package tigase.auth.mechanisms;

import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.HashMap;
import java.util.logging.Logger;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.sasl.AuthorizeCallback;
import javax.security.sasl.SaslException;
import junit.framework.TestCase;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import tigase.TestLogger;
import tigase.auth.callbacks.AuthorizationIdCallback;
import tigase.auth.callbacks.ReplaceServerKeyCallback;
import tigase.auth.callbacks.ServerKeyCallback;
import tigase.xmpp.jid.BareJID;

/* loaded from: input_file:tigase/auth/mechanisms/SaslXTOKENTest.class */
public class SaslXTOKENTest extends TestCase {
    private static final Logger log = TestLogger.getLogger(SaslSCRAMTest.class);
    private byte[] serverKey;
    private byte[] newServerKey;
    private SaslXTOKEN sasl;
    private final SecureRandom random = new SecureRandom();
    private final boolean printTestVectors = false;

    @Before
    public void setUp() {
        this.serverKey = new byte[32];
        this.random.nextBytes(this.serverKey);
        this.sasl = new SaslXTOKEN(new HashMap(), new CallbackHandler() { // from class: tigase.auth.mechanisms.SaslXTOKENTest.1
            private String username;

            @Override // javax.security.auth.callback.CallbackHandler
            public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
                for (Callback callback : callbackArr) {
                    if (callback instanceof NameCallback) {
                        BareJID bareJIDInstanceNS = BareJID.bareJIDInstanceNS(((NameCallback) callback).getDefaultName());
                        if (bareJIDInstanceNS.getLocalpart() == null || !"domain.com".equalsIgnoreCase(bareJIDInstanceNS.getDomain())) {
                            bareJIDInstanceNS = BareJID.bareJIDInstanceNS(((NameCallback) callback).getDefaultName(), "domain.com");
                        }
                        this.username = bareJIDInstanceNS.toString();
                        ((NameCallback) callback).setName(this.username);
                    } else if (callback instanceof ServerKeyCallback) {
                        ((ServerKeyCallback) callback).setServerKey(SaslXTOKENTest.this.serverKey);
                    } else if (callback instanceof AuthorizationIdCallback) {
                        continue;
                    } else if (callback instanceof AuthorizeCallback) {
                        boolean equals = ((AuthorizeCallback) callback).getAuthorizationID().equals(((AuthorizeCallback) callback).getAuthenticationID());
                        ((AuthorizeCallback) callback).setAuthorized(equals);
                        if (equals) {
                            ((AuthorizeCallback) callback).setAuthorizedID(((AuthorizeCallback) callback).getAuthorizationID());
                        }
                    } else {
                        if (!(callback instanceof ReplaceServerKeyCallback)) {
                            throw new UnsupportedCallbackException(callback);
                        }
                        ((ReplaceServerKeyCallback) callback).setNewServerKey(SaslXTOKENTest.this.newServerKey);
                    }
                }
            }
        });
    }

    @Test
    public void testEmptyToken() {
        try {
            this.sasl.evaluateResponse(new byte[0]);
            fail("Exception must be thrown");
        } catch (SaslException e) {
        }
        assertFalse(this.sasl.isComplete());
    }

    @Test
    public void testValidToken() throws InvalidKeyException, NoSuchAlgorithmException {
        this.newServerKey = null;
        byte[] bArr = new byte[32];
        this.random.nextBytes(bArr);
        Mac mac = Mac.getInstance("HmacSHA256");
        mac.init(new SecretKeySpec(this.serverKey, "SHA-256"));
        byte[] doFinal = mac.doFinal(bArr);
        try {
            byte[] bytes = "test@domain.com".getBytes(StandardCharsets.UTF_8);
            byte[] bArr2 = new byte[bArr.length + 1 + doFinal.length + 1 + bytes.length];
            System.arraycopy(bArr, 0, bArr2, 0, 32);
            System.arraycopy(doFinal, 0, bArr2, 33, 32);
            System.arraycopy(bytes, 0, bArr2, 66, bytes.length);
            Assert.assertArrayEquals(bytes, this.sasl.evaluateResponse(bArr2));
        } catch (SaslException e) {
            e.printStackTrace();
            fail("Exception must not be thrown");
        }
        assertTrue(this.sasl.isComplete());
    }

    @Test
    public void testValidTokenWithNewKey() throws InvalidKeyException, NoSuchAlgorithmException {
        this.newServerKey = new byte[32];
        this.random.nextBytes(this.newServerKey);
        byte[] bArr = new byte[32];
        this.random.nextBytes(bArr);
        Mac mac = Mac.getInstance("HmacSHA256");
        mac.init(new SecretKeySpec(this.serverKey, "SHA-256"));
        byte[] doFinal = mac.doFinal(bArr);
        try {
            byte[] bytes = "test@domain.com".getBytes(StandardCharsets.UTF_8);
            byte[] bArr2 = new byte[bArr.length + 1 + doFinal.length + 1 + bytes.length];
            System.arraycopy(bArr, 0, bArr2, 0, 32);
            System.arraycopy(doFinal, 0, bArr2, 33, 32);
            System.arraycopy(bytes, 0, bArr2, 66, bytes.length);
            byte[] evaluateResponse = this.sasl.evaluateResponse(bArr2);
            byte[] bArr3 = new byte[bytes.length + 1 + this.newServerKey.length];
            System.arraycopy(bytes, 0, bArr3, 0, bytes.length);
            System.arraycopy(this.newServerKey, 0, bArr3, bytes.length + 1, this.newServerKey.length);
            Assert.assertArrayEquals(bArr3, evaluateResponse);
            print(bytes, this.serverKey, bArr2, evaluateResponse, this.newServerKey);
            this.serverKey = this.newServerKey;
            this.newServerKey = null;
            Mac mac2 = Mac.getInstance("HmacSHA256");
            mac2.init(new SecretKeySpec(this.serverKey, "SHA-256"));
            byte[] doFinal2 = mac2.doFinal(bArr);
            byte[] bArr4 = new byte[bArr.length + 1 + doFinal2.length + 1 + bytes.length];
            System.arraycopy(bArr, 0, bArr4, 0, 32);
            System.arraycopy(doFinal2, 0, bArr4, 33, 32);
            System.arraycopy(bytes, 0, bArr4, 66, bytes.length);
            byte[] evaluateResponse2 = this.sasl.evaluateResponse(bArr4);
            Assert.assertArrayEquals(bytes, evaluateResponse2);
            print(bytes, this.serverKey, bArr4, evaluateResponse2, this.newServerKey);
        } catch (SaslException e) {
            e.printStackTrace();
            fail("Exception must not be thrown");
        }
        assertTrue(this.sasl.isComplete());
    }

    private void print(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4, byte[] bArr5) {
    }
}
