package me.prettyprint.cassandra.connection.security;

import java.io.IOException;
import java.net.Socket;
import java.security.PrivilegedAction;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.Oid;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:me/prettyprint/cassandra/connection/security/KerberosHelper.class */
public class KerberosHelper {
    private static Logger log = LoggerFactory.getLogger(KerberosHelper.class);

    /* loaded from: input_file:me/prettyprint/cassandra/connection/security/KerberosHelper$LoginCallbackHandler.class */
    static class LoginCallbackHandler implements CallbackHandler {
        private String password;
        private String username;

        public LoginCallbackHandler() {
        }

        public LoginCallbackHandler(String str, String str2) {
            this.username = str;
            this.password = str2;
        }

        public LoginCallbackHandler(String str) {
            this.password = str;
        }

        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
            for (int i = 0; i < callbackArr.length; i++) {
                if ((callbackArr[i] instanceof NameCallback) && this.username != null) {
                    ((NameCallback) callbackArr[i]).setName(this.username);
                } else if (callbackArr[i] instanceof PasswordCallback) {
                    ((PasswordCallback) callbackArr[i]).setPassword(this.password.toCharArray());
                }
            }
        }
    }

    public static Subject loginService(String str) throws LoginException {
        LoginContext loginContext = new LoginContext(str, new CallbackHandler() { // from class: me.prettyprint.cassandra.connection.security.KerberosHelper.1
            @Override // javax.security.auth.callback.CallbackHandler
            public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
            }
        });
        loginContext.login();
        return loginContext.getSubject();
    }

    public static Subject loginService(String str, String str2, String str3) throws LoginException {
        LoginContext loginContext = new LoginContext(str, new LoginCallbackHandler(str2, str3));
        loginContext.login();
        return loginContext.getSubject();
    }

    public static GSSContext authenticateClient(final Socket socket, Subject subject, final String str) {
        return (GSSContext) Subject.doAs(subject, new PrivilegedAction<GSSContext>() { // from class: me.prettyprint.cassandra.connection.security.KerberosHelper.2
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public GSSContext run() {
                try {
                    GSSManager gSSManager = GSSManager.getInstance();
                    GSSContext createContext = gSSManager.createContext(gSSManager.createName(str, GSSName.NT_HOSTBASED_SERVICE), (Oid) null, (GSSCredential) null, 0);
                    while (!createContext.isEstablished()) {
                        createContext.initSecContext(socket.getInputStream(), socket.getOutputStream());
                    }
                    return createContext;
                } catch (Exception e) {
                    KerberosHelper.log.error("Unable to authenticate client against Kerberos", (Throwable) e);
                    return null;
                }
            }
        });
    }

    public static String getSourcePrinciple(GSSContext gSSContext) {
        try {
            return gSSContext.getSrcName().toString();
        } catch (GSSException e) {
            throw new RuntimeException((Throwable) e);
        }
    }
}
