package org.apache.directory.server.ldap.support.bind;

import java.security.PrivilegedExceptionAction;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.sasl.Sasl;
import javax.security.sasl.SaslServer;
import org.apache.directory.server.ldap.LdapProtocolProvider;
import org.apache.mina.common.IoSession;

/* loaded from: input_file:org/apache/directory/server/ldap/support/bind/GssapiMechanismHandler.class */
public class GssapiMechanismHandler implements MechanismHandler {
    @Override // org.apache.directory.server.ldap.support.bind.MechanismHandler
    public SaslServer handleMechanism(IoSession ioSession, Object obj) throws Exception {
        SaslServer saslServer;
        if (ioSession.containsAttribute(MechanismHandler.SASL_CONTEXT)) {
            saslServer = (SaslServer) ioSession.getAttribute(MechanismHandler.SASL_CONTEXT);
        } else {
            Subject subject = (Subject) ioSession.getAttribute("saslSubject");
            final Map map = (Map) ioSession.getAttribute("saslProps");
            final String str = (String) ioSession.getAttribute("saslHost");
            final GssapiCallbackHandler gssapiCallbackHandler = new GssapiCallbackHandler(ioSession, obj);
            saslServer = (SaslServer) Subject.doAs(subject, new PrivilegedExceptionAction() { // from class: org.apache.directory.server.ldap.support.bind.GssapiMechanismHandler.1
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    return Sasl.createSaslServer("GSSAPI", LdapProtocolProvider.SERVICE_NAME, str, map, gssapiCallbackHandler);
                }
            });
            ioSession.setAttribute(MechanismHandler.SASL_CONTEXT, saslServer);
        }
        return saslServer;
    }
}
