package org.wildfly.security.mechanism.http;

import java.io.IOException;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.sasl.AuthorizeCallback;
import javax.security.sasl.RealmCallback;
import org.wildfly.security.auth.callback.AuthenticationCompleteCallback;
import org.wildfly.security.auth.callback.EvidenceVerifyCallback;
import org.wildfly.security.auth.callback.IdentityCredentialCallback;
import org.wildfly.security.credential.PasswordCredential;
import org.wildfly.security.evidence.PasswordGuessEvidence;
import org.wildfly.security.http.HttpAuthenticationException;
import org.wildfly.security.http.HttpServerAuthenticationMechanism;
import org.wildfly.security.password.interfaces.ClearPassword;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/wildfly-elytron-1.10.4.Final.jar:org/wildfly/security/mechanism/http/UsernamePasswordAuthenticationMechanism.class
 */
/* loaded from: input_file:WEB-INF/lib/wildfly-elytron-mechanism-http-1.10.4.Final.jar:org/wildfly/security/mechanism/http/UsernamePasswordAuthenticationMechanism.class */
public abstract class UsernamePasswordAuthenticationMechanism implements HttpServerAuthenticationMechanism {
    protected final CallbackHandler callbackHandler;

    /* JADX INFO: Access modifiers changed from: protected */
    public UsernamePasswordAuthenticationMechanism(CallbackHandler callbackHandler) {
        this.callbackHandler = callbackHandler;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean authenticate(String str, String str2, char[] cArr) throws HttpAuthenticationException {
        RealmCallback realmCallback = str != null ? new RealmCallback("User realm", str) : null;
        Callback nameCallback = new NameCallback("Remote Authentication Name", str2);
        nameCallback.setName(str2);
        PasswordGuessEvidence passwordGuessEvidence = new PasswordGuessEvidence(cArr);
        EvidenceVerifyCallback evidenceVerifyCallback = new EvidenceVerifyCallback(passwordGuessEvidence);
        ElytronMessages.httpUserPass.debugf("Username authentication. Realm: [%s], Username: [%s].", str, str2);
        try {
            try {
                this.callbackHandler.handle(realmCallback != null ? new Callback[]{realmCallback, nameCallback, evidenceVerifyCallback} : new Callback[]{nameCallback, evidenceVerifyCallback});
                if (!evidenceVerifyCallback.isVerified()) {
                    passwordGuessEvidence.destroy();
                    return false;
                }
                this.callbackHandler.handle(new Callback[]{new IdentityCredentialCallback(new PasswordCredential(ClearPassword.createRaw("clear", cArr)), true)});
                passwordGuessEvidence.destroy();
                return true;
            } catch (IOException e) {
                throw new HttpAuthenticationException(e);
            } catch (UnsupportedCallbackException e2) {
                passwordGuessEvidence.destroy();
                return false;
            }
        } catch (Throwable th) {
            passwordGuessEvidence.destroy();
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean authorize(String str) throws HttpAuthenticationException {
        ElytronMessages.httpUserPass.debugf("Username authorization. Username: [%s].", str);
        Callback authorizeCallback = new AuthorizeCallback(str, str);
        try {
            this.callbackHandler.handle(new Callback[]{authorizeCallback});
            return authorizeCallback.isAuthorized();
        } catch (IOException e) {
            throw new HttpAuthenticationException(e);
        } catch (UnsupportedCallbackException e2) {
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void succeed() throws IOException, UnsupportedCallbackException {
        this.callbackHandler.handle(new Callback[]{AuthenticationCompleteCallback.SUCCEEDED});
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void fail() throws IOException, UnsupportedCallbackException {
        this.callbackHandler.handle(new Callback[]{AuthenticationCompleteCallback.FAILED});
    }
}
