package io.mapsmessaging.security.sasl.provider.scram.server.state;

import io.mapsmessaging.security.identity.PasswordGenerator;
import io.mapsmessaging.security.logging.AuthLogMessages;
import io.mapsmessaging.security.passwords.PasswordHandler;
import io.mapsmessaging.security.passwords.PasswordHandlerFactory;
import io.mapsmessaging.security.sasl.SaslPrep;
import io.mapsmessaging.security.sasl.provider.scram.SessionContext;
import io.mapsmessaging.security.sasl.provider.scram.State;
import io.mapsmessaging.security.sasl.provider.scram.crypto.CryptoHelper;
import io.mapsmessaging.security.sasl.provider.scram.msgs.ChallengeResponse;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.util.Base64;
import java.util.Map;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;

/* loaded from: input_file:io/mapsmessaging/security/sasl/provider/scram/server/state/InitialState.class */
public class InitialState extends State {
    public InitialState(String str, String str2, Map<String, ?> map, CallbackHandler callbackHandler) {
        super("", str, str2, map, callbackHandler);
        this.logger.log(AuthLogMessages.SCRAM_SERVER_STATE_CHANGE, new Object[]{"Initial State"});
    }

    @Override // io.mapsmessaging.security.sasl.provider.scram.State
    public boolean isComplete() {
        return false;
    }

    @Override // io.mapsmessaging.security.sasl.provider.scram.State
    public boolean hasInitialResponse() {
        return false;
    }

    @Override // io.mapsmessaging.security.sasl.provider.scram.State
    public ChallengeResponse produceChallenge(SessionContext sessionContext) {
        if (!sessionContext.isReceivedClientMessage()) {
            return null;
        }
        String str = new String(sessionContext.getPasswordSalt(), StandardCharsets.UTF_8);
        ChallengeResponse challengeResponse = new ChallengeResponse();
        challengeResponse.put(ChallengeResponse.NONCE, sessionContext.getServerNonce());
        challengeResponse.put(ChallengeResponse.ITERATION_COUNT, String.valueOf(sessionContext.getIterations()));
        challengeResponse.put(ChallengeResponse.SALT, str);
        sessionContext.setState(new ValidationState(this));
        sessionContext.setInitialServerChallenge(challengeResponse.toString());
        return challengeResponse;
    }

    @Override // io.mapsmessaging.security.sasl.provider.scram.State
    public void handleResponse(ChallengeResponse challengeResponse, SessionContext sessionContext) throws IOException, UnsupportedCallbackException {
        if (challengeResponse.isEmpty()) {
            return;
        }
        sessionContext.setInitialClientChallenge(challengeResponse.getOriginalRequest());
        sessionContext.setReceivedClientMessage(true);
        sessionContext.setUsername(challengeResponse.get(ChallengeResponse.USERNAME));
        sessionContext.setClientNonce(challengeResponse.get(ChallengeResponse.NONCE));
        NameCallback[] nameCallbackArr = {new NameCallback("SCRAM Username Prompt", sessionContext.getUsername()), new PasswordCallback("SCRAM Password Prompt", false)};
        this.cbh.handle(nameCallbackArr);
        if (nameCallbackArr[0].getName() == null) {
            throw new IOException("Require a username to be able to log in");
        }
        try {
            PasswordHandler parse = PasswordHandlerFactory.getInstance().parse(new String(((PasswordCallback) nameCallbackArr[1]).getPassword()));
            sessionContext.setPasswordHasher(parse);
            sessionContext.setPrepPassword(SaslPrep.getInstance().stringPrep(new String(parse.getPassword())));
            byte[] salt = parse.getSalt();
            if (salt == null || salt.length == 0) {
                salt = PasswordGenerator.generateSalt(64).getBytes(StandardCharsets.UTF_8);
            }
            sessionContext.setPasswordSalt(Base64.getEncoder().encode(salt));
            int cost = parse.getCost();
            if (cost == 0) {
                cost = 10000;
            }
            sessionContext.setIterations(cost);
            sessionContext.setServerNonce(sessionContext.getClientNonce() + CryptoHelper.generateNonce(48));
        } catch (GeneralSecurityException e) {
            throw new IOException(e);
        }
    }
}
