package io.jenkins.cli.shaded.org.apache.sshd.client.session;

import io.jenkins.cli.shaded.org.apache.sshd.client.auth.UserAuth;
import io.jenkins.cli.shaded.org.apache.sshd.client.auth.UserAuthFactory;
import io.jenkins.cli.shaded.org.apache.sshd.client.auth.keyboard.UserInteraction;
import io.jenkins.cli.shaded.org.apache.sshd.client.future.AuthFuture;
import io.jenkins.cli.shaded.org.apache.sshd.client.future.DefaultAuthFuture;
import io.jenkins.cli.shaded.org.apache.sshd.common.NamedResource;
import io.jenkins.cli.shaded.org.apache.sshd.common.RuntimeSshException;
import io.jenkins.cli.shaded.org.apache.sshd.common.Service;
import io.jenkins.cli.shaded.org.apache.sshd.common.SshConstants;
import io.jenkins.cli.shaded.org.apache.sshd.common.SshException;
import io.jenkins.cli.shaded.org.apache.sshd.common.auth.UserAuthMethodFactory;
import io.jenkins.cli.shaded.org.apache.sshd.common.io.IoWriteFuture;
import io.jenkins.cli.shaded.org.apache.sshd.common.session.Session;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.GenericUtils;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.ValidateUtils;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.buffer.Buffer;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.closeable.AbstractCloseable;
import io.jenkins.cli.shaded.org.apache.sshd.core.CoreModuleProperties;
import java.io.IOException;
import java.io.InterruptedIOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.atomic.AtomicReference;

/* loaded from: input_file:WEB-INF/lib/cli-2.333-rc32014.70862f517368.jar:io/jenkins/cli/shaded/org/apache/sshd/client/session/ClientUserAuthService.class */
public class ClientUserAuthService extends AbstractCloseable implements Service, ClientSessionHolder {
    protected final ClientSessionImpl clientSession;
    protected final List<UserAuthFactory> authFactories;
    protected List<String> serverMethods;
    private String service;
    private UserAuth userAuth;
    private int currentMethod;
    protected final AtomicReference<AuthFuture> authFutureHolder = new AtomicReference<>();
    private final Map<String, Object> properties = new ConcurrentHashMap();
    protected final List<String> clientMethods = new ArrayList();

    public ClientUserAuthService(Session session) {
        this.clientSession = (ClientSessionImpl) ValidateUtils.checkInstanceOf(session, ClientSessionImpl.class, "Client side service used on server side: %s", session);
        this.authFactories = (List) ValidateUtils.checkNotNullAndNotEmpty(this.clientSession.getUserAuthFactories(), "No user auth factories for %s", session);
        String orNull = CoreModuleProperties.PREFERRED_AUTHS.getOrNull(session);
        boolean isDebugEnabled = this.log.isDebugEnabled();
        if (GenericUtils.isEmpty(orNull)) {
            Iterator<UserAuthFactory> it = this.authFactories.iterator();
            while (it.hasNext()) {
                this.clientMethods.add(it.next().getName());
            }
        } else {
            if (isDebugEnabled) {
                this.log.debug("ClientUserAuthService({}) use configured preferences: {}", session, orNull);
            }
            for (String str : GenericUtils.split(orNull, ',')) {
                if (((UserAuthFactory) NamedResource.findByName(str, String.CASE_INSENSITIVE_ORDER, this.authFactories)) != null) {
                    this.clientMethods.add(str);
                } else if (isDebugEnabled) {
                    this.log.debug("ClientUserAuthService({}) skip unknown preferred authentication method: {}", session, str);
                }
            }
        }
        if (isDebugEnabled) {
            this.log.debug("ClientUserAuthService({}) client methods: {}", session, this.clientMethods);
        }
        this.clientSession.resetAuthTimeout();
    }

    @Override // io.jenkins.cli.shaded.org.apache.sshd.common.session.SessionHolder
    /* renamed from: getSession */
    public Session getSession2() {
        return getClientSession();
    }

    @Override // io.jenkins.cli.shaded.org.apache.sshd.client.session.ClientSessionHolder
    public ClientSession getClientSession() {
        return this.clientSession;
    }

    @Override // io.jenkins.cli.shaded.org.apache.sshd.common.PropertyResolver
    public Map<String, Object> getProperties() {
        return this.properties;
    }

    @Override // io.jenkins.cli.shaded.org.apache.sshd.common.Service
    public void start() {
    }

    public String getCurrentServiceName() {
        return this.service;
    }

    public AuthFuture auth(String str) throws IOException {
        this.service = ValidateUtils.checkNotNullAndNotEmpty(str, "No service name");
        ClientSession clientSession = getClientSession();
        AuthFuture updateCurrentAuthFuture = updateCurrentAuthFuture(clientSession, str);
        this.serverMethods = null;
        this.currentMethod = 0;
        if (this.userAuth != null) {
            try {
                this.userAuth.destroy();
                this.userAuth = null;
            } catch (Throwable th) {
                this.userAuth = null;
                throw th;
            }
        }
        sendInitialAuthRequest(clientSession, str);
        return updateCurrentAuthFuture;
    }

    protected AuthFuture updateCurrentAuthFuture(ClientSession clientSession, String str) throws IOException {
        AuthFuture createAuthFuture = createAuthFuture(clientSession, str);
        AuthFuture andSet = this.authFutureHolder.getAndSet(createAuthFuture);
        if (andSet != null) {
            if (!andSet.isDone()) {
                andSet.setException(new InterruptedIOException("New authentication started before previous completed"));
            } else if (this.log.isDebugEnabled()) {
                this.log.debug("updateCurrentAuthFuture({})[{}] request new authentication", clientSession, str);
            }
        }
        return createAuthFuture;
    }

    protected AuthFuture createAuthFuture(ClientSession clientSession, String str) throws IOException {
        return new DefaultAuthFuture(str, this.clientSession.getFutureLock());
    }

    protected IoWriteFuture sendInitialAuthRequest(ClientSession clientSession, String str) throws IOException {
        if (this.log.isDebugEnabled()) {
            this.log.debug("auth({})[{}] send SSH_MSG_USERAUTH_REQUEST for 'none'", clientSession, str);
        }
        String username = clientSession.getUsername();
        Buffer createBuffer = clientSession.createBuffer((byte) 50, username.length() + str.length() + 32);
        createBuffer.putString(username);
        createBuffer.putString(str);
        createBuffer.putString("none");
        return clientSession.writePacket(createBuffer);
    }

    @Override // io.jenkins.cli.shaded.org.apache.sshd.common.Service
    public void process(int i, Buffer buffer) throws Exception {
        ClientSession clientSession = getClientSession();
        AuthFuture authFuture = this.authFutureHolder.get();
        boolean isDebugEnabled = this.log.isDebugEnabled();
        if (authFuture != null && authFuture.isSuccess()) {
            this.log.error("process({}) unexpected authenticated client command: {}", clientSession, SshConstants.getCommandMessageName(i));
            throw new IllegalStateException("UserAuth message delivered to authenticated client");
        }
        if (authFuture != null && authFuture.isDone()) {
            if (isDebugEnabled) {
                this.log.debug("process({}) Ignoring random message - cmd={}", clientSession, SshConstants.getCommandMessageName(i));
                return;
            }
            return;
        }
        if (i != 53) {
            buffer.rpos(buffer.rpos() - 1);
            processUserAuth(buffer);
            return;
        }
        String string = buffer.getString();
        String string2 = buffer.getString();
        if (isDebugEnabled) {
            this.log.debug("process({}) Welcome banner(lang={}): {}", clientSession, string2, string);
        }
        UserInteraction userInteraction = clientSession.getUserInteraction();
        if (userInteraction != null) {
            try {
                if (userInteraction.isInteractionAllowed(clientSession)) {
                    userInteraction.welcome(clientSession, string, string2);
                }
            } catch (Error e) {
                warn("process({}) failed ({}) to consult interaction: {}", clientSession, e.getClass().getSimpleName(), e.getMessage(), e);
                throw new RuntimeSshException(e);
            }
        }
    }

    protected void processUserAuth(Buffer buffer) throws Exception {
        int uByte = buffer.getUByte();
        ClientSession clientSession = getClientSession();
        if (uByte == 52) {
            if (this.log.isDebugEnabled()) {
                this.log.debug("processUserAuth({}) SSH_MSG_USERAUTH_SUCCESS Succeeded with {}", clientSession, this.userAuth == null ? "<unknown>" : this.userAuth.getName());
            }
            if (this.userAuth != null) {
                try {
                    try {
                        this.userAuth.signalAuthMethodSuccess(clientSession, this.service, buffer);
                        this.userAuth.destroy();
                    } finally {
                    }
                } finally {
                    this.userAuth = null;
                }
            }
            clientSession.setAuthenticated();
            ((ClientSessionImpl) clientSession).switchToNextService();
            ((AuthFuture) Objects.requireNonNull(this.authFutureHolder.get(), "No current future")).setAuthed(true);
            return;
        }
        if (uByte != 51) {
            if (this.userAuth == null) {
                throw new IllegalStateException("Received unknown packet: " + SshConstants.getCommandMessageName(uByte));
            }
            if (this.log.isDebugEnabled()) {
                this.log.debug("processUserAuth({}) delegate processing of {} to {}", clientSession, SshConstants.getCommandMessageName(uByte), this.userAuth.getName());
            }
            buffer.rpos(buffer.rpos() - 1);
            if (this.userAuth.process(buffer)) {
                return;
            }
            tryNext(uByte);
            return;
        }
        String string = buffer.getString();
        boolean z = buffer.getBoolean();
        if (this.log.isDebugEnabled()) {
            this.log.debug("processUserAuth({}) Received SSH_MSG_USERAUTH_FAILURE - partial={}, methods={}", clientSession, Boolean.valueOf(z), string);
        }
        if (z || this.serverMethods == null) {
            this.serverMethods = Arrays.asList(GenericUtils.split(string, ','));
            this.currentMethod = 0;
            if (this.userAuth != null) {
                try {
                    try {
                        this.userAuth.signalAuthMethodFailure(clientSession, this.service, z, Collections.unmodifiableList(this.serverMethods), buffer);
                        this.userAuth.destroy();
                        this.userAuth = null;
                    } finally {
                    }
                } finally {
                    this.userAuth = null;
                }
            }
        }
        tryNext(uByte);
    }

    protected void tryNext(int i) throws Exception {
        ClientSession clientSession = getClientSession();
        boolean isDebugEnabled = this.log.isDebugEnabled();
        while (true) {
            boolean z = isDebugEnabled;
            if (this.userAuth == null) {
                if (z) {
                    this.log.debug("tryNext({}) starting authentication mechanisms: client={}, server={}", clientSession, this.clientMethods, this.serverMethods);
                }
            } else {
                if (this.userAuth.process(null)) {
                    if (z) {
                        this.log.debug("tryNext({}) successfully processed initial buffer by method={}", clientSession, this.userAuth.getName());
                        return;
                    }
                    return;
                }
                if (z) {
                    this.log.debug("tryNext({}) no initial request sent by method={}", clientSession, this.userAuth.getName());
                }
                try {
                    this.userAuth.destroy();
                    this.userAuth = null;
                    this.currentMethod++;
                } catch (Throwable th) {
                    this.userAuth = null;
                    throw th;
                }
            }
            String str = null;
            while (this.currentMethod < this.clientMethods.size()) {
                str = this.clientMethods.get(this.currentMethod);
                if (this.serverMethods.contains(str)) {
                    break;
                } else {
                    this.currentMethod++;
                }
            }
            if (this.currentMethod >= this.clientMethods.size()) {
                if (z) {
                    this.log.debug("tryNext({}) exhausted all methods - client={}, server={}", clientSession, this.clientMethods, this.serverMethods);
                }
                ((AuthFuture) Objects.requireNonNull(this.authFutureHolder.get(), "No current future")).setException(new SshException(14, "No more authentication methods available"));
                return;
            } else {
                this.userAuth = (UserAuth) UserAuthMethodFactory.createUserAuth(clientSession, this.authFactories, str);
                if (this.userAuth == null) {
                    throw new UnsupportedOperationException("Failed to find a user-auth factory for method=" + str);
                }
                if (z) {
                    this.log.debug("tryNext({}) attempting method={}", clientSession, str);
                }
                this.userAuth.init(clientSession, this.service);
                isDebugEnabled = this.log.isDebugEnabled();
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // io.jenkins.cli.shaded.org.apache.sshd.common.util.closeable.AbstractCloseable
    public void preClose() {
        AuthFuture authFuture = this.authFutureHolder.get();
        if (authFuture != null && !authFuture.isDone()) {
            authFuture.setException(new SshException("Session is closed"));
        }
        super.preClose();
    }
}
