package org.wildfly.security.sasl.external;

import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.text.Normalizer;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.sasl.AuthorizeCallback;
import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;
import org.wildfly.common.array.Arrays2;
import org.wildfly.security.mechanism._private.ElytronMessages;

/* loaded from: input_file:WEB-INF/lib/wildfly-elytron-1.15.16.Final.jar:org/wildfly/security/sasl/external/ExternalSaslServer.class */
final class ExternalSaslServer implements SaslServer {
    private final CallbackHandler cbh;
    private boolean complete;
    private String authorizationID;

    /* JADX INFO: Access modifiers changed from: package-private */
    public ExternalSaslServer(CallbackHandler callbackHandler) {
        this.cbh = callbackHandler;
    }

    public String getMechanismName() {
        return "EXTERNAL";
    }

    public byte[] evaluateResponse(byte[] bArr) throws SaslException {
        String normalize;
        if (this.complete) {
            throw ElytronMessages.saslExternal.mechMessageAfterComplete().toSaslException();
        }
        this.complete = true;
        if (bArr.length == 0) {
            normalize = null;
        } else {
            normalize = Normalizer.normalize(new String(bArr, StandardCharsets.UTF_8), Normalizer.Form.NFKC);
            if (normalize.indexOf(0) != -1) {
                throw ElytronMessages.saslExternal.mechUserNameContainsInvalidCharacter().toSaslException();
            }
        }
        AuthorizeCallback authorizeCallback = new AuthorizeCallback((String) null, normalize);
        try {
            this.cbh.handle((Callback[]) Arrays2.of(authorizeCallback));
            if (!authorizeCallback.isAuthorized()) {
                throw ElytronMessages.saslExternal.mechAuthorizationFailed(null, normalize).toSaslException();
            }
            this.authorizationID = authorizeCallback.getAuthorizedID();
            return null;
        } catch (UnsupportedCallbackException e) {
            throw ElytronMessages.saslExternal.mechAuthorizationFailed(e).toSaslException();
        } catch (SaslException e2) {
            throw e2;
        } catch (IOException e3) {
            throw ElytronMessages.saslExternal.mechAuthorizationFailed(e3).toSaslException();
        }
    }

    public boolean isComplete() {
        return this.complete;
    }

    public String getAuthorizationID() {
        if (this.complete) {
            return this.authorizationID;
        }
        throw ElytronMessages.saslExternal.mechAuthenticationNotComplete();
    }

    public byte[] unwrap(byte[] bArr, int i, int i2) throws SaslException {
        if (this.complete) {
            throw ElytronMessages.saslExternal.mechNoSecurityLayer();
        }
        throw ElytronMessages.saslExternal.mechAuthenticationNotComplete();
    }

    public byte[] wrap(byte[] bArr, int i, int i2) throws SaslException {
        if (this.complete) {
            throw ElytronMessages.saslExternal.mechNoSecurityLayer();
        }
        throw ElytronMessages.saslExternal.mechAuthenticationNotComplete();
    }

    public Object getNegotiatedProperty(String str) {
        if (this.complete) {
            return null;
        }
        throw ElytronMessages.saslExternal.mechAuthenticationNotComplete();
    }

    public void dispose() throws SaslException {
    }
}
