package herddb.security.sasl;

import herddb.client.ClientConfiguration;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.Provider;
import java.util.Arrays;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.sasl.AuthenticationException;
import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;
import javax.security.sasl.SaslServerFactory;

/* loaded from: input_file:herddb/security/sasl/PlainSaslServerProvider.class */
public class PlainSaslServerProvider extends Provider {
    private static final long serialVersionUID = 1;
    private static final Logger LOG = Logger.getLogger(PlainSaslServerProvider.class.getName());

    /* loaded from: input_file:herddb/security/sasl/PlainSaslServerProvider$PlainSaslServer.class */
    public static class PlainSaslServer implements SaslServer {
        private boolean complete;
        private final CallbackHandler callbackHandler;
        private String username;

        public PlainSaslServer(CallbackHandler callbackHandler) {
            this.callbackHandler = callbackHandler;
        }

        public byte[] evaluateResponse(byte[] bArr) throws SaslException {
            if (bArr.length == 0 || bArr[0] != 0) {
                throw new AuthenticationException("Invalid auth");
            }
            int i = -1;
            int i2 = 1;
            while (true) {
                if (i2 >= bArr.length) {
                    break;
                }
                if (bArr[i2] == 0) {
                    i = i2;
                    break;
                }
                i2++;
            }
            if (i < 0) {
                throw new AuthenticationException("Invalid auth");
            }
            this.username = new String(bArr, 1, i - 1, StandardCharsets.UTF_8);
            String str = new String(bArr, i + 1, (bArr.length - i) - 1, StandardCharsets.UTF_8);
            Callback nameCallback = new NameCallback("username", ClientConfiguration.PROPERTY_CLIENT_USERNAME_DEFAULT);
            nameCallback.setName(this.username);
            PasswordCallback passwordCallback = new PasswordCallback(ClientConfiguration.PROPERTY_CLIENT_PASSWORD, false);
            passwordCallback.setPassword(str.toCharArray());
            try {
                this.callbackHandler.handle(new Callback[]{nameCallback, passwordCallback});
                this.complete = true;
                return new byte[0];
            } catch (IOException | UnsupportedCallbackException e) {
                PlainSaslServerProvider.LOG.log(Level.SEVERE, "Error", e);
                throw new AuthenticationException("Error while performing SASL PLAIN authentication " + e, e);
            }
        }

        public String getAuthorizationID() {
            if (this.complete) {
                return this.username;
            }
            throw new IllegalStateException("Authentication exchange has not completed");
        }

        public String getMechanismName() {
            return SaslUtils.AUTH_PLAIN;
        }

        public Object getNegotiatedProperty(String str) {
            if (this.complete) {
                return null;
            }
            throw new IllegalStateException("Authentication exchange has not completed");
        }

        public boolean isComplete() {
            return this.complete;
        }

        public byte[] unwrap(byte[] bArr, int i, int i2) {
            if (this.complete) {
                return Arrays.copyOfRange(bArr, i, i + i2);
            }
            throw new IllegalStateException("Authentication exchange has not completed");
        }

        public byte[] wrap(byte[] bArr, int i, int i2) {
            if (this.complete) {
                return Arrays.copyOfRange(bArr, i, i + i2);
            }
            throw new IllegalStateException("Authentication exchange has not completed");
        }

        public void dispose() {
            this.complete = false;
            this.username = null;
        }
    }

    /* loaded from: input_file:herddb/security/sasl/PlainSaslServerProvider$PlainSaslServerFactory.class */
    public static class PlainSaslServerFactory implements SaslServerFactory {
        public SaslServer createSaslServer(String str, String str2, String str3, Map<String, ?> map, CallbackHandler callbackHandler) {
            for (String str4 : getMechanismNames(map)) {
                if (str4.equals(str)) {
                    return new PlainSaslServer(callbackHandler);
                }
            }
            return null;
        }

        public String[] getMechanismNames(Map<String, ?> map) {
            return new String[]{SaslUtils.AUTH_PLAIN};
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public PlainSaslServerProvider() {
        super("SASL/PLAIN Server Provider", 1.0d, "SASL/PLAIN Server Provider for HerdDB");
        put("SaslServerFactory.PLAIN", PlainSaslServerFactory.class.getName());
    }
}
