package org.apache.qpid.jms.sasl;

import java.io.IOException;
import java.security.Principal;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.HashMap;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginContext;
import javax.security.sasl.Sasl;
import javax.security.sasl.SaslClient;
import javax.security.sasl.SaslException;
import org.apache.qpid.jms.provider.amqp.AmqpProviderFactory;
import org.apache.qpid.jms.sasl.Mechanism;
import org.apache.qpid.jms.util.PropertyUtil;

/* loaded from: input_file:BOOT-INF/lib/qpid-jms-client-0.42.0.redhat-00002.jar:org/apache/qpid/jms/sasl/GssapiMechanism.class */
public class GssapiMechanism extends AbstractMechanism {
    public static final String NAME = "GSSAPI";
    private Subject subject;
    private SaslClient saslClient;
    private String protocol = AmqpProviderFactory.DEFAULT_PROVIDER_SCHEME;
    private String serverName = null;
    private String configScope = "amqp-jms-client";

    /* loaded from: input_file:BOOT-INF/lib/qpid-jms-client-0.42.0.redhat-00002.jar:org/apache/qpid/jms/sasl/GssapiMechanism$CredentialCallbackHandler.class */
    private class CredentialCallbackHandler implements CallbackHandler {
        private CredentialCallbackHandler() {
        }

        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
            for (Callback callback : callbackArr) {
                if (callback instanceof NameCallback) {
                    ((NameCallback) callback).setName(GssapiMechanism.this.getUsername());
                } else {
                    if (!(callback instanceof PasswordCallback)) {
                        throw new UnsupportedCallbackException(callback);
                    }
                    String password = GssapiMechanism.this.getPassword();
                    if (password != null) {
                        ((PasswordCallback) callback).setPassword(password.toCharArray());
                    }
                }
            }
        }
    }

    @Override // org.apache.qpid.jms.sasl.Mechanism
    public int getPriority() {
        return Mechanism.PRIORITY.LOW.getValue();
    }

    @Override // org.apache.qpid.jms.sasl.Mechanism
    public String getName() {
        return NAME;
    }

    @Override // org.apache.qpid.jms.sasl.AbstractMechanism, org.apache.qpid.jms.sasl.Mechanism
    public boolean isEnabledByDefault() {
        return false;
    }

    @Override // org.apache.qpid.jms.sasl.AbstractMechanism, org.apache.qpid.jms.sasl.Mechanism
    public void init(Map<String, String> map) {
        PropertyUtil.setProperties(this, map);
    }

    @Override // org.apache.qpid.jms.sasl.Mechanism
    public byte[] getInitialResponse() throws SaslException {
        try {
            LoginContext loginContext = new LoginContext(this.configScope, new CredentialCallbackHandler());
            loginContext.login();
            this.subject = loginContext.getSubject();
            return (byte[]) Subject.doAs(this.subject, new PrivilegedExceptionAction<byte[]>() { // from class: org.apache.qpid.jms.sasl.GssapiMechanism.1
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public byte[] run() throws Exception {
                    HashMap hashMap = new HashMap();
                    hashMap.put("javax.security.sasl.server.authentication", "true");
                    GssapiMechanism.this.saslClient = Sasl.createSaslClient(new String[]{GssapiMechanism.NAME}, (String) null, GssapiMechanism.this.protocol, GssapiMechanism.this.serverName, hashMap, (CallbackHandler) null);
                    if (GssapiMechanism.this.saslClient.hasInitialResponse()) {
                        return GssapiMechanism.this.saslClient.evaluateChallenge(new byte[0]);
                    }
                    return null;
                }
            });
        } catch (Exception e) {
            throw new SaslException(e.toString(), e);
        }
    }

    @Override // org.apache.qpid.jms.sasl.Mechanism
    public byte[] getChallengeResponse(final byte[] bArr) throws SaslException {
        try {
            return (byte[]) Subject.doAs(this.subject, new PrivilegedExceptionAction<byte[]>() { // from class: org.apache.qpid.jms.sasl.GssapiMechanism.2
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public byte[] run() throws Exception {
                    return GssapiMechanism.this.saslClient.evaluateChallenge(bArr);
                }
            });
        } catch (PrivilegedActionException e) {
            throw new SaslException(e.toString(), e);
        }
    }

    @Override // org.apache.qpid.jms.sasl.AbstractMechanism, org.apache.qpid.jms.sasl.Mechanism
    public void verifyCompletion() throws SaslException {
        boolean isComplete = this.saslClient.isComplete();
        this.saslClient.dispose();
        if (!isComplete) {
            throw new SaslException("not complete");
        }
    }

    @Override // org.apache.qpid.jms.sasl.Mechanism
    public boolean isApplicable(String str, String str2, Principal principal) {
        return true;
    }

    public String getProtocol() {
        return this.protocol;
    }

    public void setProtocol(String str) {
        this.protocol = str;
    }

    public String getServerName() {
        return this.serverName;
    }

    public void setServerName(String str) {
        this.serverName = str;
    }

    public String getConfigScope() {
        return this.configScope;
    }

    public void setConfigScope(String str) {
        this.configScope = str;
    }
}
