package org.apache.storm.messaging.netty;

import java.io.IOException;
import java.util.Map;
import org.apache.storm.shade.io.netty.channel.Channel;
import org.apache.storm.shade.io.netty.channel.ChannelHandlerContext;
import org.apache.storm.shade.io.netty.channel.ChannelInboundHandlerAdapter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/storm/messaging/netty/KerberosSaslClientHandler.class */
public class KerberosSaslClientHandler extends ChannelInboundHandlerAdapter {
    private static final Logger LOG = LoggerFactory.getLogger(KerberosSaslClientHandler.class);
    private final long startTime = System.currentTimeMillis();
    private final ISaslClient client;
    private final Map<String, Object> topoConf;
    private final String jaasSection;
    private final String host;

    public KerberosSaslClientHandler(ISaslClient iSaslClient, Map<String, Object> map, String str, String str2) throws IOException {
        this.client = iSaslClient;
        this.topoConf = map;
        this.jaasSection = str;
        this.host = str2;
    }

    public void channelActive(ChannelHandlerContext channelHandlerContext) {
        Channel channel = channelHandlerContext.channel();
        LOG.info("Connection established from {} to {}", channel.localAddress(), channel.remoteAddress());
        try {
            KerberosSaslNettyClient kerberosSaslNettyClient = (KerberosSaslNettyClient) channel.attr(KerberosSaslNettyClientState.KERBEROS_SASL_NETTY_CLIENT).get();
            if (kerberosSaslNettyClient == null) {
                LOG.debug("Creating saslNettyClient now for channel: {}", channel);
                kerberosSaslNettyClient = new KerberosSaslNettyClient(this.topoConf, this.jaasSection, this.host);
                channel.attr(KerberosSaslNettyClientState.KERBEROS_SASL_NETTY_CLIENT).set(kerberosSaslNettyClient);
            }
            LOG.debug("Going to initiate Kerberos negotiations.");
            byte[] saslResponse = kerberosSaslNettyClient.saslResponse(new SaslMessageToken(new byte[0]));
            LOG.debug("Sending initial challenge: {}", saslResponse);
            channel.writeAndFlush(new SaslMessageToken(saslResponse), channel.voidPromise());
        } catch (Exception e) {
            LOG.error("Failed to authenticate with server due to error: ", e);
        }
    }

    public void channelRead(ChannelHandlerContext channelHandlerContext, Object obj) throws Exception {
        LOG.debug("send/recv time (ms): {}", Long.valueOf(System.currentTimeMillis() - this.startTime));
        if (obj instanceof ControlMessage) {
            handleControlMessage(channelHandlerContext, (ControlMessage) obj);
        } else if (obj instanceof SaslMessageToken) {
            handleSaslMessageToken(channelHandlerContext, (SaslMessageToken) obj);
        } else {
            LOG.error("Unexpected message from server: {}", obj);
        }
    }

    private KerberosSaslNettyClient getChannelSaslClient(Channel channel) throws Exception {
        KerberosSaslNettyClient kerberosSaslNettyClient = (KerberosSaslNettyClient) channel.attr(KerberosSaslNettyClientState.KERBEROS_SASL_NETTY_CLIENT).get();
        if (kerberosSaslNettyClient == null) {
            throw new Exception("saslNettyClient was unexpectedly null for channel:" + channel);
        }
        return kerberosSaslNettyClient;
    }

    private void handleControlMessage(ChannelHandlerContext channelHandlerContext, ControlMessage controlMessage) throws Exception {
        Channel channel = channelHandlerContext.channel();
        KerberosSaslNettyClient channelSaslClient = getChannelSaslClient(channel);
        if (controlMessage != ControlMessage.SASL_COMPLETE_REQUEST) {
            LOG.warn("Unexpected control message: {}", controlMessage);
            return;
        }
        LOG.debug("Server has sent us the SaslComplete message. Allowing normal work to proceed.");
        if (!channelSaslClient.isComplete()) {
            LOG.error("Server returned a Sasl-complete message, but as far as we can tell, we are not authenticated yet.");
            throw new Exception("Server returned a Sasl-complete message, but as far as we can tell, we are not authenticated yet.");
        }
        channelHandlerContext.pipeline().remove(this);
        this.client.channelReady(channel);
        channelHandlerContext.fireChannelRead(controlMessage);
    }

    private void handleSaslMessageToken(ChannelHandlerContext channelHandlerContext, SaslMessageToken saslMessageToken) throws Exception {
        Channel channel = channelHandlerContext.channel();
        KerberosSaslNettyClient channelSaslClient = getChannelSaslClient(channel);
        LOG.debug("Responding to server's token of length: {}", Integer.valueOf(saslMessageToken.getSaslToken().length));
        byte[] saslResponse = channelSaslClient.saslResponse(saslMessageToken);
        if (saslResponse != null) {
            LOG.debug("Response to server token has length: {}", Integer.valueOf(saslResponse.length));
            channel.writeAndFlush(new SaslMessageToken(saslResponse), channel.voidPromise());
            return;
        }
        LOG.debug("Response to server is null: authentication should now be complete.");
        if (channelSaslClient.isComplete()) {
            this.client.channelReady(channel);
        } else {
            LOG.warn("Generated a null response, but authentication is not complete.");
            throw new Exception("Our reponse to the server is null, but as far as we can tell, we are not authenticated yet.");
        }
    }

    public void channelRegistered(ChannelHandlerContext channelHandlerContext) throws Exception {
        super.channelRegistered(channelHandlerContext);
        LOG.debug("channelRegistered {}", channelHandlerContext);
    }

    public void channelUnregistered(ChannelHandlerContext channelHandlerContext) throws Exception {
        super.channelUnregistered(channelHandlerContext);
        LOG.debug("channelUnregistered {}", channelHandlerContext);
    }

    public void exceptionCaught(ChannelHandlerContext channelHandlerContext, Throwable th) throws Exception {
        LOG.warn("{} exceptionCaught", channelHandlerContext, th);
        super.exceptionCaught(channelHandlerContext, th);
    }
}
