package com.pcbsys.foundation.security.sasl;

import com.pcbsys.foundation.drivers.fDriver;
import com.pcbsys.foundation.fConstants;
import com.pcbsys.foundation.io.fEventInputStream;
import com.pcbsys.foundation.io.fEventOutputStream;
import com.pcbsys.foundation.security.auth.fAuthConstants;
import com.pcbsys.foundation.security.auth.fAuthenticationException;
import com.pcbsys.foundation.security.fDefaultResponse;
import com.pcbsys.foundation.security.fLoginResponse;
import com.pcbsys.foundation.security.sasl.fSaslClientLoginContext;
import com.pcbsys.foundation.security.sasl.fSaslClientLoginModule;
import com.softwareag.security.jaas.login.SagCallbackHandler;
import com.softwareag.security.jaas.login.SagCredentials;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.ObjectOutputStream;
import java.util.Set;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;

/* loaded from: input_file:com/pcbsys/foundation/security/sasl/JaasHelper.class */
class JaasHelper {
    private static final byte[] CTXTYPE_JAAS = {-3};

    /* loaded from: input_file:com/pcbsys/foundation/security/sasl/JaasHelper$JaasClientMessage.class */
    private static class JaasClientMessage extends fSaslClientLoginContext.ClientMessage {
        public JaasClientMessage(fEventInputStream feventinputstream, fEventOutputStream feventoutputstream) {
            super(feventinputstream, feventoutputstream);
        }

        public void sendCredentials(SagCredentials sagCredentials) throws IOException {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            new ObjectOutputStream(byteArrayOutputStream).writeObject(sagCredentials);
            this.os.writeByteArray(byteArrayOutputStream.toByteArray());
            this.os.flush();
        }

        public boolean isAuthenticated() throws IOException {
            return this.is.readBoolean();
        }
    }

    JaasHelper() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static fLoginResponse doLogin(String str, fDriver fdriver, fEventInputStream feventinputstream, fEventOutputStream feventoutputstream, fSaslClientLoginContext fsaslclientlogincontext, String str2, char[] cArr) throws fAuthenticationException, IOException, LoginException {
        JaasClientMessage jaasClientMessage = new JaasClientMessage(feventinputstream, feventoutputstream);
        fSaslClientLoginModule.SaslCredentials saslCredentials = new fSaslClientLoginModule.SaslCredentials(fsaslclientlogincontext, fdriver, jaasClientMessage);
        saslCredentials.setUserName(str2);
        saslCredentials.setPassword(cArr);
        LoginContext loginContext = new LoginContext(str, new SagCallbackHandler(saslCredentials));
        loginContext.login();
        if (fAuthConstants.sDebug) {
            fConstants.logger.log(Defs.JAASLoginContext2String(loginContext, saslCredentials.getUserName()));
        }
        loginContext.logout();
        fLoginResponse loginResponse = fsaslclientlogincontext.getLoginResponse();
        if (loginResponse == null) {
            Set privateCredentials = loginContext.getSubject().getPrivateCredentials(SagCredentials.class);
            if (privateCredentials.size() != 1) {
                throw new fAuthenticationException("JAAS authentication did not set expected SAG credentials for user=" + str2 + " - count=" + privateCredentials.size() + "/" + loginContext.getSubject());
            }
            SagCredentials sagCredentials = (SagCredentials) privateCredentials.iterator().next();
            jaasClientMessage.sendContextSelector(CTXTYPE_JAAS);
            jaasClientMessage.sendCredentials(sagCredentials);
            if (!jaasClientMessage.isAuthenticated()) {
                throw new fAuthenticationException("JAAS authentication failed for user=" + str2);
            }
            loginResponse = new fDefaultResponse(true);
        }
        return loginResponse;
    }
}
