package org.wildfly.security.sasl.test;

import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.util.Arrays;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.sasl.AuthorizeCallback;
import javax.security.sasl.RealmCallback;
import javax.security.sasl.SaslException;
import org.junit.Assert;
import org.wildfly.security.auth.callback.AnonymousAuthorizationCallback;
import org.wildfly.security.auth.callback.ChannelBindingCallback;
import org.wildfly.security.auth.callback.CredentialCallback;
import org.wildfly.security.auth.callback.EvidenceVerifyCallback;
import org.wildfly.security.auth.callback.FastUnsupportedCallbackException;
import org.wildfly.security.credential.PasswordCredential;
import org.wildfly.security.evidence.PasswordGuessEvidence;
import org.wildfly.security.password.Password;
import org.wildfly.security.password.PasswordFactory;

@Deprecated
/* loaded from: input_file:org/wildfly/security/sasl/test/ServerCallbackHandler.class */
public class ServerCallbackHandler implements CallbackHandler {
    private final String expectedUsername;
    private final char[] expectedPassword;
    private final String expectedAuthzid;
    private final KeySpec keySpec;
    private final String algorithm;
    private String bindingType;
    private byte[] bindingData;

    public ServerCallbackHandler(String str, char[] cArr) {
        this.bindingType = null;
        this.bindingData = null;
        this.expectedUsername = str;
        this.expectedPassword = cArr;
        this.expectedAuthzid = null;
        this.keySpec = null;
        this.algorithm = null;
    }

    public ServerCallbackHandler(String str, String str2, KeySpec keySpec) {
        this.bindingType = null;
        this.bindingData = null;
        this.expectedUsername = str;
        this.algorithm = str2;
        this.keySpec = keySpec;
        this.expectedAuthzid = null;
        this.expectedPassword = null;
    }

    public ServerCallbackHandler(String str, String str2, KeySpec keySpec, String str3) {
        this.bindingType = null;
        this.bindingData = null;
        this.expectedUsername = str;
        this.algorithm = str2;
        this.keySpec = keySpec;
        this.expectedAuthzid = str3;
        this.expectedPassword = null;
    }

    public void setBinding(String str, byte[] bArr) {
        this.bindingType = str;
        this.bindingData = bArr;
    }

    @Override // javax.security.auth.callback.CallbackHandler
    public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
        for (Callback callback : callbackArr) {
            if (callback instanceof NameCallback) {
                String defaultName = ((NameCallback) callback).getDefaultName();
                if (defaultName == null || !defaultName.equals(this.expectedUsername)) {
                    throw new SaslException("Invalid username received (expected \"" + this.expectedUsername + "\", received \"" + defaultName + "\"");
                }
            } else if ((callback instanceof EvidenceVerifyCallback) && this.expectedPassword != null) {
                EvidenceVerifyCallback evidenceVerifyCallback = (EvidenceVerifyCallback) callback;
                evidenceVerifyCallback.setVerified(Arrays.equals(this.expectedPassword, (char[]) evidenceVerifyCallback.applyToEvidence(PasswordGuessEvidence.class, (v0) -> {
                    return v0.getGuess();
                })));
            } else if ((callback instanceof PasswordCallback) && this.expectedPassword != null) {
                ((PasswordCallback) callback).setPassword(this.expectedPassword);
            } else if (callback instanceof AnonymousAuthorizationCallback) {
                ((AnonymousAuthorizationCallback) callback).setAuthorized(true);
            } else if (callback instanceof AuthorizeCallback) {
                AuthorizeCallback authorizeCallback = (AuthorizeCallback) callback;
                Assert.assertEquals(this.expectedUsername, authorizeCallback.getAuthenticationID());
                if (this.expectedAuthzid != null) {
                    authorizeCallback.setAuthorized(this.expectedAuthzid.equals(authorizeCallback.getAuthorizationID()));
                } else {
                    authorizeCallback.setAuthorized(this.expectedUsername.equals(authorizeCallback.getAuthorizationID()));
                }
            } else if (callback instanceof RealmCallback) {
                continue;
            } else if (!(callback instanceof CredentialCallback) || this.algorithm == null || this.keySpec == null) {
                if (!(callback instanceof ChannelBindingCallback) || this.bindingType == null) {
                    throw new UnsupportedCallbackException(callback, callback.getClass().getSimpleName() + " not supported.");
                }
                ChannelBindingCallback channelBindingCallback = (ChannelBindingCallback) callback;
                channelBindingCallback.setBindingType(this.bindingType);
                channelBindingCallback.setBindingData(this.bindingData);
            } else {
                CredentialCallback credentialCallback = (CredentialCallback) callback;
                try {
                    Password generatePassword = PasswordFactory.getInstance(this.algorithm).generatePassword(this.keySpec);
                    if (!credentialCallback.isCredentialTypeSupported(PasswordCredential.class, generatePassword.getAlgorithm())) {
                        throw new FastUnsupportedCallbackException(callback);
                    }
                    credentialCallback.setCredential(new PasswordCredential(generatePassword));
                } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
                    throw new IOException("Password object generation failed", e);
                }
            }
        }
    }
}
