package com.sun.identity.liberty.ws.authnsvc.mechanism;

import com.iplanet.am.util.SystemProperties;
import com.iplanet.sso.SSOToken;
import com.sun.identity.authentication.AuthContext;
import com.sun.identity.authentication.spi.AuthLoginException;
import com.sun.identity.liberty.ws.authnsvc.AuthnSvcConstants;
import com.sun.identity.liberty.ws.authnsvc.AuthnSvcUtils;
import com.sun.identity.liberty.ws.authnsvc.protocol.SASLRequest;
import com.sun.identity.liberty.ws.authnsvc.protocol.SASLResponse;
import com.sun.identity.liberty.ws.soapbinding.Message;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;

/* loaded from: input_file:120955-02/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/liberty/ws/authnsvc/mechanism/PlainMechanismHandler.class */
public class PlainMechanismHandler implements MechanismHandler {
    private static String defaultOrg = SystemProperties.get("com.iplanet.am.defaultOrg");

    @Override // com.sun.identity.liberty.ws.authnsvc.mechanism.MechanismHandler
    public SASLResponse processSASLRequest(SASLRequest sASLRequest, Message message, String str) {
        SASLResponse sASLResponse;
        if (AuthnSvcUtils.debug.messageEnabled()) {
            AuthnSvcUtils.debug.message("PlainMechanismHandler.processSASLRequest: ");
        }
        String refToMessageID = sASLRequest.getRefToMessageID();
        boolean z = refToMessageID == null || refToMessageID.length() == 0;
        if (AuthnSvcUtils.debug.messageEnabled()) {
            AuthnSvcUtils.debug.message(new StringBuffer().append("PlainMechanismHandler.processSASLRequest: refToMessageID = ").append(refToMessageID).toString());
        }
        byte[] data = sASLRequest.getData();
        if (data != null) {
            String str2 = null;
            try {
                str2 = new String(data, "UTF-8");
            } catch (Exception e) {
                AuthnSvcUtils.debug.error("PlainMechanismHandler.processSASLRequest: ", e);
            }
            sASLResponse = str2 == null ? new SASLResponse(SASLResponse.ABORT) : authenticate(str2, message);
            if (z) {
                sASLResponse.setServerMechanism(AuthnSvcConstants.MECHANISM_PLAIN);
            }
        } else if (z) {
            sASLResponse = new SASLResponse(SASLResponse.CONTINUE);
            sASLResponse.setServerMechanism(AuthnSvcConstants.MECHANISM_PLAIN);
        } else {
            sASLResponse = new SASLResponse(SASLResponse.ABORT);
        }
        return sASLResponse;
    }

    private SASLResponse authenticate(String str, Message message) {
        int indexOf;
        Callback[] requirements;
        int indexOf2 = str.indexOf(0);
        if (indexOf2 != -1 && (indexOf = str.indexOf(0, indexOf2 + 1)) != -1) {
            String substring = str.substring(0, indexOf2);
            String substring2 = str.substring(indexOf2 + 1, indexOf);
            String substring3 = str.substring(indexOf + 1);
            if (substring2 == null) {
                return new SASLResponse(SASLResponse.ABORT);
            }
            if (AuthnSvcUtils.debug.messageEnabled()) {
                AuthnSvcUtils.debug.message(new StringBuffer().append("PlainMechanismHandler.authenticate: authzID = ").append(substring).append(", authnID = ").append(substring2).append(", password = ").append(substring3).toString());
            }
            try {
                AuthContext authContext = new AuthContext(defaultOrg);
                authContext.login(AuthContext.IndexType.MODULE_INSTANCE, "LDAP");
                if (authContext.hasMoreRequirements() && (requirements = authContext.getRequirements()) != null) {
                    fillInCallbacks(requirements, substring2, substring3);
                    authContext.submitRequirements(requirements);
                }
                AuthContext.Status status = authContext.getStatus();
                if (AuthnSvcUtils.debug.messageEnabled()) {
                    AuthnSvcUtils.debug.message(new StringBuffer().append("PlainMechanismHandler.authenticate: login status = ").append(status).toString());
                }
                if (status != AuthContext.Status.SUCCESS) {
                    return new SASLResponse(SASLResponse.ABORT);
                }
                try {
                    SSOToken sSOToken = authContext.getSSOToken();
                    SASLResponse sASLResponse = new SASLResponse("OK");
                    return !AuthnSvcUtils.setResourceOfferingAndCredentials(sASLResponse, message, sSOToken) ? new SASLResponse(SASLResponse.ABORT) : sASLResponse;
                } catch (Exception e) {
                    AuthnSvcUtils.debug.error("PlainMechanismHandler.authenticate: ", e);
                    return new SASLResponse(SASLResponse.ABORT);
                }
            } catch (AuthLoginException e2) {
                AuthnSvcUtils.debug.error("PlainMechanismHandler.authenticate: ", e2);
                return new SASLResponse(SASLResponse.ABORT);
            }
        }
        return new SASLResponse(SASLResponse.ABORT);
    }

    private static void fillInCallbacks(Callback[] callbackArr, String str, String str2) {
        if (AuthnSvcUtils.debug.messageEnabled()) {
            AuthnSvcUtils.debug.message("PlainMechanismHandler.fillInCallbacks:");
        }
        for (Callback callback : callbackArr) {
            if (callback instanceof NameCallback) {
                ((NameCallback) callback).setName(str);
            } else if (callback instanceof PasswordCallback) {
                ((PasswordCallback) callback).setPassword(str2.toCharArray());
            }
        }
    }
}
