package com.datastax.bdp.transport.server;

import com.datastax.bdp.transport.common.ServicePrincipal;
import com.datastax.bdp.transport.common.ServicePrincipalFormatException;
import com.datastax.bdp.util.Addresses;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.apache.cassandra.auth.AuthenticatedUser;
import org.apache.cassandra.exceptions.ConfigurationException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/datastax/bdp/transport/server/KerberosServerUtils.class */
public class KerberosServerUtils {
    private static final Logger logger = LoggerFactory.getLogger(KerberosServerUtils.class);
    private static final String DEFAULT_SUPERUSER_NAME = "cassandra";

    public static Subject loginServer(String str) throws LoginException {
        Subject subject = new Subject();
        new LoginContext(str, subject, (CallbackHandler) null, new KrbConfiguration()).login();
        return subject;
    }

    public static void validateServicePrincipal(String str) throws ConfigurationException {
        try {
            String localHostName = new ServicePrincipal(str).getLocalHostName();
            String hostName = Addresses.Internode.getBroadcastAddress().getHostName();
            if (!localHostName.equals(hostName)) {
                logger.warn("Service principal host does not match the name of the host running DSE (" + localHostName + " != " + hostName + "). This may pose problems for some clients.");
            }
        } catch (ServicePrincipalFormatException e) {
            throw new ConfigurationException(e.getMessage());
        }
    }

    public static AuthenticatedUser getUserFromAuthzId(String str) {
        return "cassandra".equals(str.split("[/@]")[0]) ? new AuthenticatedUser("cassandra") : new AuthenticatedUser(str);
    }
}
