package com.sun.identity.liberty.ws.authnsvc.mechanism;

import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.iplanet.sso.SSOTokenManager;
import com.sun.identity.authentication.AuthContext;
import com.sun.identity.authentication.spi.AuthLoginException;
import com.sun.identity.liberty.ws.authnsvc.AuthnSvcService;
import com.sun.identity.liberty.ws.authnsvc.AuthnSvcUtils;
import com.sun.identity.liberty.ws.authnsvc.protocol.SASLRequest;
import com.sun.identity.liberty.ws.authnsvc.protocol.SASLResponse;
import com.sun.identity.liberty.ws.soapbinding.Message;
import com.sun.identity.shared.debug.Debug;
import com.sun.identity.sm.SMSEntry;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;

/* loaded from: input_file:com/sun/identity/liberty/ws/authnsvc/mechanism/PlainMechanismHandler.class */
public class PlainMechanismHandler implements MechanismHandler {
    public static Debug debug = Debug.getInstance("libIDWSF");

    public SASLResponse processSASLRequest(SASLRequest sASLRequest, Message message, String str) {
        SASLResponse sASLResponse;
        if (debug.messageEnabled()) {
            debug.message("PlainMechanismHandler.processSASLRequest: ");
        }
        String refToMessageID = sASLRequest.getRefToMessageID();
        boolean z = refToMessageID == null || refToMessageID.length() == 0;
        if (debug.messageEnabled()) {
            debug.message("PlainMechanismHandler.processSASLRequest: refToMessageID = " + refToMessageID);
        }
        byte[] data = sASLRequest.getData();
        if (data != null) {
            String str2 = null;
            try {
                str2 = new String(data, "UTF-8");
            } catch (Exception e) {
                debug.error("PlainMechanismHandler.processSASLRequest: ", e);
            }
            sASLResponse = str2 == null ? new SASLResponse("abort") : authenticate(str2, message);
            if (z) {
                sASLResponse.setServerMechanism("PLAIN");
            }
        } else if (z) {
            sASLResponse = new SASLResponse("continue");
            sASLResponse.setServerMechanism("PLAIN");
        } else {
            sASLResponse = new SASLResponse("abort");
        }
        return sASLResponse;
    }

    private SASLResponse authenticate(String str, Message message) {
        int indexOf;
        Callback[] requirements;
        int indexOf2 = str.indexOf(0);
        if (indexOf2 != -1 && (indexOf = str.indexOf(0, indexOf2 + 1)) != -1) {
            String substring = str.substring(0, indexOf2);
            String substring2 = str.substring(indexOf2 + 1, indexOf);
            String substring3 = str.substring(indexOf + 1);
            if (substring2 == null) {
                return new SASLResponse("abort");
            }
            if (debug.messageEnabled()) {
                debug.message("PlainMechanismHandler.authenticate: authzID = " + substring + ", authnID = " + substring2);
            }
            String plainMechanismAuthenticationModule = AuthnSvcService.getPlainMechanismAuthenticationModule();
            if (debug.messageEnabled()) {
                debug.message("PlainMechanismHandler.authenticate: authModule = " + plainMechanismAuthenticationModule);
            }
            try {
                AuthContext authContext = new AuthContext(SMSEntry.getRootSuffix());
                authContext.login(AuthContext.IndexType.MODULE_INSTANCE, plainMechanismAuthenticationModule);
                if (authContext.hasMoreRequirements() && (requirements = authContext.getRequirements()) != null) {
                    fillInCallbacks(requirements, substring2, substring3);
                    authContext.submitRequirements(requirements);
                }
                AuthContext.Status status = authContext.getStatus();
                if (debug.messageEnabled()) {
                    debug.message("PlainMechanismHandler.authenticate: login status = " + status);
                }
                if (status != AuthContext.Status.SUCCESS) {
                    return new SASLResponse("abort");
                }
                try {
                    SSOToken sSOToken = authContext.getSSOToken();
                    String name = sSOToken.getPrincipal().getName();
                    SASLResponse sASLResponse = new SASLResponse("OK");
                    try {
                        SSOTokenManager.getInstance().destroyToken(sSOToken);
                    } catch (SSOException e) {
                        if (AuthnSvcUtils.debug.warningEnabled()) {
                            AuthnSvcUtils.debug.warning("PlainMechanismHandler.authenticate:", e);
                        }
                    }
                    return !AuthnSvcUtils.setResourceOfferingAndCredentials(sASLResponse, message, name) ? new SASLResponse("abort") : sASLResponse;
                } catch (Exception e2) {
                    debug.error("PlainMechanismHandler.authenticate: ", e2);
                    return new SASLResponse("abort");
                }
            } catch (AuthLoginException e3) {
                debug.error("PlainMechanismHandler.authenticate: ", e3);
                return new SASLResponse("abort");
            }
        }
        return new SASLResponse("abort");
    }

    private static void fillInCallbacks(Callback[] callbackArr, String str, String str2) {
        if (debug.messageEnabled()) {
            debug.message("PlainMechanismHandler.fillInCallbacks:");
        }
        for (Callback callback : callbackArr) {
            if (callback instanceof NameCallback) {
                ((NameCallback) callback).setName(str);
            } else if (callback instanceof PasswordCallback) {
                ((PasswordCallback) callback).setPassword(str2.toCharArray());
            }
        }
    }
}
