package org.apache.sshd.server.session;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import org.apache.sshd.common.NamedFactory;
import org.apache.sshd.common.Service;
import org.apache.sshd.common.ServiceFactory;
import org.apache.sshd.common.Session;
import org.apache.sshd.common.SshException;
import org.apache.sshd.common.util.Buffer;
import org.apache.sshd.common.util.CloseableUtils;
import org.apache.sshd.server.ServerFactoryManager;
import org.apache.sshd.server.UserAuth;

/* loaded from: input_file:WEB-INF/lib/sshd-core-0.12.0.redhat-003.jar:org/apache/sshd/server/session/ServerUserAuthService.class */
public class ServerUserAuthService extends CloseableUtils.AbstractCloseable implements Service {
    private final ServerSession session;
    private List<NamedFactory<UserAuth>> userAuthFactories;
    private List<List<String>> authMethods;
    private String authUserName;
    private String authMethod;
    private String authService;
    private UserAuth currentAuth;
    private int maxAuthRequests;
    private int nbAuthRequests;

    /* loaded from: input_file:WEB-INF/lib/sshd-core-0.12.0.redhat-003.jar:org/apache/sshd/server/session/ServerUserAuthService$Factory.class */
    public static class Factory implements ServiceFactory {
        @Override // org.apache.sshd.common.ServiceFactory
        public String getName() {
            return "ssh-userauth";
        }

        @Override // org.apache.sshd.common.ServiceFactory
        public Service create(Session session) throws IOException {
            return new ServerUserAuthService(session);
        }
    }

    public ServerUserAuthService(Session session) throws SshException {
        this.maxAuthRequests = 20;
        if (!(session instanceof ServerSession)) {
            throw new IllegalStateException("Server side service used on client side");
        }
        this.session = (ServerSession) session;
        if (this.session.isAuthenticated()) {
            throw new SshException("Session already authenticated");
        }
        this.maxAuthRequests = this.session.getIntProperty(ServerFactoryManager.MAX_AUTH_REQUESTS, this.maxAuthRequests);
        this.userAuthFactories = new ArrayList(getFactoryManager().getUserAuthFactories());
        this.authMethods = new ArrayList();
        String str = getFactoryManager().getProperties().get(ServerFactoryManager.AUTH_METHODS);
        if (str == null) {
            Iterator<NamedFactory<UserAuth>> it = getFactoryManager().getUserAuthFactories().iterator();
            while (it.hasNext()) {
                this.authMethods.add(new ArrayList(Collections.singletonList(it.next().getName())));
            }
        } else {
            for (String str2 : str.split("\\s")) {
                this.authMethods.add(new ArrayList(Arrays.asList(str2.split(","))));
            }
        }
        Iterator<List<String>> it2 = this.authMethods.iterator();
        while (it2.hasNext()) {
            for (String str3 : it2.next()) {
                if (NamedFactory.Utils.get(this.userAuthFactories, str3) == null) {
                    throw new SshException("Configured method is not supported: " + str3);
                }
            }
        }
        this.log.debug("Authorized authentication methods: {}", NamedFactory.Utils.getNames(this.userAuthFactories));
    }

    @Override // org.apache.sshd.common.Service
    public void start() {
    }

    @Override // org.apache.sshd.common.Service
    public ServerSession getSession() {
        return this.session;
    }

    @Override // org.apache.sshd.common.Service
    public void process(byte b, Buffer buffer) throws Exception {
        String str;
        Boolean bool = Boolean.FALSE;
        if (b == 50) {
            this.log.debug("Received SSH_MSG_USERAUTH_REQUEST");
            if (this.currentAuth != null) {
                this.currentAuth.destroy();
                this.currentAuth = null;
            }
            String string = buffer.getString();
            String string2 = buffer.getString();
            String string3 = buffer.getString();
            if (this.authUserName == null || this.authService == null) {
                this.authUserName = string;
                this.authService = string2;
            } else if (!this.authUserName.equals(string) || !this.authService.equals(string2)) {
                this.session.disconnect(2, "Change of username or service is not allowed (" + this.authUserName + ", " + this.authService + ") -> (" + string + ", " + string2 + ")");
                return;
            }
            this.authMethod = string3;
            int i = this.nbAuthRequests;
            this.nbAuthRequests = i + 1;
            if (i > this.maxAuthRequests) {
                this.session.disconnect(2, "Too many authentication failures");
                return;
            }
            this.log.debug("Authenticating user '{}' with service '{}' and method '{}'", new Object[]{string, string2, string3});
            NamedFactory namedFactory = NamedFactory.Utils.get(this.userAuthFactories, string3);
            if (namedFactory != null) {
                this.currentAuth = (UserAuth) namedFactory.create();
                try {
                    bool = this.currentAuth.auth(this.session, string, string2, buffer);
                } catch (Exception e) {
                    this.log.debug("Authentication failed: {}", e.getMessage());
                }
            }
        } else {
            if (this.currentAuth == null) {
                throw new IllegalStateException();
            }
            this.log.debug("Received authentication message {}", Byte.valueOf(b));
            buffer.rpos(buffer.rpos() - 1);
            try {
                bool = this.currentAuth.next(buffer);
            } catch (Exception e2) {
                this.log.debug("Authentication failed: {}", e2.getMessage());
            }
        }
        if (bool == null) {
            this.log.debug("Authentication not finished");
            return;
        }
        if (!bool.booleanValue()) {
            this.log.debug("Authentication failed");
            Buffer createBuffer = this.session.createBuffer((byte) 51);
            StringBuilder sb = new StringBuilder();
            for (List<String> list : this.authMethods) {
                if (!list.isEmpty() && !"none".equals(list.get(0))) {
                    if (sb.length() > 0) {
                        sb.append(",");
                    }
                    sb.append(list.get(0));
                }
            }
            createBuffer.putString(sb.toString());
            createBuffer.putByte((byte) 0);
            this.session.writePacket(createBuffer);
            if (this.currentAuth != null) {
                this.currentAuth.destroy();
                this.currentAuth = null;
                return;
            }
            return;
        }
        this.log.debug("Authentication succeeded");
        String userName = this.currentAuth.getUserName();
        boolean z = false;
        for (List<String> list2 : this.authMethods) {
            if (!list2.isEmpty() && list2.get(0).equals(this.authMethod)) {
                list2.remove(0);
                z |= list2.isEmpty();
            }
        }
        if (!z) {
            Buffer createBuffer2 = this.session.createBuffer((byte) 51);
            StringBuilder sb2 = new StringBuilder();
            for (List<String> list3 : this.authMethods) {
                if (!list3.isEmpty()) {
                    if (sb2.length() > 0) {
                        sb2.append(",");
                    }
                    sb2.append(list3.get(0));
                }
            }
            createBuffer2.putString(sb2.toString());
            createBuffer2.putByte((byte) 1);
            this.session.writePacket(createBuffer2);
        } else {
            if (getFactoryManager().getProperties() != null && (str = getFactoryManager().getProperties().get(ServerFactoryManager.MAX_CONCURRENT_SESSIONS)) != null && this.session.getActiveSessionCountForUser(userName) >= Integer.parseInt(str)) {
                this.session.disconnect(7, "Too many concurrent connections");
                return;
            }
            String str2 = getFactoryManager().getProperties().get(ServerFactoryManager.WELCOME_BANNER);
            if (str2 != null) {
                Buffer createBuffer3 = this.session.createBuffer((byte) 53);
                createBuffer3.putString(str2);
                createBuffer3.putString("en");
                this.session.writePacket(createBuffer3);
            }
            this.session.writePacket(this.session.createBuffer((byte) 52));
            this.session.setUsername(userName);
            this.session.setAuthenticated();
            this.session.startService(this.authService);
            this.session.resetIdleTimeout();
            this.log.info("Session {}@{} authenticated", userName, this.session.getIoSession().getRemoteAddress());
        }
        this.currentAuth.destroy();
        this.currentAuth = null;
    }

    private ServerFactoryManager getFactoryManager() {
        return this.session.getFactoryManager();
    }
}
