package org.jivesoftware.openfire.sasl;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.util.Map;
import java.util.StringTokenizer;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.sasl.AuthorizeCallback;
import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;

/* loaded from: input_file:org/jivesoftware/openfire/sasl/SaslServerPlainImpl.class */
public class SaslServerPlainImpl implements SaslServer {
    private String principal;
    private String username;
    private String password;
    private CallbackHandler cbh;
    private boolean aborted;
    private boolean completed = false;
    private int counter = 0;

    public SaslServerPlainImpl(String str, String str2, Map map, CallbackHandler callbackHandler) throws SaslException {
        this.cbh = callbackHandler;
    }

    public String getMechanismName() {
        return "PLAIN";
    }

    public byte[] evaluateResponse(byte[] bArr) throws SaslException {
        if (this.completed) {
            throw new IllegalStateException("PLAIN authentication already completed");
        }
        if (this.aborted) {
            throw new IllegalStateException("PLAIN authentication previously aborted due to error");
        }
        try {
            if (bArr.length == 0) {
                int i = this.counter;
                this.counter = i + 1;
                if (i > 1) {
                    throw new SaslException("PLAIN expects a response");
                }
                return null;
            }
            StringTokenizer stringTokenizer = new StringTokenizer(new String(bArr, "UTF8"), "��");
            if (stringTokenizer.countTokens() > 2) {
                this.username = stringTokenizer.nextToken();
                this.principal = stringTokenizer.nextToken();
            } else {
                this.username = stringTokenizer.nextToken();
                this.principal = this.username;
            }
            this.password = stringTokenizer.nextToken();
            Callback nameCallback = new NameCallback("PLAIN authentication ID: ", this.principal);
            VerifyPasswordCallback verifyPasswordCallback = new VerifyPasswordCallback(this.password.toCharArray());
            this.cbh.handle(new Callback[]{nameCallback, verifyPasswordCallback});
            if (!verifyPasswordCallback.getVerified()) {
                throw new SaslException("PLAIN: user not authorized: " + this.principal);
            }
            verifyPasswordCallback.clearPassword();
            Callback authorizeCallback = new AuthorizeCallback(this.principal, this.username);
            this.cbh.handle(new Callback[]{authorizeCallback});
            if (authorizeCallback.isAuthorized()) {
                this.username = authorizeCallback.getAuthorizationID();
                this.completed = true;
                return null;
            }
            this.completed = true;
            this.username = null;
            throw new SaslException("PLAIN: user not authorized: " + this.principal);
        } catch (UnsupportedEncodingException e) {
            this.aborted = true;
            throw new SaslException("UTF8 not available on platform", e);
        } catch (IOException e2) {
            this.aborted = true;
            throw new SaslException("PLAIN authentication failed", e2);
        } catch (UnsupportedCallbackException e3) {
            this.aborted = true;
            throw new SaslException("PLAIN authentication failed", e3);
        }
    }

    public boolean isComplete() {
        return this.completed;
    }

    public String getAuthorizationID() {
        if (this.completed) {
            return this.username;
        }
        throw new IllegalStateException("PLAIN authentication not completed");
    }

    public byte[] unwrap(byte[] bArr, int i, int i2) throws SaslException {
        if (this.completed) {
            throw new IllegalStateException("PLAIN does not support integrity or privacy");
        }
        throw new IllegalStateException("PLAIN authentication not completed");
    }

    public byte[] wrap(byte[] bArr, int i, int i2) throws SaslException {
        if (this.completed) {
            throw new IllegalStateException("PLAIN does not support integrity or privacy");
        }
        throw new IllegalStateException("PLAIN authentication not completed");
    }

    public Object getNegotiatedProperty(String str) {
        if (!this.completed) {
            throw new IllegalStateException("PLAIN authentication not completed");
        }
        if (str.equals("javax.security.sasl.qop")) {
            return "auth";
        }
        return null;
    }

    public void dispose() throws SaslException {
        this.password = null;
        this.username = null;
        this.principal = null;
        this.completed = false;
    }
}
