package org.wildfly.security.sasl.plain;

import java.io.IOException;
import java.util.NoSuchElementException;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.sasl.AuthorizeCallback;
import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;
import org.wildfly.security._private.ElytronMessages;
import org.wildfly.security.sasl.callback.VerifyPasswordCallback;
import org.wildfly.security.sasl.util.SaslWrapper;
import org.wildfly.security.util.CodePointIterator;

/* loaded from: input_file:org/wildfly/security/sasl/plain/PlainSaslServer.class */
final class PlainSaslServer implements SaslServer, SaslWrapper {
    private final CallbackHandler callbackHandler;
    private boolean complete;
    private String authorizedId;

    public PlainSaslServer(CallbackHandler callbackHandler) {
        this.callbackHandler = callbackHandler;
    }

    public String getAuthorizationID() {
        if (isComplete()) {
            return this.authorizedId;
        }
        throw ElytronMessages.log.saslAuthenticationNotComplete();
    }

    public String getMechanismName() {
        return "PLAIN";
    }

    public boolean isComplete() {
        return this.complete;
    }

    public byte[] evaluateResponse(byte[] bArr) throws SaslException {
        if (this.complete) {
            throw ElytronMessages.log.saslMessageAfterComplete();
        }
        this.complete = true;
        if (bArr.length >= 65536) {
            throw ElytronMessages.log.saslMessageTooLong();
        }
        CodePointIterator ofUtf8Bytes = CodePointIterator.ofUtf8Bytes(bArr);
        try {
            CodePointIterator delimitedBy = ofUtf8Bytes.delimitedBy(0);
            String drainToString = delimitedBy.hasNext() ? delimitedBy.drainToString() : null;
            ofUtf8Bytes.next();
            String drainToString2 = delimitedBy.drainToString();
            ofUtf8Bytes.next();
            String drainToString3 = delimitedBy.drainToString();
            if (drainToString == null) {
                drainToString = drainToString2;
            }
            Callback nameCallback = new NameCallback("PLAIN authentication identity", drainToString2);
            VerifyPasswordCallback verifyPasswordCallback = new VerifyPasswordCallback(drainToString3);
            try {
                this.callbackHandler.handle(new Callback[]{nameCallback, verifyPasswordCallback});
                if (!verifyPasswordCallback.isVerified()) {
                    throw ElytronMessages.log.saslPasswordNotVerified();
                }
                Callback authorizeCallback = new AuthorizeCallback(drainToString2, drainToString);
                try {
                    this.callbackHandler.handle(new Callback[]{authorizeCallback});
                    if (!authorizeCallback.isAuthorized()) {
                        throw ElytronMessages.log.saslAuthorizationFailed(drainToString2, drainToString);
                    }
                    this.authorizedId = authorizeCallback.getAuthorizedID();
                    return null;
                } catch (IOException | UnsupportedCallbackException e) {
                    throw ElytronMessages.log.saslServerSideAuthenticationFailed(e);
                } catch (SaslException e2) {
                    throw e2;
                }
            } catch (SaslException e3) {
                throw e3;
            } catch (IOException | UnsupportedCallbackException e4) {
                throw ElytronMessages.log.saslServerSideAuthenticationFailed(e4);
            }
        } catch (NoSuchElementException e5) {
            throw ElytronMessages.log.saslInvalidMessageReceived();
        }
    }

    @Override // org.wildfly.security.sasl.util.SaslWrapper
    public byte[] unwrap(byte[] bArr, int i, int i2) throws SaslException {
        if (this.complete) {
            throw ElytronMessages.log.saslAuthenticationNotComplete();
        }
        throw ElytronMessages.log.saslNoSecurityLayer();
    }

    @Override // org.wildfly.security.sasl.util.SaslWrapper
    public byte[] wrap(byte[] bArr, int i, int i2) throws SaslException {
        if (this.complete) {
            throw ElytronMessages.log.saslAuthenticationNotComplete();
        }
        throw ElytronMessages.log.saslNoSecurityLayer();
    }

    public Object getNegotiatedProperty(String str) {
        return null;
    }

    public void dispose() throws SaslException {
    }
}
