package org.apache.hadoop.hbase.security;

import java.io.ByteArrayInputStream;
import java.io.DataInputStream;
import java.io.IOException;
import java.util.Map;
import java.util.Optional;
import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;
import org.apache.hadoop.hbase.Version;
import org.apache.hadoop.hbase.security.provider.AttemptingUserProvidingSaslServer;
import org.apache.hadoop.hbase.security.provider.SaslServerAuthenticationProvider;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.token.SecretManager;
import org.apache.hadoop.security.token.TokenIdentifier;
import org.apache.phoenix.shaded.org.apache.yetus.audience.InterfaceAudience;

@InterfaceAudience.Private
/* loaded from: input_file:org/apache/hadoop/hbase/security/HBaseSaslRpcServer.class */
public class HBaseSaslRpcServer {
    private final AttemptingUserProvidingSaslServer serverWithProvider;
    private final SaslServer saslServer;

    public HBaseSaslRpcServer(SaslServerAuthenticationProvider saslServerAuthenticationProvider, Map<String, String> map, SecretManager<TokenIdentifier> secretManager) throws IOException {
        this.serverWithProvider = saslServerAuthenticationProvider.createServer(secretManager, map);
        this.saslServer = this.serverWithProvider.getServer();
    }

    public boolean isComplete() {
        return this.saslServer.isComplete();
    }

    public byte[] evaluateResponse(byte[] bArr) throws SaslException {
        return this.saslServer.evaluateResponse(bArr);
    }

    public void dispose() {
        SaslUtil.safeDispose(this.saslServer);
    }

    public String getAttemptingUser() {
        Optional<UserGroupInformation> attemptingUser = this.serverWithProvider.getAttemptingUser();
        if (!attemptingUser.isPresent()) {
            return Version.revision;
        }
        attemptingUser.get().toString();
        return Version.revision;
    }

    public byte[] wrap(byte[] bArr, int i, int i2) throws SaslException {
        return this.saslServer.wrap(bArr, i, i2);
    }

    public byte[] unwrap(byte[] bArr, int i, int i2) throws SaslException {
        return this.saslServer.unwrap(bArr, i, i2);
    }

    public String getNegotiatedQop() {
        return (String) this.saslServer.getNegotiatedProperty("javax.security.sasl.qop");
    }

    public String getAuthorizationID() {
        return this.saslServer.getAuthorizationID();
    }

    public static <T extends TokenIdentifier> T getIdentifier(String str, SecretManager<T> secretManager) throws SecretManager.InvalidToken {
        byte[] decodeIdentifier = SaslUtil.decodeIdentifier(str);
        T createIdentifier = secretManager.createIdentifier();
        try {
            createIdentifier.readFields(new DataInputStream(new ByteArrayInputStream(decodeIdentifier)));
            return createIdentifier;
        } catch (IOException e) {
            throw ((SecretManager.InvalidToken) new SecretManager.InvalidToken("Can't de-serialize tokenIdentifier").initCause(e));
        }
    }
}
