package com.unboundid.ldap.sdk;

import com.unboundid.asn1.ASN1OctetString;
import com.unboundid.util.Debug;
import com.unboundid.util.StaticUtils;
import java.util.List;
import javax.security.sasl.SaslClient;

/* loaded from: input_file:BOOT-INF/lib/unboundid-ldapsdk-4.0.6.jar:com/unboundid/ldap/sdk/SASLHelper.class */
final class SASLHelper {
    private final Control[] controls;
    private volatile int messageID = -1;
    private final LDAPConnection connection;
    private final List<String> unhandledCallbackMessages;
    private final long responseTimeoutMillis;
    private final SASLBindRequest bindRequest;
    private final SaslClient saslClient;
    private final String mechanism;

    /* JADX INFO: Access modifiers changed from: package-private */
    public SASLHelper(SASLBindRequest sASLBindRequest, LDAPConnection lDAPConnection, String str, SaslClient saslClient, Control[] controlArr, long j, List<String> list) {
        this.bindRequest = sASLBindRequest;
        this.connection = lDAPConnection;
        this.mechanism = str;
        this.saslClient = saslClient;
        this.controls = controlArr;
        this.responseTimeoutMillis = j;
        this.unhandledCallbackMessages = list;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public BindResult processSASLBind() throws LDAPException {
        Object negotiatedProperty;
        BindResult sendBindRequest;
        Object negotiatedProperty2;
        Object negotiatedProperty3;
        byte[] bArr = null;
        try {
            try {
                if (this.saslClient.hasInitialResponse()) {
                    bArr = this.saslClient.evaluateChallenge(new byte[0]);
                }
                BindResult sendBindRequest2 = this.bindRequest.sendBindRequest(this.connection, "", (bArr == null || bArr.length == 0) ? null : new ASN1OctetString(bArr), this.controls, this.responseTimeoutMillis);
                this.messageID = this.bindRequest.getLastMessageID();
                if (!sendBindRequest2.getResultCode().equals(ResultCode.SASL_BIND_IN_PROGRESS)) {
                    boolean z = false;
                    if (this.saslClient.isComplete() && (negotiatedProperty3 = this.saslClient.getNegotiatedProperty("javax.security.sasl.qop")) != null) {
                        String lowerCase = StaticUtils.toLowerCase(String.valueOf(negotiatedProperty3));
                        if (lowerCase.contains(SASLQualityOfProtection.AUTH_INT.toString()) || lowerCase.contains(SASLQualityOfProtection.AUTH_CONF.toString())) {
                            z = true;
                        }
                    }
                    if (z) {
                        this.connection.applySASLQoP(this.saslClient);
                    } else {
                        try {
                            this.saslClient.dispose();
                        } catch (Exception e) {
                            Debug.debugException(e);
                        }
                    }
                    return sendBindRequest2;
                }
                ASN1OctetString serverSASLCredentials = sendBindRequest2.getServerSASLCredentials();
                byte[] value = serverSASLCredentials == null ? null : serverSASLCredentials.getValue();
                while (true) {
                    try {
                        byte[] evaluateChallenge = this.saslClient.evaluateChallenge(value);
                        sendBindRequest = this.bindRequest.sendBindRequest(this.connection, "", (evaluateChallenge == null || evaluateChallenge.length == 0) ? null : new ASN1OctetString(evaluateChallenge), this.controls, this.responseTimeoutMillis);
                        this.messageID = this.bindRequest.getLastMessageID();
                        if (!sendBindRequest.getResultCode().equals(ResultCode.SASL_BIND_IN_PROGRESS)) {
                            break;
                        }
                        ASN1OctetString serverSASLCredentials2 = sendBindRequest.getServerSASLCredentials();
                        value = serverSASLCredentials2 == null ? null : serverSASLCredentials2.getValue();
                    } catch (Exception e2) {
                        Debug.debugException(e2);
                        if (this.unhandledCallbackMessages.isEmpty()) {
                            throw new LDAPException(ResultCode.LOCAL_ERROR, LDAPMessages.ERR_SASL_CANNOT_CREATE_SUBSEQUENT_REQUEST.get(this.mechanism, StaticUtils.getExceptionMessage(e2)), e2);
                        }
                        throw new LDAPException(ResultCode.LOCAL_ERROR, LDAPMessages.ERR_SASL_CANNOT_CREATE_SUBSEQUENT_REQUEST_UNHANDLED_CALLBACKS.get(this.mechanism, StaticUtils.getExceptionMessage(e2), StaticUtils.concatenateStrings(this.unhandledCallbackMessages)), e2);
                    }
                }
                ASN1OctetString serverSASLCredentials3 = sendBindRequest.getServerSASLCredentials();
                if (serverSASLCredentials3 != null) {
                    try {
                        this.saslClient.evaluateChallenge(serverSASLCredentials3.getValue());
                    } catch (Exception e3) {
                        Debug.debugException(e3);
                    }
                }
                boolean z2 = false;
                if (this.saslClient.isComplete() && (negotiatedProperty2 = this.saslClient.getNegotiatedProperty("javax.security.sasl.qop")) != null) {
                    String lowerCase2 = StaticUtils.toLowerCase(String.valueOf(negotiatedProperty2));
                    if (lowerCase2.contains(SASLQualityOfProtection.AUTH_INT.toString()) || lowerCase2.contains(SASLQualityOfProtection.AUTH_CONF.toString())) {
                        z2 = true;
                    }
                }
                if (z2) {
                    this.connection.applySASLQoP(this.saslClient);
                } else {
                    try {
                        this.saslClient.dispose();
                    } catch (Exception e4) {
                        Debug.debugException(e4);
                    }
                }
                return sendBindRequest;
            } catch (Exception e5) {
                Debug.debugException(e5);
                if (this.unhandledCallbackMessages.isEmpty()) {
                    throw new LDAPException(ResultCode.LOCAL_ERROR, LDAPMessages.ERR_SASL_CANNOT_CREATE_INITIAL_REQUEST.get(this.mechanism, StaticUtils.getExceptionMessage(e5)), e5);
                }
                throw new LDAPException(ResultCode.LOCAL_ERROR, LDAPMessages.ERR_SASL_CANNOT_CREATE_INITIAL_REQUEST_UNHANDLED_CALLBACKS.get(this.mechanism, StaticUtils.getExceptionMessage(e5), StaticUtils.concatenateStrings(this.unhandledCallbackMessages)), e5);
            }
        } catch (Throwable th) {
            boolean z3 = false;
            if (this.saslClient.isComplete() && (negotiatedProperty = this.saslClient.getNegotiatedProperty("javax.security.sasl.qop")) != null) {
                String lowerCase3 = StaticUtils.toLowerCase(String.valueOf(negotiatedProperty));
                if (lowerCase3.contains(SASLQualityOfProtection.AUTH_INT.toString()) || lowerCase3.contains(SASLQualityOfProtection.AUTH_CONF.toString())) {
                    z3 = true;
                }
            }
            if (z3) {
                this.connection.applySASLQoP(this.saslClient);
            } else {
                try {
                    this.saslClient.dispose();
                } catch (Exception e6) {
                    Debug.debugException(e6);
                }
            }
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int getMessageID() {
        return this.messageID;
    }
}
