package org.apache.thrift.transport;

import java.io.UnsupportedEncodingException;
import java.util.HashMap;
import java.util.Map;
import javax.security.sasl.SaslClient;
import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;
import org.apache.thrift.EncodingUtils;
import org.apache.thrift.TByteArrayOutputStream;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes.dex */
abstract class TSaslTransport extends TTransport {
    protected static final int DEFAULT_MAX_LENGTH = Integer.MAX_VALUE;
    protected static final int MECHANISM_NAME_BYTES = 1;
    protected static final int PAYLOAD_LENGTH_BYTES = 4;
    protected static final int STATUS_BYTES = 1;
    static final /* synthetic */ boolean a;
    private static final Logger b;
    private a c;
    private boolean d;
    private TMemoryInputTransport e;
    private final TByteArrayOutputStream f;
    private final byte[] g;
    protected TTransport underlyingTransport;

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: classes.dex */
    public enum NegotiationStatus {
        START((byte) 1),
        OK((byte) 2),
        BAD((byte) 3),
        ERROR((byte) 4),
        COMPLETE((byte) 5);

        private static final Map<Byte, NegotiationStatus> b = new HashMap();
        private final byte a;

        static {
            for (NegotiationStatus negotiationStatus : (NegotiationStatus[]) NegotiationStatus.class.getEnumConstants()) {
                b.put(Byte.valueOf(negotiationStatus.getValue()), negotiationStatus);
            }
        }

        NegotiationStatus(byte b2) {
            this.a = b2;
        }

        public static NegotiationStatus byValue(byte b2) {
            return b.get(Byte.valueOf(b2));
        }

        public final byte getValue() {
            return this.a;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: classes.dex */
    public static class SaslResponse {
        public byte[] payload;
        public NegotiationStatus status;

        public SaslResponse(NegotiationStatus negotiationStatus, byte[] bArr) {
            this.status = negotiationStatus;
            this.payload = bArr;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: classes.dex */
    public enum SaslRole {
        SERVER,
        CLIENT
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class a {
        public SaslServer a;
        public SaslClient b;

        public a(SaslClient saslClient) {
            this.b = saslClient;
        }

        public a(SaslServer saslServer) {
            this.a = saslServer;
        }

        public final boolean a() {
            return this.b != null ? this.b.isComplete() : this.a.isComplete();
        }
    }

    static {
        a = !TSaslTransport.class.desiredAssertionStatus();
        b = LoggerFactory.getLogger(TSaslTransport.class);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public TSaslTransport(SaslClient saslClient, TTransport tTransport) {
        this.d = false;
        this.e = new TMemoryInputTransport();
        this.f = new TByteArrayOutputStream(TFastFramedTransport.DEFAULT_BUF_CAPACITY);
        this.g = new byte[5];
        this.c = new a(saslClient);
        this.underlyingTransport = tTransport;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public TSaslTransport(TTransport tTransport) {
        this.d = false;
        this.e = new TMemoryInputTransport();
        this.f = new TByteArrayOutputStream(TFastFramedTransport.DEFAULT_BUF_CAPACITY);
        this.g = new byte[5];
        this.underlyingTransport = tTransport;
    }

    @Override // org.apache.thrift.transport.TTransport
    public void close() {
        this.underlyingTransport.close();
        try {
            a aVar = this.c;
            if (aVar.b != null) {
                aVar.b.dispose();
            } else {
                aVar.a.dispose();
            }
        } catch (SaslException e) {
        }
    }

    @Override // org.apache.thrift.transport.TTransport
    public void flush() throws TTransportException {
        byte[] bArr = this.f.get();
        int len = this.f.len();
        this.f.reset();
        if (this.d) {
            b.debug("data length before wrap: {}", Integer.valueOf(len));
            try {
                a aVar = this.c;
                byte[] wrap = aVar.b != null ? aVar.b.wrap(bArr, 0, len) : aVar.a.wrap(bArr, 0, len);
                bArr = wrap;
                len = wrap.length;
            } catch (SaslException e) {
                throw new TTransportException((Throwable) e);
            }
        }
        b.debug("writing data length: {}", Integer.valueOf(len));
        writeLength(len);
        this.underlyingTransport.write(bArr, 0, len);
        this.underlyingTransport.flush();
    }

    protected abstract SaslRole getRole();

    public SaslClient getSaslClient() {
        return this.c.b;
    }

    public SaslServer getSaslServer() {
        return this.c.a;
    }

    protected abstract void handleSaslStartMessage() throws TTransportException, SaslException;

    @Override // org.apache.thrift.transport.TTransport
    public boolean isOpen() {
        return this.underlyingTransport.isOpen() && this.c != null && this.c.a();
    }

    @Override // org.apache.thrift.transport.TTransport
    public void open() throws TTransportException {
        SaslResponse saslResponse;
        b.debug("opening transport {}", this);
        if (this.c != null && this.c.a()) {
            throw new TTransportException("SASL transport already open");
        }
        if (!this.underlyingTransport.isOpen()) {
            this.underlyingTransport.open();
        }
        try {
            handleSaslStartMessage();
            b.debug("{}: Start message handled", getRole());
            saslResponse = null;
            while (true) {
                if (this.c.a()) {
                    break;
                }
                saslResponse = receiveSaslMessage();
                if (saslResponse.status != NegotiationStatus.COMPLETE && saslResponse.status != NegotiationStatus.OK) {
                    throw new TTransportException("Expected COMPLETE or OK, got " + saslResponse.status);
                }
                a aVar = this.c;
                byte[] bArr = saslResponse.payload;
                byte[] evaluateChallenge = aVar.b != null ? aVar.b.evaluateChallenge(bArr) : aVar.a.evaluateResponse(bArr);
                if (saslResponse.status == NegotiationStatus.COMPLETE && getRole() == SaslRole.CLIENT) {
                    b.debug("{}: All done!", getRole());
                    break;
                }
                sendSaslMessage(this.c.a() ? NegotiationStatus.COMPLETE : NegotiationStatus.OK, evaluateChallenge);
            }
            b.debug("{}: Main negotiation loop complete", getRole());
        } catch (SaslException e) {
            try {
                sendAndThrowMessage(NegotiationStatus.BAD, e.getMessage());
            } finally {
                this.underlyingTransport.close();
            }
        }
        if (!a && !this.c.a()) {
            throw new AssertionError();
        }
        if (getRole() == SaslRole.CLIENT && (saslResponse == null || saslResponse.status == NegotiationStatus.OK)) {
            b.debug("{}: SASL Client receiving last message", getRole());
            SaslResponse receiveSaslMessage = receiveSaslMessage();
            if (receiveSaslMessage.status != NegotiationStatus.COMPLETE) {
                throw new TTransportException("Expected SASL COMPLETE, but got " + receiveSaslMessage.status);
            }
        }
        a aVar2 = this.c;
        String str = (String) (aVar2.b != null ? aVar2.b.getNegotiatedProperty("javax.security.sasl.qop") : aVar2.a.getNegotiatedProperty("javax.security.sasl.qop"));
        if (str == null || str.equalsIgnoreCase("auth")) {
            return;
        }
        this.d = true;
    }

    @Override // org.apache.thrift.transport.TTransport
    public int read(byte[] bArr, int i, int i2) throws TTransportException {
        if (!isOpen()) {
            throw new TTransportException("SASL authentication not complete");
        }
        int read = this.e.read(bArr, i, i2);
        if (read > 0) {
            return read;
        }
        try {
            int readLength = readLength();
            if (readLength < 0) {
                throw new TTransportException("Read a negative frame size (" + readLength + ")!");
            }
            byte[] bArr2 = new byte[readLength];
            b.debug("{}: reading data length: {}", getRole(), Integer.valueOf(readLength));
            this.underlyingTransport.readAll(bArr2, 0, readLength);
            if (this.d) {
                a aVar = this.c;
                int length = bArr2.length;
                bArr2 = aVar.b != null ? aVar.b.unwrap(bArr2, 0, length) : aVar.a.unwrap(bArr2, 0, length);
                b.debug("data length after unwrap: {}", Integer.valueOf(bArr2.length));
            }
            this.e.reset(bArr2);
            return this.e.read(bArr, i, i2);
        } catch (SaslException e) {
            throw new TTransportException((Throwable) e);
        }
    }

    protected int readLength() throws TTransportException {
        byte[] bArr = new byte[4];
        this.underlyingTransport.readAll(bArr, 0, bArr.length);
        return EncodingUtils.decodeBigEndian(bArr);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SaslResponse receiveSaslMessage() throws TTransportException {
        this.underlyingTransport.readAll(this.g, 0, this.g.length);
        byte b2 = this.g[0];
        byte[] bArr = new byte[EncodingUtils.decodeBigEndian(this.g, 1)];
        this.underlyingTransport.readAll(bArr, 0, bArr.length);
        NegotiationStatus byValue = NegotiationStatus.byValue(b2);
        if (byValue == null) {
            sendAndThrowMessage(NegotiationStatus.ERROR, "Invalid status " + ((int) b2));
        } else if (byValue == NegotiationStatus.BAD || byValue == NegotiationStatus.ERROR) {
            try {
                throw new TTransportException("Peer indicated failure: " + new String(bArr, "UTF-8"));
            } catch (UnsupportedEncodingException e) {
                throw new TTransportException(e);
            }
        }
        if (b.isDebugEnabled()) {
            b.debug(getRole() + ": Received message with status {} and payload length {}", byValue, Integer.valueOf(bArr.length));
        }
        return new SaslResponse(byValue, bArr);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void sendAndThrowMessage(NegotiationStatus negotiationStatus, String str) throws TTransportException {
        try {
            sendSaslMessage(negotiationStatus, str.getBytes());
        } catch (Exception e) {
            b.warn("Could not send failure response", (Throwable) e);
            str = str + "\nAlso, could not send response: " + e.toString();
        }
        throw new TTransportException(str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void sendSaslMessage(NegotiationStatus negotiationStatus, byte[] bArr) throws TTransportException {
        if (bArr == null) {
            bArr = new byte[0];
        }
        this.g[0] = negotiationStatus.getValue();
        EncodingUtils.encodeBigEndian(bArr.length, this.g, 1);
        if (b.isDebugEnabled()) {
            b.debug(getRole() + ": Writing message with status {} and payload length {}", negotiationStatus, Integer.valueOf(bArr.length));
        }
        this.underlyingTransport.write(this.g);
        this.underlyingTransport.write(bArr);
        this.underlyingTransport.flush();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setSaslServer(SaslServer saslServer) {
        this.c = new a(saslServer);
    }

    @Override // org.apache.thrift.transport.TTransport
    public void write(byte[] bArr, int i, int i2) throws TTransportException {
        if (!isOpen()) {
            throw new TTransportException("SASL authentication not complete");
        }
        this.f.write(bArr, i, i2);
    }

    protected void writeLength(int i) throws TTransportException {
        byte[] bArr = new byte[4];
        TFramedTransport.encodeFrameSize(i, bArr);
        this.underlyingTransport.write(bArr);
    }
}
