package alluxio.security.authentication.plain;

import alluxio.conf.AlluxioConfiguration;
import alluxio.conf.PropertyKey;
import alluxio.exception.status.UnauthenticatedException;
import alluxio.security.LoginUser;
import alluxio.security.User;
import alluxio.security.authentication.AuthType;
import alluxio.security.authentication.AuthenticationProvider;
import alluxio.security.authentication.SaslParticipantProvider;
import alluxio.security.authentication.SaslParticipantProviderUtils;
import java.security.Security;
import java.util.HashMap;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.sasl.Sasl;
import javax.security.sasl.SaslClient;
import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;

/* loaded from: input_file:alluxio/security/authentication/plain/SaslParticipantProviderPlain.class */
public class SaslParticipantProviderPlain implements SaslParticipantProvider {
    @Override // alluxio.security.authentication.SaslParticipantProvider
    public SaslClient createSaslClient(Subject subject, AlluxioConfiguration alluxioConfiguration) throws UnauthenticatedException {
        Set principals;
        String str = null;
        if (subject != null && (principals = subject.getPrincipals(User.class)) != null && !principals.isEmpty()) {
            str = ((User) principals.iterator().next()).getName();
        }
        if (str == null || str.isEmpty()) {
            str = LoginUser.get(alluxioConfiguration).getName();
        }
        String impersonationUser = SaslParticipantProviderUtils.getImpersonationUser(subject, alluxioConfiguration);
        if (impersonationUser != null && alluxioConfiguration.isSet(PropertyKey.SECURITY_LOGIN_IMPERSONATION_USERNAME) && "_HDFS_USER_".equals(alluxioConfiguration.get(PropertyKey.SECURITY_LOGIN_IMPERSONATION_USERNAME))) {
            str = LoginUser.get(alluxioConfiguration).getName();
        }
        return createSaslClient(str, "noPassword", impersonationUser);
    }

    @Override // alluxio.security.authentication.SaslParticipantProvider
    public SaslClient createSaslClient(String str, String str2, String str3) throws UnauthenticatedException {
        try {
            return Sasl.createSaslClient(new String[]{PlainSaslServerProvider.MECHANISM}, str3, (String) null, (String) null, new HashMap(), new PlainSaslClientCallbackHandler(str, str2));
        } catch (SaslException e) {
            throw new UnauthenticatedException(e.getMessage(), e);
        }
    }

    @Override // alluxio.security.authentication.SaslParticipantProvider
    public SaslServer createSaslServer(String str, AlluxioConfiguration alluxioConfiguration) throws SaslException {
        return createSaslServer(new Runnable() { // from class: alluxio.security.authentication.plain.SaslParticipantProviderPlain.1
            @Override // java.lang.Runnable
            public void run() {
            }
        }, str, alluxioConfiguration);
    }

    @Override // alluxio.security.authentication.SaslParticipantProvider
    public SaslServer createSaslServer(Runnable runnable, String str, AlluxioConfiguration alluxioConfiguration) throws SaslException {
        return Sasl.createSaslServer(PlainSaslServerProvider.MECHANISM, (String) null, str, new HashMap(), new PlainSaslServerCallbackHandler(AuthenticationProvider.Factory.create((AuthType) alluxioConfiguration.getEnum(PropertyKey.SECURITY_AUTHENTICATION_TYPE, AuthType.class), alluxioConfiguration), runnable, alluxioConfiguration));
    }

    static {
        Security.addProvider(new PlainSaslServerProvider());
    }
}
