package org.eclipse.jetty.security;

import defpackage.vr1;
import defpackage.xr1;
import defpackage.yr1;
import defpackage.zr1;
import j$.util.Base64;
import java.net.InetAddress;
import java.nio.file.Path;
import java.security.PrivilegedAction;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginContext;
import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.eclipse.jetty.security.ConfigurableSpnegoLoginService;
import org.eclipse.jetty.security.authentication.AuthorizationService;
import org.eclipse.jetty.server.UserIdentity;
import org.eclipse.jetty.util.component.ContainerLifeCycle;
import org.eclipse.jetty.util.log.Log;
import org.eclipse.jetty.util.log.Logger;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.Oid;

/* loaded from: classes6.dex */
public class ConfigurableSpnegoLoginService extends ContainerLifeCycle implements LoginService {
    public static final Logger B = Log.getLogger((Class<?>) ConfigurableSpnegoLoginService.class);
    public zr1 A;
    public final String u;
    public final AuthorizationService v;
    public String x;
    public Path y;
    public String z;
    public final GSSManager t = GSSManager.getInstance();
    public IdentityService w = new DefaultIdentityService();

    public ConfigurableSpnegoLoginService(String str, AuthorizationService authorizationService) {
        this.u = str;
        this.v = authorizationService;
    }

    public static /* synthetic */ byte[] e(GSSContext gSSContext, byte[] bArr) {
        try {
            return gSSContext.acceptSecContext(bArr, 0, bArr.length);
        } catch (GSSException e) {
            throw new RuntimeException((Throwable) e);
        }
    }

    public static String h(GSSContext gSSContext) {
        try {
            String obj = gSSContext.getSrcName().toString();
            int indexOf = obj.indexOf(64);
            return indexOf < 0 ? obj : obj.substring(0, indexOf);
        } catch (GSSException e) {
            throw new RuntimeException((Throwable) e);
        }
    }

    @Override // org.eclipse.jetty.util.component.ContainerLifeCycle, org.eclipse.jetty.util.component.AbstractLifeCycle
    public void doStart() throws Exception {
        if (this.z == null) {
            this.z = InetAddress.getLocalHost().getCanonicalHostName();
        }
        Logger logger = B;
        if (logger.isDebugEnabled()) {
            logger.debug("Retrieving credentials for service {}/{}", getServiceName(), getHostName());
        }
        LoginContext loginContext = new LoginContext("", (Subject) null, (CallbackHandler) null, new yr1(0));
        loginContext.login();
        Subject subject = loginContext.getSubject();
        this.A = (zr1) Subject.doAs(subject, new vr1(this, subject, 1));
        super.doStart();
    }

    public final /* synthetic */ GSSContext f() {
        GSSCredential gSSCredential;
        try {
            GSSManager gSSManager = this.t;
            gSSCredential = this.A.b;
            return gSSManager.createContext(gSSCredential);
        } catch (GSSException e) {
            throw new RuntimeException((Throwable) e);
        }
    }

    public final /* synthetic */ zr1 g(Subject subject) {
        try {
            GSSCredential createCredential = this.t.createCredential(this.t.createName(getServiceName() + "@" + getHostName(), GSSName.NT_HOSTBASED_SERVICE), 0, new Oid[]{new Oid("1.2.840.113554.1.2.2"), new Oid("1.3.6.1.5.5.2")}, 2);
            zr1 zr1Var = new zr1();
            zr1Var.a = subject;
            zr1Var.b = createCredential;
            return zr1Var;
        } catch (GSSException e) {
            throw new RuntimeException((Throwable) e);
        }
    }

    public String getHostName() {
        return this.z;
    }

    @Override // org.eclipse.jetty.security.LoginService
    public IdentityService getIdentityService() {
        return this.w;
    }

    public Path getKeyTabPath() {
        return this.y;
    }

    @Override // org.eclipse.jetty.security.LoginService
    public String getName() {
        return this.u;
    }

    public String getServiceName() {
        return this.x;
    }

    /* JADX WARN: Type inference failed for: r9v2, types: [byte[], java.io.Serializable] */
    @Override // org.eclipse.jetty.security.LoginService
    public UserIdentity login(String str, Object obj, ServletRequest servletRequest) {
        Subject subject;
        Subject subject2;
        xr1 xr1Var;
        subject = this.A.a;
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpSession session = httpServletRequest.getSession(false);
        GSSContext gSSContext = (session == null || (xr1Var = (xr1) session.getAttribute("xr1")) == null) ? null : xr1Var.a;
        if (gSSContext == null) {
            gSSContext = (GSSContext) Subject.doAs(subject, new PrivilegedAction() { // from class: wr1
                @Override // java.security.PrivilegedAction
                public final Object run() {
                    Logger logger = ConfigurableSpnegoLoginService.B;
                    return ConfigurableSpnegoLoginService.this.f();
                }
            });
        }
        ?? decode = Base64.getDecoder().decode((String) obj);
        subject2 = this.A.a;
        String encodeToString = Base64.getEncoder().encodeToString((byte[]) Subject.doAs(subject2, new vr1(gSSContext, decode, 0)));
        String h = h(gSSContext);
        SpnegoUserPrincipal spnegoUserPrincipal = new SpnegoUserPrincipal(h, encodeToString);
        if (gSSContext.isEstablished()) {
            if (session != null) {
                session.removeAttribute("xr1");
            }
            return new SpnegoUserIdentity(subject, spnegoUserPrincipal, this.v.getUserIdentity(httpServletRequest, h));
        }
        if (session == null) {
            session = httpServletRequest.getSession(true);
        }
        session.setAttribute("xr1", new xr1(gSSContext));
        return new SpnegoUserIdentity(subject, spnegoUserPrincipal, null);
    }

    @Override // org.eclipse.jetty.security.LoginService
    public void logout(UserIdentity userIdentity) {
    }

    public void setHostName(String str) {
        this.z = str;
    }

    @Override // org.eclipse.jetty.security.LoginService
    public void setIdentityService(IdentityService identityService) {
        this.w = identityService;
    }

    public void setKeyTabPath(Path path) {
        this.y = path;
    }

    public void setServiceName(String str) {
        this.x = str;
    }

    @Override // org.eclipse.jetty.security.LoginService
    public boolean validate(UserIdentity userIdentity) {
        return false;
    }
}
