package tigase.ldap.processors;

import com.unboundid.asn1.ASN1OctetString;
import com.unboundid.ldap.protocol.BindRequestProtocolOp;
import com.unboundid.ldap.protocol.BindResponseProtocolOp;
import com.unboundid.ldap.protocol.ProtocolOp;
import com.unboundid.ldap.sdk.LDAPException;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.HashMap;
import java.util.List;
import java.util.UUID;
import java.util.function.Consumer;
import java.util.logging.Logger;
import javax.security.sasl.Sasl;
import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;
import tigase.auth.TigaseSaslProvider;
import tigase.db.NonAuthUserRepository;
import tigase.kernel.beans.Bean;
import tigase.kernel.beans.Inject;
import tigase.ldap.LdapConnectionManager;
import tigase.ldap.utils.DN;
import tigase.server.xmppsession.SessionManagerHandler;
import tigase.util.stringprep.TigaseStringprepException;
import tigase.vhosts.VHostItemImpl;
import tigase.xmpp.XMPPResourceConnection;
import tigase.xmpp.jid.BareJID;
import tigase.xmpp.jid.JID;

@Bean(name = "bindRequest", active = true, parent = LdapConnectionManager.class)
/* loaded from: input_file:tigase/ldap/processors/BindRequestProcessor.class */
public class BindRequestProcessor extends AbstractLDAPProcessor<BindRequestProtocolOp> {
    private static final Logger log = Logger.getLogger(BindRequestProcessor.class.getCanonicalName());
    private final DummySessionManagerHandler sessionManagerHandler = new DummySessionManagerHandler();

    @Inject
    private LdapConnectionManager connectionManager;

    @Inject
    private TigaseSaslProvider saslProvider;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:tigase/ldap/processors/BindRequestProcessor$DummySessionManagerHandler.class */
    public static class DummySessionManagerHandler implements SessionManagerHandler {
        private DummySessionManagerHandler() {
        }

        public JID getComponentId() {
            return null;
        }

        public void handleLogin(BareJID bareJID, XMPPResourceConnection xMPPResourceConnection) {
        }

        public void handleDomainChange(String str, XMPPResourceConnection xMPPResourceConnection) {
        }

        public void handleLogout(BareJID bareJID, XMPPResourceConnection xMPPResourceConnection) {
        }

        public void handlePresenceSet(XMPPResourceConnection xMPPResourceConnection) {
        }

        public void handleResourceBind(XMPPResourceConnection xMPPResourceConnection) {
        }

        public boolean isLocalDomain(String str, boolean z) {
            return false;
        }
    }

    @Override // tigase.ldap.processors.LDAPProcessor
    public boolean canHandle(ProtocolOp protocolOp) {
        return super.canHandle(protocolOp) && ((BindRequestProtocolOp) protocolOp).getSimplePassword() != null;
    }

    @Override // tigase.ldap.processors.LDAPProcessor
    public Class<BindRequestProtocolOp> getSupportedProtocolOp() {
        return BindRequestProtocolOp.class;
    }

    public void process(LDAPSession lDAPSession, BindRequestProtocolOp bindRequestProtocolOp, Consumer<ProtocolOp> consumer) throws Exception {
        if (bindRequestProtocolOp.getBindDN().isEmpty() && bindRequestProtocolOp.getSimplePassword().stringValue().isEmpty()) {
            consumer.accept(new BindResponseProtocolOp(0, (String) null, (String) null, (List) null, (ASN1OctetString) null));
            return;
        }
        try {
            DN parse = DN.parse(bindRequestProtocolOp.getBindDN());
            String cn = parse.getUid() == null ? parse.getCn() : parse.getUid();
            String domain = parse.getDomain();
            SaslServer createSaslServer = Sasl.createSaslServer("PLAIN", "xmpp", domain, new HashMap(), this.saslProvider.create("PLAIN", createConnection(domain), (NonAuthUserRepository) null, new HashMap()));
            BareJID bareJIDInstance = BareJID.bareJIDInstance(cn, domain);
            byte[] value = bindRequestProtocolOp.getSimplePassword().getValue();
            log.finest(() -> {
                return "authenticating jid " + String.valueOf(bareJIDInstance) + "...";
            });
            createSaslServer.evaluateResponse(generatePlain(bareJIDInstance, value));
            if (createSaslServer.isComplete()) {
                lDAPSession.setAuthorizedJID(bareJIDInstance);
                consumer.accept(new BindResponseProtocolOp(0, (String) null, (String) null, (List) null, (ASN1OctetString) null));
            } else {
                consumer.accept(new BindResponseProtocolOp(123, (String) null, (String) null, (List) null, (ASN1OctetString) null));
            }
        } catch (LDAPException | SaslException | TigaseStringprepException e) {
            consumer.accept(new BindResponseProtocolOp(49, e.getMessage(), (String) null, (List) null, (ASN1OctetString) null));
        }
    }

    private XMPPResourceConnection createConnection(String str) throws TigaseStringprepException {
        XMPPResourceConnection xMPPResourceConnection = new XMPPResourceConnection(this.connectionManager.getComponentId().copyWithResource(UUID.randomUUID().toString()), getUserRepository(), getAuthRepository(), this.sessionManagerHandler);
        xMPPResourceConnection.setDomain(new VHostItemImpl(JID.jidInstance(str)));
        return xMPPResourceConnection;
    }

    private byte[] generatePlain(BareJID bareJID, byte[] bArr) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(0);
        byteArrayOutputStream.write(bareJID.toString().getBytes(StandardCharsets.UTF_8));
        byteArrayOutputStream.write(0);
        byteArrayOutputStream.write(bArr);
        return byteArrayOutputStream.toByteArray();
    }

    @Override // tigase.ldap.processors.LDAPProcessor
    public /* bridge */ /* synthetic */ void process(LDAPSession lDAPSession, ProtocolOp protocolOp, Consumer consumer) throws Exception {
        process(lDAPSession, (BindRequestProtocolOp) protocolOp, (Consumer<ProtocolOp>) consumer);
    }
}
