package org.apache.qpid.server.security.auth.database;

import java.security.Principal;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.AccountNotFoundException;
import javax.security.sasl.Sasl;
import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;
import org.apache.qpid.server.model.AuthenticationProvider;
import org.apache.qpid.server.security.auth.manager.AbstractScramAuthenticationManager;
import org.apache.qpid.server.security.auth.sasl.crammd5.CRAMMD5Initialiser;
import org.apache.qpid.server.security.auth.sasl.plain.PlainInitialiser;
import org.apache.qpid.server.security.auth.sasl.plain.PlainSaslServer;
import org.apache.qpid.server.security.auth.sasl.scram.ScramSaslServer;
import org.apache.qpid.server.security.auth.sasl.scram.ScramSaslServerSourceAdapter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/qpid/server/security/auth/database/PlainPasswordFilePrincipalDatabase.class */
public class PlainPasswordFilePrincipalDatabase extends AbstractPasswordFilePrincipalDatabase<PlainUser> {
    private final Logger _logger = LoggerFactory.getLogger(PlainPasswordFilePrincipalDatabase.class);
    private final Map<String, CallbackHandler> _callbackHandlerMap = new HashMap();
    private final List<String> _mechanisms = Collections.unmodifiableList(Arrays.asList("PLAIN", CRAMMD5Initialiser.MECHANISM, "SCRAM-SHA-1", "SCRAM-SHA-256"));
    private final ScramSaslServerSourceAdapter _scramSha1Adapter;
    private final ScramSaslServerSourceAdapter _scramSha256Adapter;

    public PlainPasswordFilePrincipalDatabase(AuthenticationProvider<?> authenticationProvider) {
        PlainInitialiser plainInitialiser = new PlainInitialiser();
        plainInitialiser.initialise(this);
        this._callbackHandlerMap.put("PLAIN", plainInitialiser.getCallbackHandler());
        this._callbackHandlerMap.put("SCRAM-SHA-1", plainInitialiser.getCallbackHandler());
        this._callbackHandlerMap.put("SCRAM-SHA-256", plainInitialiser.getCallbackHandler());
        CRAMMD5Initialiser cRAMMD5Initialiser = new CRAMMD5Initialiser();
        cRAMMD5Initialiser.initialise(this);
        this._callbackHandlerMap.put(CRAMMD5Initialiser.MECHANISM, cRAMMD5Initialiser.getCallbackHandler());
        ScramSaslServerSourceAdapter.PasswordSource passwordSource = new ScramSaslServerSourceAdapter.PasswordSource() { // from class: org.apache.qpid.server.security.auth.database.PlainPasswordFilePrincipalDatabase.1
            @Override // org.apache.qpid.server.security.auth.sasl.scram.ScramSaslServerSourceAdapter.PasswordSource
            public char[] getPassword(String str) {
                return PlainPasswordFilePrincipalDatabase.this.lookupPassword(str);
            }
        };
        int intValue = ((Integer) authenticationProvider.getContextValue(Integer.class, AbstractScramAuthenticationManager.QPID_AUTHMANAGER_SCRAM_ITERATION_COUNT)).intValue();
        this._scramSha1Adapter = new ScramSaslServerSourceAdapter(intValue, "HmacSHA1", "SHA-1", passwordSource);
        this._scramSha256Adapter = new ScramSaslServerSourceAdapter(intValue, "HmacSHA256", "SHA-256", passwordSource);
    }

    @Override // org.apache.qpid.server.security.auth.database.PrincipalDatabase
    public boolean verifyPassword(String str, char[] cArr) throws AccountNotFoundException {
        char[] lookupPassword = lookupPassword(str);
        if (lookupPassword == null) {
            throw new AccountNotFoundException("Unable to lookup the specified users password");
        }
        return compareCharArray(lookupPassword, cArr);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Can't rename method to resolve collision */
    @Override // org.apache.qpid.server.security.auth.database.AbstractPasswordFilePrincipalDatabase
    public PlainUser createUserFromPassword(Principal principal, char[] cArr) {
        return new PlainUser(principal.getName(), cArr);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Can't rename method to resolve collision */
    @Override // org.apache.qpid.server.security.auth.database.AbstractPasswordFilePrincipalDatabase
    public PlainUser createUserFromFileData(String[] strArr) {
        return new PlainUser(strArr);
    }

    @Override // org.apache.qpid.server.security.auth.database.AbstractPasswordFilePrincipalDatabase
    protected Logger getLogger() {
        return this._logger;
    }

    @Override // org.apache.qpid.server.security.auth.database.PrincipalDatabase
    public List<String> getMechanisms() {
        return this._mechanisms;
    }

    @Override // org.apache.qpid.server.security.auth.database.PrincipalDatabase
    public SaslServer createSaslServer(String str, String str2, Principal principal) throws SaslException {
        CallbackHandler callbackHandler = this._callbackHandlerMap.get(str);
        if (callbackHandler == null) {
            throw new SaslException("Unsupported mechanism: " + str);
        }
        if (CRAMMD5Initialiser.MECHANISM.equals(str)) {
            return Sasl.createSaslServer(str, "AMQP", str2, (Map) null, callbackHandler);
        }
        if ("PLAIN".equals(str)) {
            return new PlainSaslServer(callbackHandler);
        }
        if ("SCRAM-SHA-1".equals(str)) {
            return new ScramSaslServer(this._scramSha1Adapter, str, "HmacSHA1", "SHA-1");
        }
        if ("SCRAM-SHA-256".equals(str)) {
            return new ScramSaslServer(this._scramSha256Adapter, str, "HmacSHA256", "SHA-256");
        }
        throw new SaslException("Unsupported mechanism: " + str);
    }
}
