package org.apache.kerby.kerberos.kerb.integration.test.sasl;

import java.io.IOException;
import java.nio.charset.Charset;
import java.util.HashMap;
import java.util.Map;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.sasl.AuthorizeCallback;
import javax.security.sasl.Sasl;
import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;
import org.apache.kerby.kerberos.kerb.integration.test.AppServer;
import org.apache.kerby.kerberos.kerb.integration.test.Transport;

/* loaded from: input_file:org/apache/kerby/kerberos/kerb/integration/test/sasl/SaslAppServer.class */
public class SaslAppServer extends AppServer {
    private String mechanism;
    private String serviceProtocol;
    private String serverFqdn;

    /* loaded from: input_file:org/apache/kerby/kerberos/kerb/integration/test/sasl/SaslAppServer$SaslGssCallbackHandler.class */
    public static class SaslGssCallbackHandler implements CallbackHandler {
        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) throws UnsupportedCallbackException {
            AuthorizeCallback authorizeCallback = null;
            for (Callback callback : callbackArr) {
                if (!(callback instanceof AuthorizeCallback)) {
                    throw new UnsupportedCallbackException(callback, "Unrecognized SASL GSSAPI Callback");
                }
                authorizeCallback = (AuthorizeCallback) callback;
            }
            if (authorizeCallback != null) {
                String authenticationID = authorizeCallback.getAuthenticationID();
                String authorizationID = authorizeCallback.getAuthorizationID();
                if (authenticationID.equals(authorizationID)) {
                    authorizeCallback.setAuthorized(true);
                } else {
                    authorizeCallback.setAuthorized(false);
                }
                if (authorizeCallback.isAuthorized()) {
                    System.out.println("SASL server GSSAPI callback: setting canonicalized client ID: " + authorizationID);
                    authorizeCallback.setAuthorizedID(authorizationID);
                }
            }
        }
    }

    public SaslAppServer(String[] strArr) throws Exception {
        super(strArr);
        this.mechanism = "GSSAPI";
        this.serviceProtocol = strArr[1];
        this.serverFqdn = strArr[2];
    }

    public static void main(String[] strArr) throws Exception {
        new SaslAppServer(strArr).run();
    }

    @Override // org.apache.kerby.kerberos.kerb.integration.test.AppServer
    protected void usage(String[] strArr) {
        if (strArr.length < 3) {
            System.err.println("Usage: SaslAppServer <ListenPort> <service-protocol> <server-fqdn>");
            throw new RuntimeException("Usage: SaslAppServer <ListenPort> <service-protocol> <server-fqdn>");
        }
    }

    @Override // org.apache.kerby.kerberos.kerb.integration.test.AppServer
    protected void onConnection(Transport.Connection connection) throws Exception {
        System.out.print("Starting negotiating security context");
        SaslGssCallbackHandler saslGssCallbackHandler = new SaslGssCallbackHandler();
        HashMap hashMap = new HashMap();
        hashMap.put("javax.security.sasl.qop", "auth");
        SaslServer createSaslServer = Sasl.createSaslServer(this.mechanism, this.serviceProtocol, this.serverFqdn, hashMap, saslGssCallbackHandler);
        Transport.Message recvMessage = connection.recvMessage();
        while (!createSaslServer.isComplete()) {
            try {
                byte[] evaluateResponse = createSaslServer.evaluateResponse(recvMessage.body);
                if (createSaslServer.isComplete()) {
                    connection.sendMessage("OK", evaluateResponse);
                } else {
                    connection.sendMessage("CONT", evaluateResponse);
                    recvMessage = connection.recvMessage();
                }
            } catch (SaslException e) {
                connection.sendMessage("ERR", (byte[]) null);
                createSaslServer.dispose();
            }
        }
        System.out.print("Context Established! ");
        doWith(createSaslServer, hashMap, connection);
        createSaslServer.dispose();
    }

    protected void doWith(SaslServer saslServer, Map<String, Object> map, Transport.Connection connection) throws IOException, Exception {
        String str = new String(connection.recvToken(), Charset.forName("UTF-8"));
        System.out.println("Received data \"" + str + "\" of length " + str.length());
    }
}
