package org.jboss.sasl.plain;

import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.sasl.AuthorizeCallback;
import javax.security.sasl.SaslException;
import org.jboss.sasl.callback.VerifyPasswordCallback;
import org.jboss.sasl.util.AbstractSaslParticipant;
import org.jboss.sasl.util.AbstractSaslServer;
import org.jboss.sasl.util.Charsets;
import org.jboss.sasl.util.SaslState;
import org.jboss.sasl.util.SaslStateContext;

/* loaded from: input_file:lib/jboss-sasl-1.0.0.Final.jar:org/jboss/sasl/plain/PlainSaslServer.class */
public final class PlainSaslServer extends AbstractSaslServer {
    protected String authorizedId;
    private final SaslState INITIAL;

    public PlainSaslServer(String str, String str2, CallbackHandler callbackHandler) {
        super(PlainServerFactory.PLAIN, str, str2, callbackHandler);
        this.INITIAL = new SaslState() { // from class: org.jboss.sasl.plain.PlainSaslServer.1
            private static final byte UTF8NUL = 0;

            @Override // org.jboss.sasl.util.SaslState
            public byte[] evaluateMessage(SaslStateContext saslStateContext, byte[] bArr) throws SaslException {
                String str3;
                String str4;
                String str5;
                int length = bArr.length;
                if (length == 0) {
                    return AbstractSaslParticipant.NO_BYTES;
                }
                if (length > 1020) {
                    throw new SaslException("Authentication name string is too long");
                }
                String[] split = split(bArr);
                if (split.length == 2) {
                    str4 = split[0];
                    str3 = str4;
                    str5 = split[1];
                } else {
                    if (split.length != 3) {
                        throw new SaslException("Invalid number of message parts (" + split.length + ")");
                    }
                    str3 = split[0];
                    str4 = split[1];
                    str5 = split[2];
                }
                if (str4.length() > 255) {
                    throw new SaslException("Authentication identity string is too long");
                }
                if (str3.length() > 255) {
                    throw new SaslException("Authorization identity string is too long");
                }
                if (str5.length() > 255) {
                    throw new SaslException("Password string is too long");
                }
                Callback nameCallback = new NameCallback("PLAIN authentication identity", str4);
                VerifyPasswordCallback verifyPasswordCallback = new VerifyPasswordCallback(str5);
                PlainSaslServer.this.handleCallbacks(nameCallback, verifyPasswordCallback);
                if (!verifyPasswordCallback.isVerified()) {
                    throw new SaslException("PLAIN password not verified by CallbackHandler");
                }
                Callback authorizeCallback = new AuthorizeCallback(str4, str3);
                PlainSaslServer.this.handleCallbacks(authorizeCallback);
                if (!authorizeCallback.isAuthorized()) {
                    throw new SaslException("PLAIN: " + str4 + " is not authorized to act as " + str3);
                }
                PlainSaslServer.this.authorizedId = authorizeCallback.getAuthorizedID();
                saslStateContext.negotiationComplete();
                return null;
            }

            private String[] split(byte[] bArr) throws SaslException {
                int i;
                String str3 = null;
                int nextNul = nextNul(bArr, 0, true);
                if (nextNul > 0) {
                    int length = length(nextNul, bArr.length, 0);
                    str3 = new String(bArr, 0, length, Charsets.UTF_8);
                    i = 0 + length + 1;
                } else {
                    i = 0 + 1;
                }
                int length2 = length(nextNul(bArr, i, true), bArr.length, i);
                String str4 = new String(bArr, i, length2, Charsets.UTF_8);
                int i2 = i + length2 + 1;
                int nextNul2 = nextNul(bArr, i2, false);
                if (nextNul2 > -1) {
                    throw new SaslException("PLAIN: Invalid message format. (Too many delimiters)");
                }
                int length3 = length(nextNul2, bArr.length, i2);
                String str5 = new String(bArr, i2, length3, Charsets.UTF_8);
                int i3 = i2 + length3 + 1;
                return str3 == null ? new String[]{str4, str5} : new String[]{str3, str4, str5};
            }

            private int nextNul(byte[] bArr, int i, boolean z) throws SaslException {
                int i2 = -1;
                for (int i3 = i; i3 < bArr.length && i2 < 0; i3++) {
                    if (bArr[i3] == 0) {
                        i2 = i3;
                    }
                }
                if (!z || i2 >= 0) {
                    return i2;
                }
                throw new SaslException("PLAIN: Invalid message format. (Missing delimiter)");
            }

            private int length(int i, int i2, int i3) {
                return i < 0 ? i2 - i3 : i - i3;
            }
        };
        getContext().setNegotiationState(this.INITIAL);
    }

    public String getAuthorizationID() {
        if (isComplete()) {
            return this.authorizedId;
        }
        throw new IllegalStateException("PLAIN server negotiation not complete");
    }
}
