package org.wildfly.security.sasl.oauth2;

import javax.security.auth.callback.CallbackHandler;
import javax.security.sasl.SaslException;
import org.wildfly.common.Assert;
import org.wildfly.security._private.ElytronMessages;
import org.wildfly.security.mechanism.AuthenticationMechanismException;
import org.wildfly.security.mechanism.oauth2.OAuth2Server;
import org.wildfly.security.sasl.util.AbstractSaslServer;

/* loaded from: input_file:org/wildfly/security/sasl/oauth2/OAuth2SaslServer.class */
final class OAuth2SaslServer extends AbstractSaslServer {
    private static final int S_FIRST_MESSAGE = 1;
    private static final int S_IN_ERROR = 2;
    private OAuth2Server oAuth2Server;

    /* JADX INFO: Access modifiers changed from: package-private */
    public OAuth2SaslServer(String str, String str2, String str3, CallbackHandler callbackHandler, OAuth2Server oAuth2Server) {
        super(str, str2, str3, callbackHandler, ElytronMessages.saslOAuth2);
        this.oAuth2Server = oAuth2Server;
        setNegotiationState(1);
    }

    public String getAuthorizationID() {
        return null;
    }

    @Override // org.wildfly.security.sasl.util.AbstractSaslParticipant
    protected byte[] evaluateMessage(int i, byte[] bArr) throws SaslException {
        boolean z;
        try {
            try {
                switch (i) {
                    case -1:
                        throw ElytronMessages.saslOAuth2.mechAuthenticationFailed().toSaslException();
                    case 0:
                        if (bArr != null && bArr.length != 0) {
                            throw ElytronMessages.saslOAuth2.mechClientSentExtraMessage().toSaslException();
                        }
                        if (1 == 0) {
                            setNegotiationState(-1);
                        }
                        return null;
                    case 1:
                        if (bArr == null || bArr.length == 0) {
                            throw ElytronMessages.saslOAuth2.mechClientRefusesToInitiateAuthentication().toSaslException();
                        }
                        byte[] evaluateInitialResponse = this.oAuth2Server.evaluateInitialResponse(this.oAuth2Server.parseInitialClientMessage(bArr));
                        if (evaluateInitialResponse.length == 0) {
                            z = true;
                            setNegotiationState(0);
                        } else {
                            z = true;
                            setNegotiationState(2);
                        }
                        if (!z) {
                            setNegotiationState(-1);
                        }
                        return evaluateInitialResponse;
                    case 2:
                        throw ElytronMessages.saslOAuth2.mechAuthenticationFailed().toSaslException();
                    default:
                        throw Assert.impossibleSwitchCase(i);
                }
            } catch (AuthenticationMechanismException e) {
                throw e.toSaslException();
            }
        } catch (Throwable th) {
            if (0 == 0) {
                setNegotiationState(-1);
            }
            throw th;
        }
    }

    @Override // org.wildfly.security.sasl.util.AbstractSaslParticipant
    public void dispose() throws SaslException {
        setNegotiationState(-1);
    }
}
