package io.jenkins.cli.shaded.org.apache.sshd.server.session;

import io.jenkins.cli.shaded.org.apache.sshd.common.NamedResource;
import io.jenkins.cli.shaded.org.apache.sshd.common.Service;
import io.jenkins.cli.shaded.org.apache.sshd.common.SshConstants;
import io.jenkins.cli.shaded.org.apache.sshd.common.SshException;
import io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.KeyRandomArt;
import io.jenkins.cli.shaded.org.apache.sshd.common.io.IoWriteFuture;
import io.jenkins.cli.shaded.org.apache.sshd.common.keyprovider.KeyIdentityProvider;
import io.jenkins.cli.shaded.org.apache.sshd.common.session.Session;
import io.jenkins.cli.shaded.org.apache.sshd.common.session.SessionContext;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.GenericUtils;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.NumberUtils;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.ValidateUtils;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.buffer.Buffer;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.closeable.AbstractCloseable;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.io.IoUtils;
import io.jenkins.cli.shaded.org.apache.sshd.core.CoreModuleProperties;
import io.jenkins.cli.shaded.org.apache.sshd.server.ServerFactoryManager;
import io.jenkins.cli.shaded.org.apache.sshd.server.auth.AsyncAuthException;
import io.jenkins.cli.shaded.org.apache.sshd.server.auth.UserAuth;
import io.jenkins.cli.shaded.org.apache.sshd.server.auth.UserAuthFactory;
import io.jenkins.cli.shaded.org.apache.sshd.server.auth.WelcomeBannerPhase;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.nio.charset.Charset;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.concurrent.atomic.AtomicReference;

/* loaded from: input_file:WEB-INF/lib/cli-2.452-rc34789.308a_1f449cd6.jar:io/jenkins/cli/shaded/org/apache/sshd/server/session/ServerUserAuthService.class */
public class ServerUserAuthService extends AbstractCloseable implements Service, ServerSessionHolder {
    private final AtomicBoolean welcomeSent = new AtomicBoolean(false);
    private final Map<String, Object> properties = new ConcurrentHashMap();
    private final ServerSession serverSession;
    private final WelcomeBannerPhase welcomePhase;
    private List<UserAuthFactory> userAuthFactories;
    private List<List<String>> authMethods;
    private String authUserName;
    private String authMethod;
    private String authService;
    private UserAuth currentAuth;
    private int maxAuthRequests;
    private int nbAuthRequests;

    public ServerUserAuthService(Session session) throws IOException {
        boolean isDebugEnabled = this.log.isDebugEnabled();
        this.serverSession = (ServerSession) ValidateUtils.checkInstanceOf(session, ServerSession.class, "Server side service used on client side: %s", session);
        if (session.isAuthenticated()) {
            throw new SshException("Session already authenticated");
        }
        this.welcomePhase = CoreModuleProperties.WELCOME_BANNER_PHASE.getRequired(this);
        this.maxAuthRequests = CoreModuleProperties.MAX_AUTH_REQUESTS.getRequired(this).intValue();
        List list = (List) ValidateUtils.checkNotNullAndNotEmpty(this.serverSession.getUserAuthFactories(), "No user auth factories for %s", session);
        this.userAuthFactories = new ArrayList(list);
        this.authMethods = new ArrayList();
        String orNull = CoreModuleProperties.AUTH_METHODS.getOrNull(this);
        if (GenericUtils.isEmpty(orNull)) {
            Iterator it = list.iterator();
            while (it.hasNext()) {
                this.authMethods.add(new ArrayList(Collections.singletonList(((UserAuthFactory) it.next()).getName())));
            }
        } else {
            if (isDebugEnabled) {
                this.log.debug("ServerUserAuthService({}) using configured methods={}", session, orNull);
            }
            for (String str : orNull.split("\\s")) {
                this.authMethods.add(new ArrayList(Arrays.asList(GenericUtils.split(str, ','))));
            }
        }
        Iterator<List<String>> it2 = this.authMethods.iterator();
        while (it2.hasNext()) {
            for (String str2 : it2.next()) {
                if (((UserAuthFactory) NamedResource.findByName(str2, String.CASE_INSENSITIVE_ORDER, this.userAuthFactories)) == null) {
                    throw new SshException("Configured method is not supported: " + str2);
                }
            }
        }
        if (isDebugEnabled) {
            this.log.debug("ServerUserAuthService({}) authorized authentication methods: {}", session, NamedResource.getNames(this.userAuthFactories));
        }
        session.resetAuthTimeout();
    }

    public WelcomeBannerPhase getWelcomePhase() {
        return this.welcomePhase;
    }

    @Override // io.jenkins.cli.shaded.org.apache.sshd.common.Service
    public void start() {
    }

    @Override // io.jenkins.cli.shaded.org.apache.sshd.common.session.SessionHolder
    /* renamed from: getSession */
    public Session getSession2() {
        return getServerSession();
    }

    @Override // io.jenkins.cli.shaded.org.apache.sshd.server.session.ServerSessionHolder
    public ServerSession getServerSession() {
        return this.serverSession;
    }

    @Override // io.jenkins.cli.shaded.org.apache.sshd.common.PropertyResolver
    public Map<String, Object> getProperties() {
        return this.properties;
    }

    @Override // io.jenkins.cli.shaded.org.apache.sshd.common.Service
    public synchronized void process(int i, Buffer buffer) throws Exception {
        Boolean bool = Boolean.FALSE;
        ServerSession serverSession = getServerSession();
        boolean isDebugEnabled = this.log.isDebugEnabled();
        if (i == 50) {
            AtomicReference<Boolean> atomicReference = new AtomicReference<>(bool);
            if (!handleUserAuthRequestMessage(serverSession, buffer, atomicReference)) {
                return;
            } else {
                bool = atomicReference.get();
            }
        } else {
            if (WelcomeBannerPhase.FIRST_AUTHCMD.equals(getWelcomePhase())) {
                sendWelcomeBanner(serverSession);
            }
            if (this.currentAuth == null) {
                throw new IllegalStateException("No current authentication mechanism for cmd=" + SshConstants.getCommandMessageName(i));
            }
            if (isDebugEnabled) {
                this.log.debug("process({}) Received authentication message={} for mechanism={}", serverSession, SshConstants.getCommandMessageName(i), this.currentAuth.getName());
            }
            buffer.rpos(buffer.rpos() - 1);
            try {
                bool = this.currentAuth.next(buffer);
            } catch (AsyncAuthException e) {
                e.addListener(bool2 -> {
                    asyncAuth(i, buffer, bool2.booleanValue());
                });
                return;
            } catch (Exception e2) {
                warn("process({}) Failed ({}) to authenticate using current method={}: {}", serverSession, e2.getClass().getSimpleName(), this.currentAuth.getName(), e2.getMessage(), e2);
            }
        }
        if (bool == null) {
            handleAuthenticationInProgress(i, buffer);
        } else if (bool.booleanValue()) {
            handleAuthenticationSuccess(i, buffer);
        } else {
            handleAuthenticationFailure(i, buffer);
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:37:0x0175  */
    /* JADX WARN: Removed duplicated region for block: B:39:0x0195  */
    /* JADX WARN: Removed duplicated region for block: B:77:0x023b  */
    /* JADX WARN: Removed duplicated region for block: B:79:0x0285  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    protected boolean handleUserAuthRequestMessage(io.jenkins.cli.shaded.org.apache.sshd.server.session.ServerSession r14, io.jenkins.cli.shaded.org.apache.sshd.common.util.buffer.Buffer r15, java.util.concurrent.atomic.AtomicReference<java.lang.Boolean> r16) throws java.lang.Exception {
        /*
            Method dump skipped, instructions count: 904
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: io.jenkins.cli.shaded.org.apache.sshd.server.session.ServerUserAuthService.handleUserAuthRequestMessage(io.jenkins.cli.shaded.org.apache.sshd.server.session.ServerSession, io.jenkins.cli.shaded.org.apache.sshd.common.util.buffer.Buffer, java.util.concurrent.atomic.AtomicReference):boolean");
    }

    protected synchronized void asyncAuth(int i, Buffer buffer, boolean z) {
        try {
            if (z) {
                handleAuthenticationSuccess(i, buffer);
            } else {
                handleAuthenticationFailure(i, buffer);
            }
        } catch (Exception e) {
            warn("asyncAuth({}) Error ({}) performing async authentication via cmd={}: {}", getServerSession(), e.getClass().getSimpleName(), Integer.valueOf(i), e.getMessage(), e);
        }
    }

    protected void handleAuthenticationInProgress(int i, Buffer buffer) throws Exception {
        String username = this.currentAuth == null ? null : this.currentAuth.getUsername();
        if (this.log.isDebugEnabled()) {
            this.log.debug("handleAuthenticationInProgress({}@{}) {}", username, getServerSession(), SshConstants.getCommandMessageName(i));
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:35:0x0126  */
    /* JADX WARN: Removed duplicated region for block: B:38:0x0150  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    protected void handleAuthenticationSuccess(int r11, io.jenkins.cli.shaded.org.apache.sshd.common.util.buffer.Buffer r12) throws java.lang.Exception {
        /*
            Method dump skipped, instructions count: 566
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: io.jenkins.cli.shaded.org.apache.sshd.server.session.ServerUserAuthService.handleAuthenticationSuccess(int, io.jenkins.cli.shaded.org.apache.sshd.common.util.buffer.Buffer):void");
    }

    protected void handleAuthenticationFailure(int i, Buffer buffer) throws Exception {
        ServerSession serverSession = getServerSession();
        boolean isDebugEnabled = this.log.isDebugEnabled();
        if (WelcomeBannerPhase.FIRST_FAILURE.equals(getWelcomePhase())) {
            sendWelcomeBanner(serverSession);
        }
        String username = this.currentAuth == null ? null : this.currentAuth.getUsername();
        if (isDebugEnabled) {
            this.log.debug("handleAuthenticationFailure({}@{}) {}", username, serverSession, SshConstants.getCommandMessageName(i));
        }
        StringBuilder sb = new StringBuilder((this.authMethods.size() + 1) * 8);
        for (List<String> list : this.authMethods) {
            if (GenericUtils.size(list) > 0) {
                String str = list.get(0);
                if (!"none".equals(str)) {
                    if (sb.length() > 0) {
                        sb.append(',');
                    }
                    sb.append(str);
                }
            }
        }
        String sb2 = sb.toString();
        if (isDebugEnabled) {
            this.log.debug("handleAuthenticationFailure({}@{}) remaining methods: {}", username, serverSession, sb2);
        }
        Buffer createBuffer = serverSession.createBuffer((byte) 51, sb2.length() + 8);
        createBuffer.putString(sb2);
        createBuffer.putBoolean(false);
        serverSession.writePacket(createBuffer);
        if (this.currentAuth != null) {
            try {
                this.currentAuth.destroy();
                this.currentAuth = null;
            } catch (Throwable th) {
                this.currentAuth = null;
                throw th;
            }
        }
    }

    public IoWriteFuture sendWelcomeBanner(ServerSession serverSession) throws IOException {
        if (this.welcomeSent.getAndSet(true)) {
            if (!this.log.isDebugEnabled()) {
                return null;
            }
            this.log.debug("sendWelcomeBanner({}) already sent", serverSession);
            return null;
        }
        String resolveWelcomeBanner = resolveWelcomeBanner(serverSession);
        if (GenericUtils.isEmpty(resolveWelcomeBanner)) {
            return null;
        }
        String required = CoreModuleProperties.WELCOME_BANNER_LANGUAGE.getRequired(this);
        Buffer createBuffer = serverSession.createBuffer((byte) 53, resolveWelcomeBanner.length() + GenericUtils.length(required) + 64);
        createBuffer.putString(resolveWelcomeBanner);
        createBuffer.putString(required);
        if (this.log.isDebugEnabled()) {
            this.log.debug("sendWelcomeBanner({}) send banner (length={}, lang={})", serverSession, Integer.valueOf(resolveWelcomeBanner.length()), required);
        }
        return serverSession.writePacket(createBuffer);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r9v1 */
    /* JADX WARN: Type inference failed for: r9v16 */
    /* JADX WARN: Type inference failed for: r9v17 */
    /* JADX WARN: Type inference failed for: r9v18 */
    /* JADX WARN: Type inference failed for: r9v19 */
    /* JADX WARN: Type inference failed for: r9v2 */
    /* JADX WARN: Type inference failed for: r9v3 */
    /* JADX WARN: Type inference failed for: r9v6 */
    /* JADX WARN: Type inference failed for: r9v7 */
    /* JADX WARN: Type inference failed for: r9v9 */
    protected String resolveWelcomeBanner(ServerSession serverSession) throws IOException {
        Object orNull = CoreModuleProperties.WELCOME_BANNER.getOrNull(this);
        if (orNull == null) {
            return null;
        }
        boolean z = orNull instanceof CharSequence;
        ?? r9 = orNull;
        if (z) {
            String obj = orNull.toString();
            if (GenericUtils.isEmpty(obj)) {
                return null;
            }
            if ("#auto-welcome-banner".equalsIgnoreCase(obj)) {
                try {
                    return KeyRandomArt.combine((SessionContext) serverSession, ' ', (KeyIdentityProvider) serverSession.getKeyPairProvider());
                } catch (IOException e) {
                    throw e;
                } catch (Exception e2) {
                    throw new IOException(e2);
                }
            }
            if (!obj.contains("://")) {
                return obj;
            }
            try {
                URI uri = new URI(obj);
                r9 = uri;
                if (obj.startsWith("file:/")) {
                    r9 = Paths.get(uri);
                }
            } catch (URISyntaxException e3) {
                this.log.error("resolveWelcomeBanner({}) bad path URI {}: {}", serverSession, obj, e3.getMessage());
                throw new MalformedURLException(e3.getClass().getSimpleName() + " - bad URI (" + obj + "): " + e3.getMessage());
            }
        }
        boolean z2 = (r9 == true ? 1 : 0) instanceof File;
        ?? r92 = r9;
        if (z2) {
            r92 = (r9 == true ? 1 : 0).toPath();
        }
        boolean z3 = (r92 == true ? 1 : 0) instanceof Path;
        ?? r93 = r92;
        if (z3) {
            Path path = r92 == true ? 1 : 0;
            if (!Files.exists(path, new LinkOption[0]) || Files.size(path) <= 0) {
                if (!this.log.isDebugEnabled()) {
                    return null;
                }
                this.log.debug("resolveWelcomeBanner({}) file is empty/does not exist {}", serverSession, path);
                return null;
            }
            r93 = path.toUri();
        }
        boolean z4 = (r93 == true ? 1 : 0) instanceof URI;
        URL url = r93;
        if (z4) {
            url = (r93 == true ? 1 : 0).toURL();
        }
        return url instanceof URL ? loadWelcomeBanner(serverSession, url, CoreModuleProperties.WELCOME_BANNER_CHARSET.getRequired(this)) : url.toString();
    }

    protected String loadWelcomeBanner(ServerSession serverSession, URL url, Charset charset) throws IOException {
        InputStream openStream = url.openStream();
        try {
            byte[] byteArray = IoUtils.toByteArray(openStream);
            String str = NumberUtils.isEmpty(byteArray) ? "" : new String(byteArray, charset);
            if (openStream != null) {
                openStream.close();
            }
            return str;
        } catch (Throwable th) {
            if (openStream != null) {
                try {
                    openStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    public ServerFactoryManager getFactoryManager() {
        return this.serverSession.getFactoryManager();
    }
}
