package org.wildfly.security.sasl.gssapi;

import java.io.IOException;
import java.util.HashMap;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.Configuration;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.jboss.logging.Logger;

/* loaded from: input_file:org/wildfly/security/sasl/gssapi/JaasUtil.class */
public class JaasUtil {
    private static Logger log = Logger.getLogger(JaasUtil.class);
    private static final boolean IS_IBM = System.getProperty("java.vendor").contains("IBM");

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/wildfly/security/sasl/gssapi/JaasUtil$UsernamePasswordCBH.class */
    public static class UsernamePasswordCBH implements CallbackHandler {
        private final String username;
        private final char[] password;

        private UsernamePasswordCBH(String str, char[] cArr) {
            this.username = str;
            this.password = cArr;
        }

        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
            for (Callback callback : callbackArr) {
                if (callback instanceof NameCallback) {
                    ((NameCallback) callback).setName(this.username);
                } else {
                    if (!(callback instanceof PasswordCallback)) {
                        throw new UnsupportedCallbackException(callback);
                    }
                    ((PasswordCallback) callback).setPassword(this.password);
                }
            }
        }
    }

    public static Subject loginClient() throws LoginException {
        log.debug("loginClient");
        return login("jduke", "theduke".toCharArray(), false, null);
    }

    public static Subject loginServer(String str, boolean z) throws LoginException {
        log.debug("loginServer");
        return login(z ? "*" : "sasl/test_server_1", "servicepwd".toCharArray(), true, str);
    }

    static Subject login(String str, char[] cArr, boolean z, String str2) throws LoginException {
        Subject subject = new Subject();
        new LoginContext("KDC", subject, new UsernamePasswordCBH(str, cArr), z ? createGssProxyConfiguration(str, str2) : createJaasConfiguration(false)).login();
        return subject;
    }

    private static Configuration createJaasConfiguration(final boolean z) {
        return new Configuration() { // from class: org.wildfly.security.sasl.gssapi.JaasUtil.1
            public AppConfigurationEntry[] getAppConfigurationEntry(String str) {
                if (!"KDC".equals(str)) {
                    throw new IllegalArgumentException(String.format("Unexpected name '%s'", str));
                }
                AppConfigurationEntry[] appConfigurationEntryArr = new AppConfigurationEntry[1];
                HashMap hashMap = new HashMap();
                hashMap.put("debug", "true");
                hashMap.put("refreshKrb5Config", "true");
                if (JaasUtil.IS_IBM) {
                    hashMap.put("noAddress", "true");
                    hashMap.put("credsType", z ? "acceptor" : "initiator");
                    appConfigurationEntryArr[0] = new AppConfigurationEntry("com.ibm.security.auth.module.Krb5LoginModule", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, hashMap);
                } else {
                    hashMap.put("storeKey", "true");
                    hashMap.put("isInitiator", z ? "false" : "true");
                    appConfigurationEntryArr[0] = new AppConfigurationEntry("com.sun.security.auth.module.Krb5LoginModule", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, hashMap);
                }
                return appConfigurationEntryArr;
            }
        };
    }

    private static Configuration createGssProxyConfiguration(final String str, final String str2) {
        return new Configuration() { // from class: org.wildfly.security.sasl.gssapi.JaasUtil.2
            public AppConfigurationEntry[] getAppConfigurationEntry(String str3) {
                if (!"KDC".equals(str3)) {
                    throw new IllegalArgumentException(String.format("Unexpected name '%s'", str3));
                }
                AppConfigurationEntry[] appConfigurationEntryArr = new AppConfigurationEntry[1];
                HashMap hashMap = new HashMap();
                hashMap.put("debug", "true");
                hashMap.put("refreshKrb5Config", "true");
                hashMap.put("principal", str);
                if (JaasUtil.IS_IBM) {
                    hashMap.put("useKeytab", str2);
                    hashMap.put("noAddress", "true");
                    hashMap.put("credsType", "acceptor");
                    appConfigurationEntryArr[0] = new AppConfigurationEntry("com.ibm.security.auth.module.Krb5LoginModule", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, hashMap);
                } else {
                    hashMap.put("useKeyTab", "true");
                    hashMap.put("keyTab", str2);
                    hashMap.put("doNotPrompt", "true");
                    hashMap.put("storeKey", "true");
                    hashMap.put("isInitiator", "false");
                    appConfigurationEntryArr[0] = new AppConfigurationEntry("com.sun.security.auth.module.Krb5LoginModule", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, hashMap);
                }
                return appConfigurationEntryArr;
            }
        };
    }
}
