package org.eclipse.hono.server;

import io.vertx.core.Handler;
import io.vertx.core.Vertx;
import io.vertx.core.eventbus.Message;
import io.vertx.core.json.JsonObject;
import io.vertx.core.net.NetSocket;
import io.vertx.proton.ProtonConnection;
import io.vertx.proton.sasl.ProtonSaslAuthenticator;
import java.security.Principal;
import java.util.Objects;
import org.apache.qpid.proton.engine.Sasl;
import org.apache.qpid.proton.engine.Transport;
import org.eclipse.hono.authentication.AuthenticationConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/eclipse/hono/server/PlainSaslAuthenticator.class */
public final class PlainSaslAuthenticator implements ProtonSaslAuthenticator {
    private static final String PLAIN = "PLAIN";
    private static final Logger LOG = LoggerFactory.getLogger(PlainSaslAuthenticator.class);
    private final Vertx vertx;
    private Sasl sasl;
    private boolean succeeded;
    private ProtonConnection protonConnection;

    public PlainSaslAuthenticator(Vertx vertx) {
        this.vertx = (Vertx) Objects.requireNonNull(vertx);
    }

    public void init(NetSocket netSocket, ProtonConnection protonConnection, Transport transport) {
        LOG.debug("initializing PLAIN SASL authenticator");
        this.protonConnection = protonConnection;
        this.sasl = transport.sasl();
        this.sasl.server();
        this.sasl.allowSkip(false);
        this.sasl.setMechanisms(new String[]{PLAIN});
    }

    public void process(Handler<Boolean> handler) {
        String[] remoteMechanisms = this.sasl.getRemoteMechanisms();
        if (remoteMechanisms.length <= 0) {
            LOG.debug("client provided an empty list of SASL mechanisms [hostname: {}, state: {}]", this.sasl.getHostname(), this.sasl.getState().name());
            handler.handle(false);
            return;
        }
        String str = remoteMechanisms[0];
        LOG.debug("client wants to use {} SASL mechanism [host: {}, state: {}]", new Object[]{str, this.sasl.getHostname(), this.sasl.getState().name()});
        if (PLAIN.equals(str)) {
            evaluatePlainResponse(handler);
        } else {
            this.sasl.done(Sasl.SaslOutcome.PN_SASL_AUTH);
            handler.handle(false);
        }
    }

    public boolean succeeded() {
        return this.succeeded;
    }

    private void evaluatePlainResponse(Handler<Boolean> handler) {
        byte[] bArr = new byte[this.sasl.pending()];
        this.sasl.recv(bArr, 0, bArr.length);
        this.vertx.eventBus().send(AuthenticationConstants.EVENT_BUS_ADDRESS_AUTHENTICATION_IN, AuthenticationConstants.getAuthenticationRequest(PLAIN, bArr), asyncResult -> {
            if (asyncResult.succeeded()) {
                handleAuthenticationResult((JsonObject) ((Message) asyncResult.result()).body());
            } else {
                LOG.warn("could not process SASL PLAIN response from client", asyncResult.cause());
            }
            handler.handle(true);
        });
    }

    private void handleAuthenticationResult(JsonObject jsonObject) {
        LOG.debug("received result of authentication request: {}", jsonObject);
        String string = jsonObject.getString("error");
        if (string != null) {
            LOG.debug("authentication of client failed", string);
            this.sasl.done(Sasl.SaslOutcome.PN_SASL_AUTH);
            return;
        }
        this.succeeded = true;
        final String string2 = jsonObject.getString(AuthenticationConstants.FIELD_AUTHORIZATION_ID);
        this.protonConnection.attachments().set("CLIENT_PRINCIPAL", Principal.class, new Principal() { // from class: org.eclipse.hono.server.PlainSaslAuthenticator.1
            @Override // java.security.Principal
            public String getName() {
                return string2;
            }
        });
        LOG.debug("authentication of client [authorization ID: {}] succeeded", string2);
        this.sasl.done(Sasl.SaslOutcome.PN_SASL_OK);
    }
}
