package org.apache.qpid.server.security.auth.manager;

import java.io.IOException;
import java.security.Principal;
import java.util.HashMap;
import java.util.Hashtable;
import javax.naming.NamingException;
import javax.naming.directory.InitialDirContext;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.sasl.AuthorizeCallback;
import javax.security.sasl.Sasl;
import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;
import org.apache.log4j.Logger;
import org.apache.qpid.server.security.auth.AuthenticationResult;
import org.apache.qpid.server.security.auth.UsernamePrincipal;
import org.apache.qpid.server.security.auth.sasl.plain.PlainPasswordCallback;

/* loaded from: input_file:org/apache/qpid/server/security/auth/manager/SimpleLDAPAuthenticationManager.class */
public class SimpleLDAPAuthenticationManager implements AuthenticationManager {
    private static final Logger _logger = Logger.getLogger(SimpleLDAPAuthenticationManager.class);
    private static final String PLAIN_MECHANISM = "PLAIN";
    private final String _providerSearchURL;
    private final String _providerAuthURL;
    private final String _searchContext;
    private final String _searchFilter;
    private final String _ldapContextFactory;

    /* loaded from: input_file:org/apache/qpid/server/security/auth/manager/SimpleLDAPAuthenticationManager$PlainCallbackHandler.class */
    private class PlainCallbackHandler implements CallbackHandler {
        private PlainCallbackHandler() {
        }

        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
            String str = null;
            String str2 = null;
            AuthenticationResult authenticationResult = null;
            for (Callback callback : callbackArr) {
                if (callback instanceof NameCallback) {
                    try {
                        str = SimpleLDAPAuthenticationManager.this.getNameFromId(((NameCallback) callback).getDefaultName());
                    } catch (NamingException e) {
                        SimpleLDAPAuthenticationManager._logger.warn("SASL Authentication Exception", e);
                    }
                    if (str2 != null) {
                        authenticationResult = SimpleLDAPAuthenticationManager.this.doLDAPNameAuthentication(str, str2);
                    }
                } else if (callback instanceof PlainPasswordCallback) {
                    str2 = ((PlainPasswordCallback) callback).getPlainPassword();
                    if (str != null) {
                        authenticationResult = SimpleLDAPAuthenticationManager.this.doLDAPNameAuthentication(str, str2);
                        if (authenticationResult.getStatus() == AuthenticationResult.AuthenticationStatus.SUCCESS) {
                            ((PlainPasswordCallback) callback).setAuthenticated(true);
                        }
                    }
                } else {
                    if (!(callback instanceof AuthorizeCallback)) {
                        throw new UnsupportedCallbackException(callback);
                    }
                    ((AuthorizeCallback) callback).setAuthorized(authenticationResult != null && authenticationResult.getStatus() == AuthenticationResult.AuthenticationStatus.SUCCESS);
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SimpleLDAPAuthenticationManager(String str, String str2, String str3, String str4, String str5) {
        this._providerSearchURL = str;
        this._providerAuthURL = str2;
        this._searchContext = str3;
        this._searchFilter = str4;
        this._ldapContextFactory = str5;
    }

    @Override // org.apache.qpid.server.security.auth.manager.AuthenticationManager
    public void initialise() {
        validateInitialDirContext();
    }

    @Override // org.apache.qpid.server.security.auth.manager.AuthenticationManager
    public String getMechanisms() {
        return "PLAIN";
    }

    @Override // org.apache.qpid.server.security.auth.manager.AuthenticationManager
    public SaslServer createSaslServer(String str, String str2, Principal principal) throws SaslException {
        if ("PLAIN".equals(str)) {
            return Sasl.createSaslServer("PLAIN", "AMQP", str2, new HashMap(), new PlainCallbackHandler());
        }
        throw new SaslException("Unknown mechanism: " + str);
    }

    @Override // org.apache.qpid.server.security.auth.manager.AuthenticationManager
    public AuthenticationResult authenticate(SaslServer saslServer, byte[] bArr) {
        byte[] bArr2;
        if (bArr != null) {
            bArr2 = bArr;
        } else {
            try {
                bArr2 = new byte[0];
            } catch (SaslException e) {
                return new AuthenticationResult(AuthenticationResult.AuthenticationStatus.ERROR, (Exception) e);
            }
        }
        byte[] evaluateResponse = saslServer.evaluateResponse(bArr2);
        if (!saslServer.isComplete()) {
            return new AuthenticationResult(evaluateResponse, AuthenticationResult.AuthenticationStatus.CONTINUE);
        }
        String authorizationID = saslServer.getAuthorizationID();
        _logger.debug("Authenticated as " + authorizationID);
        return new AuthenticationResult(new UsernamePrincipal(authorizationID));
    }

    @Override // org.apache.qpid.server.security.auth.manager.AuthenticationManager
    public AuthenticationResult authenticate(String str, String str2) {
        try {
            AuthenticationResult doLDAPNameAuthentication = doLDAPNameAuthentication(getNameFromId(str), str2);
            return doLDAPNameAuthentication.getStatus() == AuthenticationResult.AuthenticationStatus.SUCCESS ? new AuthenticationResult(new UsernamePrincipal(str)) : doLDAPNameAuthentication;
        } catch (NamingException e) {
            return new AuthenticationResult(AuthenticationResult.AuthenticationStatus.ERROR, (Exception) e);
        }
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:11:0x00ad
        	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    /* JADX INFO: Access modifiers changed from: private */
    public org.apache.qpid.server.security.auth.AuthenticationResult doLDAPNameAuthentication(java.lang.String r7, java.lang.String r8) {
        /*
            r6 = this;
            r0 = r7
            if (r0 != 0) goto Lf
            org.apache.qpid.server.security.auth.AuthenticationResult r0 = new org.apache.qpid.server.security.auth.AuthenticationResult
            r1 = r0
            org.apache.qpid.server.security.auth.AuthenticationResult$AuthenticationStatus r2 = org.apache.qpid.server.security.auth.AuthenticationResult.AuthenticationStatus.CONTINUE
            r1.<init>(r2)
            return r0
        Lf:
            java.util.Hashtable r0 = new java.util.Hashtable
            r1 = r0
            r1.<init>()
            r9 = r0
            r0 = r9
            java.lang.String r1 = "java.naming.factory.initial"
            r2 = r6
            java.lang.String r2 = r2._ldapContextFactory
            java.lang.Object r0 = r0.put(r1, r2)
            r0 = r9
            java.lang.String r1 = "java.naming.provider.url"
            r2 = r6
            java.lang.String r2 = r2._providerAuthURL
            java.lang.Object r0 = r0.put(r1, r2)
            r0 = r9
            java.lang.String r1 = "java.naming.security.authentication"
            java.lang.String r2 = "simple"
            java.lang.Object r0 = r0.put(r1, r2)
            r0 = r9
            java.lang.String r1 = "java.naming.security.principal"
            r2 = r7
            java.lang.Object r0 = r0.put(r1, r2)
            r0 = r9
            java.lang.String r1 = "java.naming.security.credentials"
            r2 = r8
            java.lang.Object r0 = r0.put(r1, r2)
            r0 = 0
            r10 = r0
            javax.naming.directory.InitialDirContext r0 = new javax.naming.directory.InitialDirContext     // Catch: javax.naming.AuthenticationException -> L6a javax.naming.NamingException -> L7e java.lang.Throwable -> L94
            r1 = r0
            r2 = r9
            r1.<init>(r2)     // Catch: javax.naming.AuthenticationException -> L6a javax.naming.NamingException -> L7e java.lang.Throwable -> L94
            r10 = r0
            org.apache.qpid.server.security.auth.AuthenticationResult r0 = new org.apache.qpid.server.security.auth.AuthenticationResult     // Catch: javax.naming.AuthenticationException -> L6a javax.naming.NamingException -> L7e java.lang.Throwable -> L94
            r1 = r0
            org.apache.qpid.server.security.auth.UsernamePrincipal r2 = new org.apache.qpid.server.security.auth.UsernamePrincipal     // Catch: javax.naming.AuthenticationException -> L6a javax.naming.NamingException -> L7e java.lang.Throwable -> L94
            r3 = r2
            r4 = r7
            r3.<init>(r4)     // Catch: javax.naming.AuthenticationException -> L6a javax.naming.NamingException -> L7e java.lang.Throwable -> L94
            r1.<init>(r2)     // Catch: javax.naming.AuthenticationException -> L6a javax.naming.NamingException -> L7e java.lang.Throwable -> L94
            r11 = r0
            r0 = jsr -> L9c
        L67:
            r1 = r11
            return r1
        L6a:
            r11 = move-exception
            org.apache.qpid.server.security.auth.AuthenticationResult r0 = new org.apache.qpid.server.security.auth.AuthenticationResult     // Catch: java.lang.Throwable -> L94
            r1 = r0
            org.apache.qpid.server.security.auth.AuthenticationResult$AuthenticationStatus r2 = org.apache.qpid.server.security.auth.AuthenticationResult.AuthenticationStatus.CONTINUE     // Catch: java.lang.Throwable -> L94
            r1.<init>(r2)     // Catch: java.lang.Throwable -> L94
            r12 = r0
            r0 = jsr -> L9c
        L7b:
            r1 = r12
            return r1
        L7e:
            r11 = move-exception
            org.apache.qpid.server.security.auth.AuthenticationResult r0 = new org.apache.qpid.server.security.auth.AuthenticationResult     // Catch: java.lang.Throwable -> L94
            r1 = r0
            org.apache.qpid.server.security.auth.AuthenticationResult$AuthenticationStatus r2 = org.apache.qpid.server.security.auth.AuthenticationResult.AuthenticationStatus.ERROR     // Catch: java.lang.Throwable -> L94
            r3 = r11
            r1.<init>(r2, r3)     // Catch: java.lang.Throwable -> L94
            r12 = r0
            r0 = jsr -> L9c
        L91:
            r1 = r12
            return r1
        L94:
            r13 = move-exception
            r0 = jsr -> L9c
        L99:
            r1 = r13
            throw r1
        L9c:
            r14 = r0
            r0 = r10
            if (r0 == 0) goto Lb9
            r0 = r10
            r0.close()     // Catch: java.lang.Exception -> Lad
            goto Lb9
        Lad:
            r15 = move-exception
            org.apache.log4j.Logger r0 = org.apache.qpid.server.security.auth.manager.SimpleLDAPAuthenticationManager._logger
            java.lang.String r1 = "Exception closing InitialDirContext"
            r2 = r15
            r0.warn(r1, r2)
        Lb9:
            ret r14
        */
        throw new UnsupportedOperationException("Method not decompiled: org.apache.qpid.server.security.auth.manager.SimpleLDAPAuthenticationManager.doLDAPNameAuthentication(java.lang.String, java.lang.String):org.apache.qpid.server.security.auth.AuthenticationResult");
    }

    public void close() {
    }

    private void validateInitialDirContext() {
        Hashtable hashtable = new Hashtable();
        hashtable.put("java.naming.factory.initial", this._ldapContextFactory);
        hashtable.put("java.naming.provider.url", this._providerSearchURL);
        hashtable.put("java.naming.security.authentication", "none");
        try {
            new InitialDirContext(hashtable).close();
        } catch (NamingException e) {
            throw new RuntimeException("Unable to establish anonymous connection to the ldap server at " + this._providerSearchURL, e);
        }
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:11:0x00aa
        	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    /* JADX INFO: Access modifiers changed from: private */
    public java.lang.String getNameFromId(java.lang.String r9) throws javax.naming.NamingException {
        /*
            r8 = this;
            java.util.Hashtable r0 = new java.util.Hashtable
            r1 = r0
            r1.<init>()
            r10 = r0
            r0 = r10
            java.lang.String r1 = "java.naming.factory.initial"
            r2 = r8
            java.lang.String r2 = r2._ldapContextFactory
            java.lang.Object r0 = r0.put(r1, r2)
            r0 = r10
            java.lang.String r1 = "java.naming.provider.url"
            r2 = r8
            java.lang.String r2 = r2._providerSearchURL
            java.lang.Object r0 = r0.put(r1, r2)
            r0 = r10
            java.lang.String r1 = "java.naming.security.authentication"
            java.lang.String r2 = "none"
            java.lang.Object r0 = r0.put(r1, r2)
            r0 = 0
            r11 = r0
            javax.naming.directory.InitialDirContext r0 = new javax.naming.directory.InitialDirContext
            r1 = r0
            r2 = r10
            r1.<init>(r2)
            r11 = r0
            javax.naming.directory.SearchControls r0 = new javax.naming.directory.SearchControls     // Catch: java.lang.Throwable -> L97
            r1 = r0
            r1.<init>()     // Catch: java.lang.Throwable -> L97
            r12 = r0
            r0 = r12
            r1 = 0
            java.lang.String[] r1 = new java.lang.String[r1]     // Catch: java.lang.Throwable -> L97
            r0.setReturningAttributes(r1)     // Catch: java.lang.Throwable -> L97
            r0 = r12
            r1 = 1
            r0.setCountLimit(r1)     // Catch: java.lang.Throwable -> L97
            r0 = r12
            r1 = 2
            r0.setSearchScope(r1)     // Catch: java.lang.Throwable -> L97
            r0 = 0
            r13 = r0
            r0 = 0
            r14 = r0
            r0 = r11
            r1 = r8
            java.lang.String r1 = r1._searchContext     // Catch: java.lang.Throwable -> L97
            r2 = r8
            java.lang.String r2 = r2._searchFilter     // Catch: java.lang.Throwable -> L97
            r3 = 1
            java.lang.String[] r3 = new java.lang.String[r3]     // Catch: java.lang.Throwable -> L97
            r4 = r3
            r5 = 0
            r6 = r9
            r4[r5] = r6     // Catch: java.lang.Throwable -> L97
            r4 = r12
            javax.naming.NamingEnumeration r0 = r0.search(r1, r2, r3, r4)     // Catch: java.lang.Throwable -> L97
            r13 = r0
            r0 = r13
            boolean r0 = r0.hasMore()     // Catch: java.lang.Throwable -> L97
            if (r0 == 0) goto L8d
            r0 = r13
            java.lang.Object r0 = r0.next()     // Catch: java.lang.Throwable -> L97
            javax.naming.directory.SearchResult r0 = (javax.naming.directory.SearchResult) r0     // Catch: java.lang.Throwable -> L97
            r15 = r0
            r0 = r15
            java.lang.String r0 = r0.getNameInNamespace()     // Catch: java.lang.Throwable -> L97
            r14 = r0
        L8d:
            r0 = r14
            r15 = r0
            r0 = jsr -> L9f
        L94:
            r1 = r15
            return r1
        L97:
            r16 = move-exception
            r0 = jsr -> L9f
        L9c:
            r1 = r16
            throw r1
        L9f:
            r17 = r0
            r0 = r11
            r0.close()     // Catch: java.lang.Exception -> Laa
            goto Lb6
        Laa:
            r18 = move-exception
            org.apache.log4j.Logger r0 = org.apache.qpid.server.security.auth.manager.SimpleLDAPAuthenticationManager._logger
            java.lang.String r1 = "Exception closing InitialDirContext"
            r2 = r18
            r0.warn(r1, r2)
        Lb6:
            ret r17
        */
        throw new UnsupportedOperationException("Method not decompiled: org.apache.qpid.server.security.auth.manager.SimpleLDAPAuthenticationManager.getNameFromId(java.lang.String):java.lang.String");
    }
}
