package org.jboss.iiop.csiv2;

import java.io.UnsupportedEncodingException;
import org.jboss.logging.Logger;
import org.jboss.security.RunAsIdentity;
import org.jboss.security.SecurityAssociation;
import org.omg.CORBA.Any;
import org.omg.CORBA.BAD_PARAM;
import org.omg.CORBA.CompletionStatus;
import org.omg.CORBA.LocalObject;
import org.omg.CORBA.MARSHAL;
import org.omg.CORBA.NO_PERMISSION;
import org.omg.CORBA.ORB;
import org.omg.CSI.AuthorizationElement;
import org.omg.CSI.EstablishContext;
import org.omg.CSI.GSS_NT_ExportedNameHelper;
import org.omg.CSI.IdentityToken;
import org.omg.CSI.SASContextBody;
import org.omg.CSI.SASContextBodyHelper;
import org.omg.CSIIOP.CompoundSecMech;
import org.omg.CSIIOP.CompoundSecMechListHelper;
import org.omg.GSSUP.InitialContextToken;
import org.omg.IOP.Codec;
import org.omg.IOP.CodecPackage.FormatMismatch;
import org.omg.IOP.CodecPackage.InvalidTypeForEncoding;
import org.omg.IOP.CodecPackage.TypeMismatch;
import org.omg.IOP.ServiceContext;
import org.omg.PortableInterceptor.ClientRequestInfo;
import org.omg.PortableInterceptor.ClientRequestInterceptor;

/* loaded from: input_file:org/jboss/iiop/csiv2/SASClientIdentityInterceptor.class */
public class SASClientIdentityInterceptor extends LocalObject implements ClientRequestInterceptor {
    private static final int sasContextId = 15;
    private static final AuthorizationElement[] noAuthorizationToken;
    private static final byte[] noAuthenticationToken;
    private Codec codec;
    private static final String serverUsername = "j2ee";
    private static final String serverPassword = "j2ee";
    private static final Logger log = Logger.getLogger((Class<?>) SASClientIdentityInterceptor.class);
    private static final boolean traceEnabled = log.isTraceEnabled();
    private static final IdentityToken absentIdentityToken = new IdentityToken();

    public SASClientIdentityInterceptor(Codec codec) {
        this.codec = codec;
    }

    @Override // org.omg.PortableInterceptor.InterceptorOperations
    public String name() {
        return "SASClientIdentityInterceptor";
    }

    @Override // org.omg.PortableInterceptor.InterceptorOperations
    public void destroy() {
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v50, types: [java.security.Principal] */
    @Override // org.omg.PortableInterceptor.ClientRequestInterceptorOperations
    public void send_request(ClientRequestInfo clientRequestInfo) {
        String str;
        try {
            CompoundSecMech matchingSecurityMech = CSIv2Util.getMatchingSecurityMech(clientRequestInfo, this.codec, (short) 1088, (short) 0);
            if (matchingSecurityMech == null) {
                return;
            }
            if (traceEnabled) {
                StringBuffer stringBuffer = new StringBuffer();
                CSIv2Util.toString(matchingSecurityMech, stringBuffer);
                log.trace(stringBuffer);
            }
            IdentityToken identityToken = absentIdentityToken;
            byte[] bArr = noAuthenticationToken;
            if ((matchingSecurityMech.sas_context_mech.target_supports & 1024) != 0) {
                RunAsIdentity peekRunAsIdentity = SecurityAssociation.peekRunAsIdentity();
                RunAsIdentity principal = peekRunAsIdentity != null ? peekRunAsIdentity : SecurityAssociation.getPrincipal();
                if (principal != null) {
                    String name = principal.getName();
                    if (name.indexOf(64) < 0) {
                        name = name + "@default";
                    }
                    byte[] encodeGssExportedName = CSIv2Util.encodeGssExportedName(name.getBytes("UTF-8"));
                    Any create_any = ORB.init().create_any();
                    GSS_NT_ExportedNameHelper.insert(create_any, encodeGssExportedName);
                    try {
                        byte[] encode_value = this.codec.encode_value(create_any);
                        identityToken = new IdentityToken();
                        identityToken.principal_name(encode_value);
                    } catch (InvalidTypeForEncoding e) {
                        throw new RuntimeException("Unexpected exception: " + e);
                    }
                } else if ((matchingSecurityMech.sas_context_mech.supported_identity_types & 1) != 0) {
                    identityToken = new IdentityToken();
                    identityToken.anonymous(true);
                }
            }
            if ((matchingSecurityMech.as_context_mech.target_requires & 64) != 0) {
                byte[] bArr2 = matchingSecurityMech.as_context_mech.target_name;
                str = "j2ee";
                bArr = CSIv2Util.encodeInitialContextToken(new InitialContextToken((str.indexOf(64) < 0 ? str + "@" + new String(CSIv2Util.decodeGssExportedName(bArr2), "UTF-8") : "j2ee").getBytes("UTF-8"), "j2ee".getBytes("UTF-8"), bArr2), this.codec);
            }
            if (identityToken != absentIdentityToken || bArr != noAuthenticationToken) {
                EstablishContext establishContext = new EstablishContext(0L, noAuthorizationToken, identityToken, bArr);
                SASContextBody sASContextBody = new SASContextBody();
                sASContextBody.establish_msg(establishContext);
                Any create_any2 = ORB.init().create_any();
                SASContextBodyHelper.insert(create_any2, sASContextBody);
                clientRequestInfo.add_request_service_context(new ServiceContext(15, this.codec.encode_value(create_any2)), true);
            }
        } catch (UnsupportedEncodingException e2) {
            throw new MARSHAL("Unexpected exception: " + e2);
        } catch (InvalidTypeForEncoding e3) {
            throw new MARSHAL("Unexpected exception: " + e3);
        }
    }

    @Override // org.omg.PortableInterceptor.ClientRequestInterceptorOperations
    public void send_poll(ClientRequestInfo clientRequestInfo) {
    }

    @Override // org.omg.PortableInterceptor.ClientRequestInterceptorOperations
    public void receive_reply(ClientRequestInfo clientRequestInfo) {
        try {
            SASContextBody extract = SASContextBodyHelper.extract(this.codec.decode_value(clientRequestInfo.get_reply_service_context(15).context_data, SASContextBodyHelper.type()));
            if (traceEnabled) {
                log.trace("receive_reply: got SAS reply, type " + ((int) extract.discriminator()));
            }
            if (extract.discriminator() == 4) {
                log.warn("Unexpected ContextError in SAS reply");
                throw new NO_PERMISSION("Unexpected ContextError in SAS reply", 1245904897, CompletionStatus.COMPLETED_YES);
            }
        } catch (BAD_PARAM e) {
        } catch (FormatMismatch e2) {
            throw new MARSHAL("Could not parse SAS reply: " + e2, 0, CompletionStatus.COMPLETED_YES);
        } catch (TypeMismatch e3) {
            throw new MARSHAL("Could not parse SAS reply: " + e3, 0, CompletionStatus.COMPLETED_YES);
        }
    }

    @Override // org.omg.PortableInterceptor.ClientRequestInterceptorOperations
    public void receive_exception(ClientRequestInfo clientRequestInfo) {
        try {
            SASContextBody extract = SASContextBodyHelper.extract(this.codec.decode_value(clientRequestInfo.get_reply_service_context(15).context_data, SASContextBodyHelper.type()));
            if (traceEnabled) {
                log.trace("receive_exceptpion: got SAS reply, type " + ((int) extract.discriminator()));
            }
        } catch (BAD_PARAM e) {
        } catch (FormatMismatch e2) {
            throw new MARSHAL("Could not parse SAS reply: " + e2, 1245904897, CompletionStatus.COMPLETED_MAYBE);
        } catch (TypeMismatch e3) {
            throw new MARSHAL("Could not parse SAS reply: " + e3, 1245904897, CompletionStatus.COMPLETED_MAYBE);
        }
    }

    @Override // org.omg.PortableInterceptor.ClientRequestInterceptorOperations
    public void receive_other(ClientRequestInfo clientRequestInfo) {
    }

    CompoundSecMech getSecurityMech(ClientRequestInfo clientRequestInfo) {
        CompoundSecMech compoundSecMech = null;
        try {
            compoundSecMech = CompoundSecMechListHelper.extract(this.codec.decode_value(clientRequestInfo.get_effective_component(33).component_data, CompoundSecMechListHelper.type())).mechanism_list[0];
        } catch (BAD_PARAM e) {
        } catch (FormatMismatch e2) {
        } catch (TypeMismatch e3) {
        }
        return compoundSecMech;
    }

    static {
        absentIdentityToken.absent(true);
        noAuthorizationToken = new AuthorizationElement[0];
        noAuthenticationToken = new byte[0];
    }
}
