package io.ballerina.messaging.broker.auth.authentication.sasl.plain;

import com.google.common.primitives.Bytes;
import io.ballerina.messaging.broker.auth.BrokerAuthConstants;
import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;

/* loaded from: input_file:io/ballerina/messaging/broker/auth/authentication/sasl/plain/PlainSaslServer.class */
public class PlainSaslServer implements SaslServer {
    private PlainSaslCallbackHandler callbackHandler;
    private boolean isComplete = false;
    private String authenticationId;
    private char[] password;
    static final String PLAIN_MECHANISM = "PLAIN";

    public PlainSaslServer(PlainSaslCallbackHandler plainSaslCallbackHandler) {
        this.callbackHandler = plainSaslCallbackHandler;
    }

    public String getMechanismName() {
        return PLAIN_MECHANISM;
    }

    public byte[] evaluateResponse(byte[] bArr) throws SaslException {
        int indexOf = Bytes.indexOf(bArr, (byte) 0);
        if (indexOf < 0) {
            throw new SaslException("Invalid SASL/PLAIN response due to authzid null separator not found");
        }
        int indexOf2 = Bytes.indexOf(Arrays.copyOfRange(bArr, indexOf + 1, bArr.length), (byte) 0);
        if (indexOf2 < 0) {
            throw new SaslException("Invalid SASL/PLAIN response due to authcid null separator not found");
        }
        this.authenticationId = new String(bArr, indexOf + 1, indexOf2, StandardCharsets.UTF_8);
        int i = indexOf + indexOf2 + 1;
        int length = (bArr.length - i) - 1;
        this.password = new char[length];
        for (int i2 = 0; i2 < length; i2++) {
            i++;
            this.password[i2] = (char) bArr[i];
        }
        this.callbackHandler.setUsername(this.authenticationId);
        this.callbackHandler.setPassword(this.password);
        try {
            try {
                new LoginContext(BrokerAuthConstants.BROKER_SECURITY_CONFIG, this.callbackHandler).login();
                this.isComplete = true;
                byte[] bArr2 = new byte[0];
                clearCredentials();
                return bArr2;
            } catch (LoginException e) {
                throw new SaslException("Error while authenticating user with login module", e);
            }
        } catch (Throwable th) {
            clearCredentials();
            throw th;
        }
    }

    private void clearCredentials() {
        if (this.password != null) {
            for (int i = 0; i < this.password.length; i++) {
                this.password[i] = ' ';
            }
            this.password = null;
        }
    }

    public boolean isComplete() {
        return this.isComplete;
    }

    public String getAuthorizationID() {
        return this.authenticationId;
    }

    public byte[] unwrap(byte[] bArr, int i, int i2) throws SaslException {
        return new byte[0];
    }

    public byte[] wrap(byte[] bArr, int i, int i2) throws SaslException {
        return new byte[0];
    }

    public Object getNegotiatedProperty(String str) {
        return null;
    }

    public void dispose() throws SaslException {
        this.callbackHandler = null;
    }
}
