package org.teiid.gss;

import java.security.PrivilegedAction;
import java.util.Properties;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;
import org.ietf.jgss.Oid;
import org.teiid.client.security.ILogon;
import org.teiid.client.security.LogonResult;
import org.teiid.jdbc.JDBCPlugin;
import org.teiid.jdbc.TeiidSQLException;

/* compiled from: MakeGSS.java */
/* loaded from: input_file:org/teiid/gss/GssAction.class */
class GssAction implements PrivilegedAction {
    private static Logger logger = Logger.getLogger(JDBCPlugin.PLUGIN_ID);
    private final ILogon logon;
    private final String kerberosPrincipalName;
    private Properties props;

    public GssAction(ILogon iLogon, String str, Properties properties) {
        this.logon = iLogon;
        this.kerberosPrincipalName = str;
        this.props = properties;
    }

    @Override // java.security.PrivilegedAction
    public Object run() {
        try {
            Oid[] oidArr = {new Oid("1.2.840.113554.1.2.2")};
            GSSManager gSSManager = GSSManager.getInstance();
            GSSContext createContext = gSSManager.createContext(gSSManager.createName(this.kerberosPrincipalName, new Oid("1.2.840.113554.1.2.2.1")), oidArr[0], (GSSCredential) null, 0);
            createContext.requestMutualAuth(true);
            createContext.requestConf(true);
            createContext.requestInteg(true);
            createContext.requestCredDeleg(true);
            byte[] bArr = new byte[0];
            boolean z = false;
            LogonResult logonResult = null;
            while (!z) {
                byte[] initSecContext = createContext.initSecContext(bArr, 0, bArr.length);
                if (initSecContext != null) {
                    if (logger.isLoggable(Level.FINE)) {
                        logger.fine("Sending Service Token to Server (GSS Authentication Token)");
                    }
                    logonResult = this.logon.neogitiateGssLogin(this.props, initSecContext, true);
                    bArr = (byte[]) logonResult.getProperty(ILogon.KRB5TOKEN);
                }
                if (createContext.isEstablished()) {
                    z = true;
                    if (logger.isLoggable(Level.FINE)) {
                        logger.fine("Authentication GSS Established");
                    }
                } else if (logger.isLoggable(Level.FINE)) {
                    logger.fine("Authentication GSS Continue");
                }
            }
            return logonResult;
        } catch (GSSException e) {
            return TeiidSQLException.create(e, JDBCPlugin.Util.gs(JDBCPlugin.Event.TEIID20005, new Object[0]));
        } catch (Exception e2) {
            return e2;
        }
    }
}
