package com.ghc.a3.http.server;

import com.ghc.a3.http.server.AuthenticationResultFactory;
import com.ghc.utils.GeneralUtils;
import java.io.IOException;
import java.security.PrivilegedExceptionAction;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginContext;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.Oid;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:com/ghc/a3/http/server/SpnegoAuthentication.class */
public class SpnegoAuthentication implements AuthenticationScheme {
    private static final String SPNEGO_AUTHENTICATION_SCHEME = "Negotiate";
    private GSSContext m_context;
    private Exception m_loginException;

    /* loaded from: input_file:com/ghc/a3/http/server/SpnegoAuthentication$EstablishGssContext.class */
    private static class EstablishGssContext implements PrivilegedExceptionAction<GSSContext> {
        private EstablishGssContext() {
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.security.PrivilegedExceptionAction
        public GSSContext run() throws Exception {
            GSSManager gSSManager = GSSManager.getInstance();
            return gSSManager.createContext(gSSManager.createCredential(gSSManager.createName("HTTP/ghc-pc043.greenhat.local@GREENHAT.LOCAL", GSSName.NT_HOSTBASED_SERVICE), 0, new Oid("1.3.6.1.5.5.2"), 2));
        }

        /* synthetic */ EstablishGssContext(EstablishGssContext establishGssContext) {
            this();
        }
    }

    public SpnegoAuthentication() {
        try {
            LoginContext loginContext = new LoginContext("null|rtegg|Peps1max", new CallbackHandler() { // from class: com.ghc.a3.http.server.SpnegoAuthentication.1
                @Override // javax.security.auth.callback.CallbackHandler
                public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
                    for (int i = 0; i < callbackArr.length; i++) {
                        if (callbackArr[i] instanceof NameCallback) {
                            ((NameCallback) callbackArr[i]).setName("rtegg");
                        } else if (callbackArr[i] instanceof PasswordCallback) {
                            if ("Peps1max" == 0 || "Peps1max".length() == 0) {
                                ((PasswordCallback) callbackArr[i]).setPassword(null);
                            } else {
                                ((PasswordCallback) callbackArr[i]).setPassword("Peps1max".toCharArray());
                            }
                        }
                    }
                }
            });
            if (HttpAuthenticationContext.s_debug) {
                System.out.println("Created login object, about to login using kerberos details");
            }
            loginContext.login();
            if (HttpAuthenticationContext.s_debug) {
                System.out.println("Successfully logged in. Will now try to create a GSSContext object");
            }
            this.m_context = (GSSContext) Subject.doAs(loginContext.getSubject(), new EstablishGssContext(null));
        } catch (Exception e) {
            if (HttpAuthenticationContext.s_debug) {
                System.out.println("FAILED TO CREATE CONTEXT: " + e);
            }
            this.m_loginException = e;
        }
    }

    @Override // com.ghc.a3.http.server.AuthenticationScheme
    public String getScheme() {
        return "Negotiate";
    }

    @Override // com.ghc.a3.http.server.AuthenticationScheme
    public String getRequestForAuthentication() {
        return "Negotiate";
    }

    @Override // com.ghc.a3.http.server.AuthenticationScheme
    public String getName() {
        return "SPNEGO";
    }

    /* JADX WARN: Type inference failed for: r2v6, types: [java.lang.String[], java.lang.String[][]] */
    @Override // com.ghc.a3.http.server.AuthenticationScheme
    public AuthenticationResultFactory.AuthenticationResult authorise(String str) {
        if (this.m_loginException != null) {
            return AuthenticationResultFactory.createFailedAuthenticationResult("Could not authenticate. " + this.m_loginException.getMessage());
        }
        try {
            byte[] fromBase64 = GeneralUtils.fromBase64(str.substring("Negotiate".length() + 1));
            if (HttpAuthenticationContext.s_debug) {
                System.out.println("SPNEGO DECODED MESSAGE " + new String(fromBase64));
            }
            byte[] bArr = null;
            if (!this.m_context.isEstablished()) {
                if (HttpAuthenticationContext.s_debug) {
                    System.out.println("GSSContext not established yet");
                }
                bArr = this.m_context.acceptSecContext(fromBase64, 0, fromBase64.length);
            }
            if (!this.m_context.isEstablished()) {
                if (HttpAuthenticationContext.s_debug) {
                    System.out.println("GSSContext has NOT been established. Requesting further information from the client");
                }
                return AuthenticationResultFactory.createNegotiateResult("401", "Unauthorised", new String[]{new String[]{"WWW-Authenticate", "Negotiate " + GeneralUtils.toBase64(bArr)}});
            }
            if (bArr != null) {
                if (HttpAuthenticationContext.s_debug) {
                    System.out.println("GSSContext has been established, the authentication was successful and a token should be sent back");
                }
                return AuthenticationResultFactory.createSuccessfulAuthenticationResultWithToken(GeneralUtils.toBase64(bArr));
            }
            if (HttpAuthenticationContext.s_debug) {
                System.out.println("GSSContext has been established and the authentication was successful");
            }
            return AuthenticationResultFactory.createSuccessfulAuthenticationResult();
        } catch (Exception e) {
            String str2 = ((e.getCause() instanceof GSSException) && e.getCause().getMajor() == 13) ? "COULD NOT ACCEPT TOKEN: " + e.getCause().getMessage() : "OTHER TOKEN ERROR: " + e.getMessage();
            if (HttpAuthenticationContext.s_debug) {
                System.out.println("ERROR PROCESSING MESSAGE RECEIVED " + str2);
            }
            return AuthenticationResultFactory.createFailedAuthenticationResult(str2);
        }
    }
}
