal);
        } else {
            if (this.auditor != null) {
                this.auditor.writeEvent(new AuditAtnEventImpl(AuditSeverity.FAILURE, str, AuditAtnEvent.AtnEventType.IMPERSONATEIDENTITY, null));
            }
            if (this.debug) {
                this.log.debug("PrincipalAuthenticator.impersonateIdentity - Subject null");
            }
        }
        return authInternal;
    }

    public boolean validateIdentity(AuthenticatedSubject authenticatedSubject) {
        if (authenticatedSubject == null) {
            return false;
        }
        if (this.debug) {
            this.log.debug("PrincipalAuthenticator.validateIdentity");
        }
        if (this.providerList == null) {
            if (!this.debug) {
                return false;
            }
            this.log.debug("PrincipalAuthenticator.validateIdentity - No configured providers");
            return false;
        }
        int size = authenticatedSubject.getPrincipals().size();
        for (Class cls : this.validationMap.keySet()) {
            PrincipalValidator principalValidator = (PrincipalValidator) this.validationMap.get(cls);
            for (Object obj : authenticatedSubject.getPrincipals(cls).toArray()) {
                try {
                    if (false == principalValidator.validate((Principal) obj)) {
                        if (this.auditor != null) {
                            this.auditor.writeEvent(new AuditAtnEventImpl(AuditSeverity.FAILURE, "", AuditAtnEvent.AtnEventType.VALIDATEIDENTITY, null));
                        }
                        if (!this.debug) {
                            return false;
                        }
                        this.log.debug("PrincipalAuthenticator.validateIdentity - validate failure");
                        return false;
                    }
                    size--;
                } catch (SecurityException e) {
                    if (this.auditor != null) {
                        this.auditor.writeEvent(new AuditAtnEventImpl(AuditSeverity.FAILURE, "", AuditAtnEvent.AtnEventType.VALIDATEIDENTITY, null));
                    }
                    if (!this.debug) {
                        return false;
                    }
                    this.log.debug("PrincipalAuthenticator.validateIdentity - SecurityException");
                    return false;
                }
            }
        }
        if (size == 0) {
            return true;
        }
        if (this.auditor != null) {
            this.auditor.writeEvent(new AuditAtnEventImpl(AuditSeverity.FAILURE, "", AuditAtnEvent.AtnEventType.VALIDATEIDENTITY, null));
        }
        if (!this.debug) {
            return false;
        }
        this.log.debug("PrincipalAuthenticator.validateIdentity - failure");
        return false;
    }

    public Object getChallengeToken(String str) throws IdentityAssertionException {
        if (str == null) {
            throw new IdentityAssertionException(SecurityLogger.getNullTokenTypeParam());
        }
        if (this.providerList == null) {
            return null;
        }
        if (!this.assertionMap.containsKey(str)) {
            throw new IdentityAssertionException(SecurityLogger.getNoChallengeIAAvailableForToken(str));
        }
        IdentityAsserter identityAsserter = ((AuthenticationProvider) this.assertionMap.get(str)).getIdentityAsserter();
        if (identityAsserter instanceof ChallengeIdentityAsserter) {
            return ((ChallengeIdentityAsserter) identityAsserter).getChallengeToken(str);
        }
        throw new IdentityAssertionException(SecurityLogger.getNoChallengeIAConfiguredForToken(str));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AuthenticationProvider[] getProviderList() {
        return this.providerList;
    }

    public UserLockoutManager getUserLockoutManager() {
        return this.userLockoutManager;
    }

    public void receiveSecurityMessage(HostID hostID, SecurityMessage securityMessage) {
        this.userLockoutManager.processSecurityMessage(securityMessage.nextSeqNo(), securityMessage.record());
    }

    private Set removeDuplicatePrincipals(Set set) {
        HashSet hashSet = new HashSet();
        Iterator it = set.iterator();
        while (it.hasNext()) {
            hashSet.add(it.next());
        }
        return hashSet;
    }
}
