package com.teradata.tdgss.jgssp2jwt;

import com.teradata.tdgss.jgssspi.GSSMechanism;
import com.teradata.tdgss.jtdgss.TdgssException;
import com.teradata.tdgss.jtdgss.TdgssLogger;
import com.teradata.tdgss.jtdgss.TdgssName;
import com.teradata.tdgss.jtdgss.TdgssParseXml;
import java.io.UnsupportedEncodingException;
import java.util.List;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.Oid;

/* loaded from: input_file:com/teradata/tdgss/jgssp2jwt/JwtMechanism.class */
public class JwtMechanism implements GSSMechanism {
    private final TdgssLogger logger;
    private static Oid _mechOid;
    protected static final Oid mechOid;
    protected static final int servicesAvailable = -2147483550;
    protected static int servicesNeeded;

    public JwtMechanism(TdgssLogger tdgssLogger) {
        this.logger = tdgssLogger;
        servicesNeeded = servicesAvailable;
    }

    @Override // com.teradata.tdgss.jgssspi.GSSMechanism
    public boolean acceptable(Object obj, GSSCredential gSSCredential, Object[] objArr) throws GSSException {
        if (obj == null) {
            if (!this.logger.isDebugEnabled()) {
                return false;
            }
            this.logger.debug("Token is null");
            return false;
        }
        if (gSSCredential == null || (gSSCredential instanceof JwtCredential)) {
            return true;
        }
        if (!this.logger.isDebugEnabled()) {
            return false;
        }
        this.logger.debug("GSSException.DEFECTIVE_CREDENTIALmust be a credential created by this mech");
        return false;
    }

    @Override // com.teradata.tdgss.jgssspi.GSSMechanism
    public GSSContext getContextForAccept(Object obj, GSSCredential gSSCredential, Object[] objArr) throws GSSException {
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("getContextForAccept ");
        }
        if (acceptable(obj, gSSCredential, objArr)) {
            return new JwtContext((JwtCredential) gSSCredential, objArr, this.logger);
        }
        throw new TdgssException(10, JwtMinorStatus.JWT_ERR_INVALID_TOKEN);
    }

    @Override // com.teradata.tdgss.jgssspi.GSSMechanism
    public GSSContext getContextForInit(GSSCredential gSSCredential, GSSName gSSName, int i, Object[] objArr, int i2, List<Oid> list) throws GSSException {
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("getContextForInit ");
        }
        if (list != null && list.contains(_mechOid)) {
            i2 |= Integer.MIN_VALUE;
        }
        int i3 = i2 & servicesAvailable;
        if (initable(gSSCredential, gSSName, i, objArr, i3)) {
            return new JwtContext((JwtCredential) gSSCredential, (JwtName) gSSName, i, objArr, i3, this.logger);
        }
        throw new TdgssException(10, JwtMinorStatus.JWT_ERR_INVALID_TOKEN);
    }

    @Override // com.teradata.tdgss.jgssspi.GSSMechanism
    public boolean initable(GSSCredential gSSCredential, GSSName gSSName, int i, Object[] objArr, int i2) {
        if (gSSCredential != null && !(gSSCredential instanceof JwtCredential)) {
            if (!this.logger.isDebugEnabled()) {
                return false;
            }
            this.logger.debug("GSSException.DEFECTIVE_CREDENTIAL: must be a credential created by this mech");
            return false;
        }
        if (gSSName == null || (gSSName instanceof JwtName)) {
            return true;
        }
        if (!this.logger.isDebugEnabled()) {
            return false;
        }
        this.logger.debug("must be a name created by this mech");
        return false;
    }

    @Override // com.teradata.tdgss.jgssspi.GSSMechanism
    public GSSCredential createCredential(GSSName gSSName, int i, int i2) throws GSSException {
        JwtName jwtName;
        if (gSSName == null) {
            jwtName = null;
        } else {
            if (!(gSSName instanceof JwtName)) {
                throw new TdgssException(3, JwtMinorStatus.JWT_ERR_INVALID_ARGUMENT);
            }
            jwtName = (JwtName) gSSName;
        }
        return new JwtCredential(jwtName, i, i2, this.logger);
    }

    @Override // com.teradata.tdgss.jgssspi.GSSMechanism
    public GSSName createName(byte[] bArr, Oid oid) throws GSSException {
        if (oid != null) {
            if (oid.equals(TdgssName.GSS_C_NT_TDAT_MECHDATA_UTF16)) {
                try {
                    return new JwtName(new String(bArr, "UTF-16").getBytes(TdgssParseXml.outputEncoding), TdgssName.GSS_C_NT_TDAT_MECHDATA_UTF8, this.logger);
                } catch (UnsupportedEncodingException e) {
                    this.logger.error(e.getMessage());
                    throw new TdgssException(3, JwtMinorStatus.JWT_ERR_INVALID_INPUT, e);
                }
            }
            if (oid.equals(TdgssName.GSS_C_NT_TDAT_MECHDATA_UTF32)) {
                try {
                    return new JwtName(new String(bArr, "UTF-32").getBytes(TdgssParseXml.outputEncoding), TdgssName.GSS_C_NT_TDAT_MECHDATA_UTF8, this.logger);
                } catch (UnsupportedEncodingException e2) {
                    this.logger.error(e2.getMessage());
                    throw new TdgssException(3, JwtMinorStatus.JWT_ERR_INVALID_INPUT, e2);
                }
            }
        }
        return new JwtName(bArr, oid, this.logger);
    }

    @Override // com.teradata.tdgss.jgssspi.GSSMechanism
    public Oid getMech() {
        return mechOid;
    }

    @Override // com.teradata.tdgss.jgssspi.GSSMechanism
    public int getServices() {
        return servicesAvailable;
    }

    @Override // com.teradata.tdgss.jgssspi.GSSMechanism
    public Oid[] getNames() {
        return new Oid[]{TdgssName.GSS_C_NT_TDAT_MECHDATA_UTF8};
    }

    static {
        try {
            _mechOid = new Oid("1.3.6.1.4.1.28698.4.302.1.4");
            mechOid = _mechOid;
            servicesNeeded = 0;
        } catch (GSSException e) {
            throw new ExceptionInInitializerError((Throwable) e);
        }
    }
}
