package org.apache.directory.server.ldap.support.bind;

import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;
import org.apache.directory.shared.ldap.message.BindRequest;
import org.apache.directory.shared.ldap.message.BindResponse;
import org.apache.directory.shared.ldap.message.LdapResult;
import org.apache.directory.shared.ldap.message.ResultCodeEnum;
import org.apache.mina.common.IoSession;
import org.apache.mina.handler.chain.IoHandlerCommand;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/directory/server/ldap/support/bind/HandleSasl.class */
public class HandleSasl implements IoHandlerCommand {
    private static final Logger log = LoggerFactory.getLogger(HandleSasl.class);
    private static final Map DEFAULT_HANDLERS;

    public void execute(IoHandlerCommand.NextCommand nextCommand, IoSession ioSession, Object obj) throws Exception {
        String str = (String) ioSession.getAttribute("sessionMechanism");
        if (DEFAULT_HANDLERS.containsKey(str)) {
            handleMechanism(handleMechanism(str, ioSession, obj), nextCommand, ioSession, obj);
        } else {
            nextCommand.execute(ioSession, obj);
        }
    }

    private SaslServer handleMechanism(String str, IoSession ioSession, Object obj) throws Exception {
        MechanismHandler mechanismHandler = (MechanismHandler) DEFAULT_HANDLERS.get(str);
        if (mechanismHandler == null) {
            throw new IllegalArgumentException("Handler unavailable for " + str);
        }
        return mechanismHandler.handleMechanism(ioSession, obj);
    }

    private void handleMechanism(SaslServer saslServer, IoHandlerCommand.NextCommand nextCommand, IoSession ioSession, Object obj) throws Exception {
        BindRequest bindRequest = (BindRequest) obj;
        LdapResult ldapResult = bindRequest.getResultResponse().getLdapResult();
        if (saslServer.isComplete()) {
            return;
        }
        try {
            if (bindRequest.getCredentials() == null) {
                bindRequest.setCredentials(new byte[0]);
            }
            byte[] evaluateResponse = saslServer.evaluateResponse(bindRequest.getCredentials());
            if (saslServer.isComplete()) {
                ioSession.setAttribute("saslCreds", evaluateResponse);
                nextCommand.execute(ioSession, obj);
            } else {
                log.info("Continuation token had length " + evaluateResponse.length);
                ldapResult.setResultCode(ResultCodeEnum.SASL_BIND_IN_PROGRESS);
                BindResponse resultResponse = bindRequest.getResultResponse();
                resultResponse.setServerSaslCreds(evaluateResponse);
                ioSession.write(resultResponse);
                log.debug("Returning final authentication data to client to complete context.");
            }
        } catch (SaslException e) {
            log.error(e.getMessage());
            ldapResult.setResultCode(ResultCodeEnum.INVALID_CREDENTIALS);
            ldapResult.setErrorMessage(e.getMessage());
            ioSession.write(bindRequest.getResultResponse());
        }
    }

    static {
        HashMap hashMap = new HashMap();
        hashMap.put("CRAM-MD5", new CramMd5MechanismHandler());
        hashMap.put("DIGEST-MD5", new DigestMd5MechanismHandler());
        hashMap.put("GSSAPI", new GssapiMechanismHandler());
        DEFAULT_HANDLERS = Collections.unmodifiableMap(hashMap);
    }
}
