package com.mongodb.internal.connection;

import com.mongodb.MongoCredential;
import com.mongodb.MongoException;
import com.mongodb.MongoInterruptedException;
import com.mongodb.MongoSecurityException;
import com.mongodb.ServerAddress;
import com.mongodb.async.SingleResultCallback;
import com.mongodb.connection.ConnectionDescription;
import com.mongodb.lang.Nullable;
import java.security.PrivilegedAction;
import javax.security.auth.Subject;
import javax.security.sasl.SaslClient;
import javax.security.sasl.SaslException;
import org.bson.BsonBinary;
import org.bson.BsonDocument;
import org.bson.BsonInt32;
import org.bson.BsonString;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:WEB-INF/lib/mongo-java-driver-3.8.0.jar:com/mongodb/internal/connection/SaslAuthenticator.class */
public abstract class SaslAuthenticator extends Authenticator {

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:WEB-INF/lib/mongo-java-driver-3.8.0.jar:com/mongodb/internal/connection/SaslAuthenticator$Continuator.class */
    public final class Continuator implements SingleResultCallback<BsonDocument> {
        private final SaslClient saslClient;
        private final BsonDocument saslStartDocument;
        private final InternalConnection connection;
        private final SingleResultCallback<Void> callback;

        Continuator(SaslClient saslClient, BsonDocument bsonDocument, InternalConnection internalConnection, SingleResultCallback<Void> singleResultCallback) {
            this.saslClient = saslClient;
            this.saslStartDocument = bsonDocument;
            this.connection = internalConnection;
            this.callback = singleResultCallback;
        }

        @Override // com.mongodb.async.SingleResultCallback
        public void onResult(BsonDocument bsonDocument, Throwable th) {
            if (th != null) {
                this.callback.onResult(null, SaslAuthenticator.this.wrapException(th));
                SaslAuthenticator.this.disposeOfSaslClient(this.saslClient);
            } else if (!bsonDocument.getBoolean("done").getValue()) {
                continueConversation(bsonDocument);
            } else {
                this.callback.onResult(null, null);
                SaslAuthenticator.this.disposeOfSaslClient(this.saslClient);
            }
        }

        public void start() {
            continueConversation(this.saslStartDocument);
        }

        private void continueConversation(final BsonDocument bsonDocument) {
            try {
                SaslAuthenticator.this.doAsSubject(new PrivilegedAction<Void>() { // from class: com.mongodb.internal.connection.SaslAuthenticator.Continuator.1
                    /* JADX WARN: Can't rename method to resolve collision */
                    @Override // java.security.PrivilegedAction
                    public Void run() {
                        try {
                            SaslAuthenticator.this.sendSaslContinueAsync(Continuator.this.saslStartDocument.getInt32("conversationId"), Continuator.this.saslClient.evaluateChallenge(bsonDocument.getBinary("payload").getData()), Continuator.this.connection, Continuator.this);
                            return null;
                        } catch (SaslException e) {
                            throw SaslAuthenticator.this.wrapException(e);
                        }
                    }
                });
            } catch (Throwable th) {
                this.callback.onResult(null, th);
                SaslAuthenticator.this.disposeOfSaslClient(this.saslClient);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SaslAuthenticator(MongoCredentialWithCache mongoCredentialWithCache) {
        super(mongoCredentialWithCache);
    }

    @Override // com.mongodb.internal.connection.Authenticator
    public void authenticate(final InternalConnection internalConnection, ConnectionDescription connectionDescription) {
        doAsSubject(new PrivilegedAction<Void>() { // from class: com.mongodb.internal.connection.SaslAuthenticator.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public Void run() {
                SaslClient createSaslClient = SaslAuthenticator.this.createSaslClient(internalConnection.getDescription().getServerAddress());
                SaslAuthenticator.this.throwIfSaslClientIsNull(createSaslClient);
                try {
                    try {
                        BsonDocument sendSaslStart = SaslAuthenticator.this.sendSaslStart(createSaslClient.hasInitialResponse() ? createSaslClient.evaluateChallenge(new byte[0]) : null, internalConnection);
                        BsonInt32 int32 = sendSaslStart.getInt32("conversationId");
                        while (!sendSaslStart.getBoolean("done").getValue()) {
                            byte[] evaluateChallenge = createSaslClient.evaluateChallenge(sendSaslStart.getBinary("payload").getData());
                            if (evaluateChallenge == null) {
                                throw new MongoSecurityException(SaslAuthenticator.this.getMongoCredential(), "SASL protocol error: no client response to challenge for credential " + SaslAuthenticator.this.getMongoCredential());
                            }
                            sendSaslStart = SaslAuthenticator.this.sendSaslContinue(int32, evaluateChallenge, internalConnection);
                        }
                        return null;
                    } catch (Exception e) {
                        throw SaslAuthenticator.this.wrapException(e);
                    }
                } finally {
                    SaslAuthenticator.this.disposeOfSaslClient(createSaslClient);
                }
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.mongodb.internal.connection.Authenticator
    public void authenticateAsync(final InternalConnection internalConnection, ConnectionDescription connectionDescription, final SingleResultCallback<Void> singleResultCallback) {
        try {
            doAsSubject(new PrivilegedAction<Void>() { // from class: com.mongodb.internal.connection.SaslAuthenticator.2
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedAction
                public Void run() {
                    final SaslClient createSaslClient = SaslAuthenticator.this.createSaslClient(internalConnection.getDescription().getServerAddress());
                    SaslAuthenticator.this.throwIfSaslClientIsNull(createSaslClient);
                    try {
                        SaslAuthenticator.this.sendSaslStartAsync(createSaslClient.hasInitialResponse() ? createSaslClient.evaluateChallenge(new byte[0]) : null, internalConnection, new SingleResultCallback<BsonDocument>() { // from class: com.mongodb.internal.connection.SaslAuthenticator.2.1
                            @Override // com.mongodb.async.SingleResultCallback
                            public void onResult(BsonDocument bsonDocument, Throwable th) {
                                if (th != null) {
                                    singleResultCallback.onResult(null, SaslAuthenticator.this.wrapException(th));
                                } else if (bsonDocument.getBoolean("done").getValue()) {
                                    singleResultCallback.onResult(null, null);
                                } else {
                                    new Continuator(createSaslClient, bsonDocument, internalConnection, singleResultCallback).start();
                                }
                            }
                        });
                        return null;
                    } catch (SaslException e) {
                        throw SaslAuthenticator.this.wrapException(e);
                    }
                }
            });
        } catch (Throwable th) {
            singleResultCallback.onResult(null, th);
        }
    }

    public abstract String getMechanismName();

    protected abstract SaslClient createSaslClient(ServerAddress serverAddress);

    /* JADX INFO: Access modifiers changed from: private */
    public void throwIfSaslClientIsNull(SaslClient saslClient) {
        if (saslClient == null) {
            throw new MongoSecurityException(getMongoCredential(), String.format("This JDK does not support the %s SASL mechanism", getMechanismName()));
        }
    }

    @Nullable
    private Subject getSubject() {
        return (Subject) getMongoCredential().getMechanismProperty(MongoCredential.JAVA_SUBJECT_KEY, null);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public BsonDocument sendSaslStart(byte[] bArr, InternalConnection internalConnection) {
        return CommandHelper.executeCommand(getMongoCredential().getSource(), createSaslStartCommandDocument(bArr), internalConnection);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public BsonDocument sendSaslContinue(BsonInt32 bsonInt32, byte[] bArr, InternalConnection internalConnection) {
        return CommandHelper.executeCommand(getMongoCredential().getSource(), createSaslContinueDocument(bsonInt32, bArr), internalConnection);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void sendSaslStartAsync(byte[] bArr, InternalConnection internalConnection, SingleResultCallback<BsonDocument> singleResultCallback) {
        CommandHelper.executeCommandAsync(getMongoCredential().getSource(), createSaslStartCommandDocument(bArr), internalConnection, singleResultCallback);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void sendSaslContinueAsync(BsonInt32 bsonInt32, byte[] bArr, InternalConnection internalConnection, SingleResultCallback<BsonDocument> singleResultCallback) {
        CommandHelper.executeCommandAsync(getMongoCredential().getSource(), createSaslContinueDocument(bsonInt32, bArr), internalConnection, singleResultCallback);
    }

    private BsonDocument createSaslStartCommandDocument(byte[] bArr) {
        return new BsonDocument("saslStart", new BsonInt32(1)).append("mechanism", new BsonString(getMechanismName())).append("payload", new BsonBinary(bArr != null ? bArr : new byte[0]));
    }

    private BsonDocument createSaslContinueDocument(BsonInt32 bsonInt32, byte[] bArr) {
        return new BsonDocument("saslContinue", new BsonInt32(1)).append("conversationId", bsonInt32).append("payload", new BsonBinary(bArr));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void disposeOfSaslClient(SaslClient saslClient) {
        try {
            saslClient.dispose();
        } catch (SaslException e) {
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public MongoException wrapException(Throwable th) {
        return th instanceof MongoInterruptedException ? (MongoInterruptedException) th : th instanceof MongoSecurityException ? (MongoSecurityException) th : new MongoSecurityException(getMongoCredential(), "Exception authenticating " + getMongoCredential(), th);
    }

    void doAsSubject(PrivilegedAction<Void> privilegedAction) {
        if (getSubject() == null) {
            privilegedAction.run();
        } else {
            Subject.doAs(getSubject(), privilegedAction);
        }
    }
}
