package org.wildfly.security.sasl.gs2;

import java.io.IOException;
import java.util.Map;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.sasl.SaslClient;
import javax.security.sasl.SaslClientFactory;
import javax.security.sasl.SaslException;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;
import org.wildfly.security._private.ElytronMessages;
import org.wildfly.security.auth.callback.ChannelBindingCallback;
import org.wildfly.security.sasl.WildFlySasl;

/* loaded from: input_file:org/wildfly/security/sasl/gs2/Gs2SaslClientFactory.class */
public final class Gs2SaslClientFactory implements SaslClientFactory {
    public SaslClient createSaslClient(String[] strArr, String str, String str2, String str3, Map<String, ?> map, CallbackHandler callbackHandler) throws SaslException {
        String str4 = null;
        boolean z = false;
        ChannelBindingCallback channelBindingCallback = new ChannelBindingCallback();
        try {
            callbackHandler.handle(new Callback[]{channelBindingCallback});
        } catch (IOException e) {
            throw ElytronMessages.log.saslFailedToDetermineChannelBindingStatus(e);
        } catch (SaslException e2) {
            throw e2;
        } catch (UnsupportedCallbackException e3) {
        }
        GSSManager gSSManager = GSSManager.getInstance();
        try {
            String[] supportedSaslNamesForMechanisms = Gs2Util.getSupportedSaslNamesForMechanisms(gSSManager.getMechs());
            String bindingType = channelBindingCallback.getBindingType();
            byte[] bindingData = channelBindingCallback.getBindingData();
            boolean z2 = (bindingType == null || bindingData == null) ? false : true;
            boolean equals = "true".equals(map.get(WildFlySasl.CHANNEL_BINDING_REQUIRED));
            for (String str5 : strArr) {
                if (Gs2Util.isIncluded(str5, supportedSaslNamesForMechanisms)) {
                    if (str5.endsWith(Gs2.PLUS_SUFFIX)) {
                        if (z2) {
                            z = true;
                        } else {
                            continue;
                        }
                    }
                    if (!equals || z) {
                        str4 = str5;
                        break;
                    }
                }
            }
            if (str4 == null) {
                return null;
            }
            Gs2SaslClient gs2SaslClient = new Gs2SaslClient(str4, str2, str3, callbackHandler, str, map, gSSManager, z, bindingType, bindingData);
            gs2SaslClient.init();
            return gs2SaslClient;
        } catch (GSSException e4) {
            throw ElytronMessages.log.saslGettingSupportedMechanismsFailed(e4);
        }
    }

    public String[] getMechanismNames(Map<String, ?> map) {
        try {
            String[] supportedSaslNamesForMechanisms = Gs2Util.getSupportedSaslNamesForMechanisms(GSSManager.getInstance().getMechs());
            return ("true".equals(map.get(WildFlySasl.MECHANISM_QUERY_ALL)) || !"true".equals(map.get(WildFlySasl.CHANNEL_BINDING_REQUIRED))) ? supportedSaslNamesForMechanisms : Gs2Util.getPlusMechanisms(supportedSaslNamesForMechanisms);
        } catch (GSSException e) {
            return WildFlySasl.NO_NAMES;
        }
    }
}
