package com.databricks.client.jdbc42.internal.apache.thrift.transport.sasl;

import com.databricks.client.jdbc42.internal.apache.thrift.transport.TTransportException;
import com.databricks.client.jdbc42.internal.apache.thrift.transport.sasl.TSaslNegotiationException;
import com.databricks.client.jdbc42.internal.slf4j.Logger;
import com.databricks.client.jdbc42.internal.slf4j.LoggerFactory;
import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;

/* loaded from: input_file:com/databricks/client/jdbc42/internal/apache/thrift/transport/sasl/ServerSaslPeer.class */
public class ServerSaslPeer implements SaslPeer {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) ServerSaslPeer.class);
    private static final String QOP_AUTH_INT = "auth-int";
    private static final String QOP_AUTH_CONF = "auth-conf";
    private final SaslServer saslServer;

    public ServerSaslPeer(SaslServer saslServer) {
        this.saslServer = saslServer;
    }

    @Override // com.databricks.client.jdbc42.internal.apache.thrift.transport.sasl.SaslPeer
    public byte[] evaluate(byte[] bArr) throws TSaslNegotiationException {
        try {
            return this.saslServer.evaluateResponse(bArr);
        } catch (SaslException e) {
            throw new TSaslNegotiationException(TSaslNegotiationException.ErrorType.AUTHENTICATION_FAILURE, "Authentication failed with " + this.saslServer.getMechanismName(), e);
        }
    }

    @Override // com.databricks.client.jdbc42.internal.apache.thrift.transport.sasl.SaslPeer
    public boolean isAuthenticated() {
        return this.saslServer.isComplete();
    }

    @Override // com.databricks.client.jdbc42.internal.apache.thrift.transport.sasl.SaslPeer
    public boolean isDataProtected() {
        Object negotiatedProperty = this.saslServer.getNegotiatedProperty("javax.security.sasl.qop");
        if (negotiatedProperty == null) {
            return false;
        }
        for (String str : negotiatedProperty.toString().split("\\s*,\\s*")) {
            String lowerCase = str.toLowerCase();
            if (QOP_AUTH_INT.equals(lowerCase) || QOP_AUTH_CONF.equals(lowerCase)) {
                return true;
            }
        }
        return false;
    }

    @Override // com.databricks.client.jdbc42.internal.apache.thrift.transport.sasl.SaslPeer
    public byte[] wrap(byte[] bArr, int i, int i2) throws TTransportException {
        try {
            return this.saslServer.wrap(bArr, i, i2);
        } catch (SaslException e) {
            throw new TTransportException("Failed to wrap data", (Throwable) e);
        }
    }

    @Override // com.databricks.client.jdbc42.internal.apache.thrift.transport.sasl.SaslPeer
    public byte[] unwrap(byte[] bArr, int i, int i2) throws TTransportException {
        try {
            return this.saslServer.unwrap(bArr, i, i2);
        } catch (SaslException e) {
            throw new TTransportException(5, "Failed to unwrap data", e);
        }
    }

    @Override // com.databricks.client.jdbc42.internal.apache.thrift.transport.sasl.SaslPeer
    public void dispose() {
        try {
            this.saslServer.dispose();
        } catch (Exception e) {
            LOGGER.warn("Failed to close sasl server " + this.saslServer.getMechanismName(), (Throwable) e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SaslServer getSaslServer() {
        return this.saslServer;
    }
}
