package org.wildfly.iiop.openjdk.csiv2;

import java.nio.charset.StandardCharsets;
import java.security.Principal;
import org.omg.CORBA.Any;
import org.omg.CORBA.BAD_PARAM;
import org.omg.CORBA.CompletionStatus;
import org.omg.CORBA.LocalObject;
import org.omg.CORBA.ORB;
import org.omg.CSI.AuthorizationElement;
import org.omg.CSI.EstablishContext;
import org.omg.CSI.GSS_NT_ExportedNameHelper;
import org.omg.CSI.IdentityToken;
import org.omg.CSI.SASContextBody;
import org.omg.CSI.SASContextBodyHelper;
import org.omg.CSIIOP.CompoundSecMech;
import org.omg.GSSUP.InitialContextToken;
import org.omg.IOP.Codec;
import org.omg.IOP.CodecPackage.FormatMismatch;
import org.omg.IOP.CodecPackage.InvalidTypeForEncoding;
import org.omg.IOP.CodecPackage.TypeMismatch;
import org.omg.IOP.ServiceContext;
import org.omg.PortableInterceptor.ClientRequestInfo;
import org.omg.PortableInterceptor.ClientRequestInterceptor;
import org.wildfly.iiop.openjdk.logging.IIOPLogger;

/* loaded from: input_file:org/wildfly/iiop/openjdk/csiv2/SASClientIdentityInterceptor.class */
public class SASClientIdentityInterceptor extends LocalObject implements ClientRequestInterceptor {
    private static final int sasContextId = 15;
    private static final IdentityToken absentIdentityToken = new IdentityToken();
    private static final AuthorizationElement[] noAuthorizationToken;
    private static final byte[] noAuthenticationToken;
    private Codec codec;
    private static final String serverUsername = "j2ee";
    private static final String serverPassword = "j2ee";

    public SASClientIdentityInterceptor(Codec codec) {
        this.codec = codec;
    }

    public void destroy() {
    }

    public String name() {
        return "SASClientIdentityInterceptor";
    }

    public void send_request(ClientRequestInfo clientRequestInfo) {
        String str;
        try {
            CompoundSecMech matchingSecurityMech = CSIv2Util.getMatchingSecurityMech(clientRequestInfo, this.codec, (short) 1088, (short) 0);
            if (matchingSecurityMech == null) {
                return;
            }
            if (IIOPLogger.ROOT_LOGGER.isTraceEnabled()) {
                StringBuilder sb = new StringBuilder();
                CSIv2Util.toString(matchingSecurityMech, sb);
                IIOPLogger.ROOT_LOGGER.trace(sb);
            }
            IdentityToken identityToken = absentIdentityToken;
            byte[] bArr = noAuthenticationToken;
            if ((matchingSecurityMech.sas_context_mech.target_supports & 1024) != 0) {
                Principal peekRunAsIdentity = SecurityActions.peekRunAsIdentity();
                Principal principal = peekRunAsIdentity != null ? peekRunAsIdentity : SecurityActions.getPrincipal();
                if (principal != null) {
                    String name = principal.getName();
                    if (name.indexOf(64) < 0) {
                        name = name + "@default";
                    }
                    byte[] encodeGssExportedName = CSIv2Util.encodeGssExportedName(name.getBytes(StandardCharsets.UTF_8));
                    Any create_any = ORB.init().create_any();
                    GSS_NT_ExportedNameHelper.insert(create_any, encodeGssExportedName);
                    try {
                        byte[] encode_value = this.codec.encode_value(create_any);
                        identityToken = new IdentityToken();
                        identityToken.principal_name(encode_value);
                    } catch (InvalidTypeForEncoding e) {
                        throw IIOPLogger.ROOT_LOGGER.unexpectedException(e);
                    }
                } else if ((matchingSecurityMech.sas_context_mech.supported_identity_types & 1) != 0) {
                    identityToken = new IdentityToken();
                    identityToken.anonymous(true);
                }
            }
            if ((matchingSecurityMech.as_context_mech.target_requires & 64) != 0) {
                byte[] bArr2 = matchingSecurityMech.as_context_mech.target_name;
                str = "j2ee";
                bArr = CSIv2Util.encodeInitialContextToken(new InitialContextToken((str.indexOf(64) < 0 ? str + "@" + new String(CSIv2Util.decodeGssExportedName(bArr2), StandardCharsets.UTF_8) : "j2ee").getBytes(StandardCharsets.UTF_8), "j2ee".getBytes(StandardCharsets.UTF_8), bArr2), this.codec);
            }
            if (identityToken != absentIdentityToken || bArr != noAuthenticationToken) {
                EstablishContext establishContext = new EstablishContext(0L, noAuthorizationToken, identityToken, bArr);
                SASContextBody sASContextBody = new SASContextBody();
                sASContextBody.establish_msg(establishContext);
                Any create_any2 = ORB.init().create_any();
                SASContextBodyHelper.insert(create_any2, sASContextBody);
                clientRequestInfo.add_request_service_context(new ServiceContext(sasContextId, this.codec.encode_value(create_any2)), true);
            }
        } catch (InvalidTypeForEncoding e2) {
            throw IIOPLogger.ROOT_LOGGER.unexpectedException(e2);
        }
    }

    public void send_poll(ClientRequestInfo clientRequestInfo) {
    }

    public void receive_reply(ClientRequestInfo clientRequestInfo) {
        try {
            SASContextBody extract = SASContextBodyHelper.extract(this.codec.decode_value(clientRequestInfo.get_reply_service_context(sasContextId).context_data, SASContextBodyHelper.type()));
            IIOPLogger.ROOT_LOGGER.tracef("receive_reply: got SAS reply, type %d", extract.discriminator());
            if (extract.discriminator() == 4) {
                throw IIOPLogger.ROOT_LOGGER.unexpectedContextErrorInSASReply(0, CompletionStatus.COMPLETED_YES);
            }
        } catch (FormatMismatch e) {
            throw IIOPLogger.ROOT_LOGGER.errorParsingSASReply(e, 0, CompletionStatus.COMPLETED_YES);
        } catch (TypeMismatch e2) {
            throw IIOPLogger.ROOT_LOGGER.errorParsingSASReply(e2, 0, CompletionStatus.COMPLETED_YES);
        } catch (BAD_PARAM e3) {
        }
    }

    public void receive_exception(ClientRequestInfo clientRequestInfo) {
        try {
            IIOPLogger.ROOT_LOGGER.tracef("receive_exception: got SAS reply, type %d", SASContextBodyHelper.extract(this.codec.decode_value(clientRequestInfo.get_reply_service_context(sasContextId).context_data, SASContextBodyHelper.type())).discriminator());
        } catch (TypeMismatch e) {
            throw IIOPLogger.ROOT_LOGGER.errorParsingSASReply(e, 0, CompletionStatus.COMPLETED_MAYBE);
        } catch (FormatMismatch e2) {
            throw IIOPLogger.ROOT_LOGGER.errorParsingSASReply(e2, 0, CompletionStatus.COMPLETED_MAYBE);
        } catch (BAD_PARAM e3) {
        }
    }

    public void receive_other(ClientRequestInfo clientRequestInfo) {
    }

    static {
        absentIdentityToken.absent(true);
        noAuthorizationToken = new AuthorizationElement[0];
        noAuthenticationToken = new byte[0];
    }
}
