package org.apache.activemq.artemis.protocol.amqp.sasl.scram;

import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.util.Collections;
import java.util.UUID;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginException;
import org.apache.activemq.artemis.protocol.amqp.sasl.SASLResult;
import org.apache.activemq.artemis.protocol.amqp.sasl.ServerSASL;
import org.apache.activemq.artemis.spi.core.security.jaas.UserPrincipal;
import org.apache.activemq.artemis.spi.core.security.scram.SCRAM;
import org.apache.activemq.artemis.spi.core.security.scram.ScramException;
import org.apache.activemq.artemis.spi.core.security.scram.UserData;

/* loaded from: input_file:org/apache/activemq/artemis/protocol/amqp/sasl/scram/SCRAMServerSASL.class */
public abstract class SCRAMServerSASL implements ServerSASL {
    protected final ScramServerFunctionality scram;
    protected final SCRAM mechanism;
    private SASLResult result;

    /* loaded from: input_file:org/apache/activemq/artemis/protocol/amqp/sasl/scram/SCRAMServerSASL$SCRAMFailedSASLResult.class */
    private static final class SCRAMFailedSASLResult implements SASLResult {
        private SCRAMFailedSASLResult() {
        }

        @Override // org.apache.activemq.artemis.protocol.amqp.sasl.SASLResult
        public String getUser() {
            return null;
        }

        @Override // org.apache.activemq.artemis.protocol.amqp.sasl.SASLResult
        public Subject getSubject() {
            return null;
        }

        @Override // org.apache.activemq.artemis.protocol.amqp.sasl.SASLResult
        public boolean isSuccess() {
            return false;
        }

        public String toString() {
            return "SCRAMFailedSASLResult";
        }
    }

    /* loaded from: input_file:org/apache/activemq/artemis/protocol/amqp/sasl/scram/SCRAMServerSASL$SCRAMSASLResult.class */
    private static final class SCRAMSASLResult implements SASLResult {
        private final String userName;
        private final ScramServerFunctionality scram;
        private final Subject subject;

        SCRAMSASLResult(String str, ScramServerFunctionality scramServerFunctionality, Subject subject) {
            this.userName = str;
            this.scram = scramServerFunctionality;
            this.subject = subject;
        }

        @Override // org.apache.activemq.artemis.protocol.amqp.sasl.SASLResult
        public String getUser() {
            return this.userName;
        }

        @Override // org.apache.activemq.artemis.protocol.amqp.sasl.SASLResult
        public Subject getSubject() {
            return this.subject;
        }

        @Override // org.apache.activemq.artemis.protocol.amqp.sasl.SASLResult
        public boolean isSuccess() {
            return this.userName != null && this.scram.isEnded() && this.scram.isSuccessful();
        }

        public String toString() {
            return "SCRAMSASLResult: userName = " + this.userName + ", state = " + this.scram.getState();
        }
    }

    public SCRAMServerSASL(SCRAM scram) throws NoSuchAlgorithmException {
        this(scram, UUID.randomUUID().toString());
    }

    protected SCRAMServerSASL(SCRAM scram, String str) throws NoSuchAlgorithmException {
        this.mechanism = scram;
        this.scram = new ScramServerFunctionalityImpl(scram.getDigest(), scram.getHmac(), str);
    }

    @Override // org.apache.activemq.artemis.protocol.amqp.sasl.ServerSASL
    public String getName() {
        return this.mechanism.getName();
    }

    @Override // org.apache.activemq.artemis.protocol.amqp.sasl.ServerSASL
    public byte[] processSASL(byte[] bArr) {
        String str = new String(bArr, StandardCharsets.US_ASCII);
        try {
            switch (this.scram.getState()) {
                case INITIAL:
                    String handleClientFirstMessage = this.scram.handleClientFirstMessage(str);
                    UserData aquireUserData = aquireUserData(handleClientFirstMessage);
                    this.result = new SCRAMSASLResult(handleClientFirstMessage, this.scram, createSaslSubject(handleClientFirstMessage, aquireUserData));
                    return this.scram.prepareFirstMessage(aquireUserData).getBytes(StandardCharsets.US_ASCII);
                case PREPARED_FIRST:
                    return this.scram.prepareFinalMessage(str).getBytes(StandardCharsets.US_ASCII);
                default:
                    this.result = new SCRAMFailedSASLResult();
                    return null;
            }
        } catch (RuntimeException | GeneralSecurityException | ScramException e) {
            this.result = new SCRAMFailedSASLResult();
            failed(e);
            return null;
        }
    }

    protected abstract UserData aquireUserData(String str) throws LoginException;

    protected abstract void failed(Exception exc);

    /* JADX INFO: Access modifiers changed from: protected */
    public Subject createSaslSubject(String str, UserData userData) {
        return new Subject(true, Collections.singleton(new UserPrincipal(str)), Collections.singleton(userData), Collections.emptySet());
    }

    @Override // org.apache.activemq.artemis.protocol.amqp.sasl.ServerSASL
    public SASLResult result() {
        if (!(this.result instanceof SCRAMSASLResult) || this.scram.isEnded()) {
            return this.result;
        }
        return null;
    }

    public boolean isEnded() {
        return this.scram.isEnded();
    }
}
