package com.datastax.driver.core.sasl;

import java.security.PrivilegedAction;
import java.util.HashMap;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.sasl.Sasl;
import javax.security.sasl.SaslClient;
import javax.security.sasl.SaslException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/datastax/driver/core/sasl/PrivilegedSaslClient.class */
public class PrivilegedSaslClient {
    private static final Logger logger = LoggerFactory.getLogger(PrivilegedSaslClient.class);
    public static final Map<String, String> DEFAULT_PROPERTIES = new HashMap<String, String>() { // from class: com.datastax.driver.core.sasl.PrivilegedSaslClient.1
        {
            put("javax.security.sasl.server.authentication", "true");
            put("javax.security.sasl.qop", "auth");
        }
    };
    private final SaslClient saslClient;
    private Subject clientIdentity;

    public PrivilegedSaslClient(Subject subject, final String[] strArr, final String str, final String str2, final String str3, final Map<String, String> map, final CallbackHandler callbackHandler) {
        logger.trace("Initalising SASL client");
        this.clientIdentity = subject;
        this.saslClient = (SaslClient) Subject.doAs(this.clientIdentity, new PrivilegedAction<SaslClient>() { // from class: com.datastax.driver.core.sasl.PrivilegedSaslClient.2
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public SaslClient run() {
                try {
                    return Sasl.createSaslClient(strArr, str, str2, str3, map, callbackHandler);
                } catch (Exception e) {
                    PrivilegedSaslClient.logger.error("Error initialising SASL client", e);
                    throw new RuntimeException(e);
                }
            }
        });
        logger.trace("SASL client initialised");
    }

    public byte[] getInitialResponse() {
        logger.trace("Initialising SASL handshake from client");
        byte[] bArr = null;
        if (this.saslClient.hasInitialResponse()) {
            bArr = (byte[]) Subject.doAs(this.clientIdentity, new PrivilegedAction<byte[]>() { // from class: com.datastax.driver.core.sasl.PrivilegedSaslClient.3
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedAction
                public byte[] run() {
                    try {
                        return PrivilegedSaslClient.this.saslClient.evaluateChallenge(new byte[0]);
                    } catch (Exception e) {
                        throw new RuntimeException(e);
                    }
                }
            });
        }
        return bArr;
    }

    public byte[] evaluateChallenge(final byte[] bArr) {
        logger.trace("Evaluating SASL server token");
        if (this.saslClient.isComplete()) {
            return null;
        }
        return (byte[]) Subject.doAs(this.clientIdentity, new PrivilegedAction<byte[]>() { // from class: com.datastax.driver.core.sasl.PrivilegedSaslClient.4
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public byte[] run() {
                try {
                    PrivilegedSaslClient.logger.trace("SASL client evaluating challenge");
                    byte[] evaluateChallenge = PrivilegedSaslClient.this.saslClient.evaluateChallenge(bArr);
                    PrivilegedSaslClient.logger.trace("SASL client is complete = " + PrivilegedSaslClient.this.saslClient.isComplete());
                    return evaluateChallenge;
                } catch (SaslException e) {
                    PrivilegedSaslClient.logger.error("Failed to generate response to SASL server's token:", e);
                    throw new RuntimeException((Throwable) e);
                }
            }
        });
    }

    public boolean isComplete() {
        return this.saslClient.isComplete();
    }
}
