package org.jboss.sasl.plain;

import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.sasl.AuthorizeCallback;
import javax.security.sasl.SaslException;
import org.jboss.sasl.callback.VerifyPasswordCallback;
import org.jboss.sasl.util.AbstractSaslParticipant;
import org.jboss.sasl.util.AbstractSaslServer;
import org.jboss.sasl.util.Charsets;
import org.jboss.sasl.util.SaslState;
import org.jboss.sasl.util.SaslStateContext;

/* loaded from: input_file:org/jboss/sasl/plain/PlainSaslServer.class */
public final class PlainSaslServer extends AbstractSaslServer {
    protected String authorizedId;
    private final SaslState INITIAL;

    public PlainSaslServer(String str, String str2, CallbackHandler callbackHandler) {
        super(PlainServerFactory.PLAIN, str, str2, callbackHandler);
        this.INITIAL = new SaslState() { // from class: org.jboss.sasl.plain.PlainSaslServer.1
            private static final byte UTF8NUL = 0;
            private static final int MAX_DEPTH = 2;

            @Override // org.jboss.sasl.util.SaslState
            public byte[] evaluateMessage(SaslStateContext saslStateContext, byte[] bArr) throws SaslException {
                String str3;
                String str4;
                String str5;
                int length = bArr.length;
                if (length == 0) {
                    return AbstractSaslParticipant.NO_BYTES;
                }
                if (length > 1020) {
                    throw new SaslException("Authentication name string is too long");
                }
                String[] split = split(bArr);
                if (split.length == MAX_DEPTH) {
                    str4 = split[UTF8NUL];
                    str3 = str4;
                    str5 = split[1];
                } else {
                    if (split.length != 3) {
                        throw new SaslException("Invalid number of message parts (" + split.length + ")");
                    }
                    str3 = split[UTF8NUL];
                    str4 = split[1];
                    str5 = split[MAX_DEPTH];
                }
                if (str4.length() > 255) {
                    throw new SaslException("Authentication identity string is too long");
                }
                if (str3.length() > 255) {
                    throw new SaslException("Authorization identity string is too long");
                }
                if (str5.length() > 255) {
                    throw new SaslException("Password string is too long");
                }
                Callback nameCallback = new NameCallback("PLAIN authentication identity", str4);
                VerifyPasswordCallback verifyPasswordCallback = new VerifyPasswordCallback(str5);
                PlainSaslServer.this.handleCallbacks(nameCallback, verifyPasswordCallback);
                if (!verifyPasswordCallback.isVerified()) {
                    throw new SaslException("PLAIN password not verified by CallbackHandler");
                }
                Callback authorizeCallback = new AuthorizeCallback(str4, str3);
                PlainSaslServer.this.handleCallbacks(authorizeCallback);
                if (!authorizeCallback.isAuthorized()) {
                    throw new SaslException("PLAIN: " + str4 + " is not authorized to act as " + str3);
                }
                PlainSaslServer.this.authorizedId = authorizeCallback.getAuthorizedID();
                saslStateContext.negotiationComplete();
                return null;
            }

            private String[] split(byte[] bArr) throws SaslException {
                return split(bArr, UTF8NUL, UTF8NUL);
            }

            private String[] split(byte[] bArr, int i, int i2) throws SaslException {
                if (i2 > MAX_DEPTH) {
                    throw new SaslException("PLAIN: Invalid message format. (Too many delimiters)");
                }
                int i3 = -1;
                for (int i4 = i; i4 < bArr.length && i3 < 0; i4++) {
                    if (bArr[i4] == 0) {
                        i3 = i4;
                    }
                }
                String str3 = new String(bArr, i, i3 < 0 ? bArr.length - i : i3 - i, Charsets.UTF_8);
                String[] split = i3 < 0 ? new String[i2 + 1] : split(bArr, i3 + 1, i2 + 1);
                split[i2] = str3;
                return split;
            }
        };
        getContext().setNegotiationState(this.INITIAL);
    }

    public String getAuthorizationID() {
        if (isComplete()) {
            return this.authorizedId;
        }
        throw new IllegalStateException("PLAIN server negotiation not complete");
    }
}
