package org.wildfly.security.sasl.gs2;

import java.io.IOException;
import java.util.Map;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;
import javax.security.sasl.SaslServerFactory;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;
import org.jboss.as.cli.Util;
import org.wildfly.common.Assert;
import org.wildfly.security._private.ElytronMessages;
import org.wildfly.security.auth.callback.ChannelBindingCallback;
import org.wildfly.security.sasl.WildFlySasl;

/* loaded from: input_file:org/wildfly/security/sasl/gs2/Gs2SaslServerFactory.class */
public final class Gs2SaslServerFactory implements SaslServerFactory {
    private final GSSManager gssManager;

    public Gs2SaslServerFactory(GSSManager gSSManager) {
        this.gssManager = gSSManager;
    }

    public Gs2SaslServerFactory() {
        this(GSSManager.getInstance());
    }

    public SaslServer createSaslServer(String str, String str2, String str3, Map<String, ?> map, CallbackHandler callbackHandler) throws SaslException {
        Assert.checkNotNullParam("cbh", callbackHandler);
        GSSManager gSSManager = this.gssManager;
        try {
            if (!Gs2Util.isIncluded(str, Gs2Util.getSupportedSaslNamesForMechanisms(gSSManager.getMechs()))) {
                return null;
            }
            boolean z = false;
            ChannelBindingCallback channelBindingCallback = new ChannelBindingCallback();
            try {
                callbackHandler.handle(new Callback[]{channelBindingCallback});
            } catch (SaslException e) {
                throw e;
            } catch (IOException e2) {
                throw ElytronMessages.log.mechFailedToDetermineChannelBindingStatus(e2).toSaslException();
            } catch (UnsupportedCallbackException e3) {
            }
            String bindingType = channelBindingCallback.getBindingType();
            byte[] bindingData = channelBindingCallback.getBindingData();
            boolean z2 = (bindingType == null || bindingData == null) ? false : true;
            boolean z3 = map != null && Util.TRUE.equals(map.get(WildFlySasl.CHANNEL_BINDING_REQUIRED));
            if (str.endsWith(Gs2.PLUS_SUFFIX)) {
                if (!z2) {
                    return null;
                }
                z = true;
            }
            if (z3 && !z) {
                return null;
            }
            Gs2SaslServer gs2SaslServer = new Gs2SaslServer(str, str2, str3, callbackHandler, gSSManager, z, bindingType, bindingData);
            gs2SaslServer.init();
            return gs2SaslServer;
        } catch (GSSException e4) {
            throw ElytronMessages.log.mechGettingSupportedMechanismsFailed(e4).toSaslException();
        }
    }

    public String[] getMechanismNames(Map<String, ?> map) {
        try {
            String[] supportedSaslNamesForMechanisms = Gs2Util.getSupportedSaslNamesForMechanisms(this.gssManager.getMechs());
            return (map == null || Util.TRUE.equals(map.get(WildFlySasl.MECHANISM_QUERY_ALL)) || !Util.TRUE.equals(map.get(WildFlySasl.CHANNEL_BINDING_REQUIRED))) ? supportedSaslNamesForMechanisms : Gs2Util.getPlusMechanisms(supportedSaslNamesForMechanisms);
        } catch (GSSException e) {
            return WildFlySasl.NO_NAMES;
        }
    }
}
