package defpackage;

import com.ibm.icu.util.VTimeZone;
import com.microsoft.sqlserver.jdbc.SQLServerConnection;
import com.microsoft.sqlserver.jdbc.SQLServerDriverStringProperty;
import com.microsoft.sqlserver.jdbc.SQLServerException;
import java.security.AccessController;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.HashMap;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.Subject;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.Configuration;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.Oid;

/* loaded from: classes.dex */
public final class rj extends qk {
    public static final Logger g = Logger.getLogger("com.microsoft.sqlserver.jdbc.internals.KerbAuthentication");
    public final SQLServerConnection a;
    public final String b;
    public final GSSManager c = GSSManager.getInstance();
    public LoginContext d = null;
    public GSSCredential e = null;
    public GSSContext f = null;

    /* loaded from: classes.dex */
    public static class a implements PrivilegedExceptionAction<GSSCredential> {
        public final /* synthetic */ GSSManager a;
        public final /* synthetic */ Oid b;

        public a(GSSManager gSSManager, Oid oid) {
            this.a = gSSManager;
            this.b = oid;
        }

        @Override // java.security.PrivilegedExceptionAction
        public GSSCredential run() {
            return this.a.createCredential((GSSName) null, 0, this.b, 1);
        }
    }

    /* loaded from: classes.dex */
    public class b extends Configuration {
        public Configuration a;
        public AppConfigurationEntry[] b;

        public b() {
            AppConfigurationEntry appConfigurationEntry;
            this.a = null;
            try {
                this.a = Configuration.getConfiguration();
            } catch (SecurityException unused) {
                rj.g.finer(toString() + " No configurations provided, setting driver default");
            }
            Configuration configuration = this.a;
            if ((configuration != null ? configuration.getAppConfigurationEntry("SQLJDBCDriver") : null) == null) {
                if (rj.g.isLoggable(Level.FINER)) {
                    rj.g.finer(toString() + " SQLJDBCDriver configuration entry is not provided, setting driver default");
                }
                if (ul.b()) {
                    HashMap hashMap = new HashMap();
                    hashMap.put("useDefaultCcache", "true");
                    hashMap.put("moduleBanner", "false");
                    appConfigurationEntry = new AppConfigurationEntry("com.ibm.security.auth.module.Krb5LoginModule", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, hashMap);
                    if (rj.g.isLoggable(Level.FINER)) {
                        rj.g.finer(toString() + " Setting IBM Krb5LoginModule");
                    }
                } else {
                    HashMap hashMap2 = new HashMap();
                    hashMap2.put("useTicketCache", "true");
                    hashMap2.put("doNotPrompt", "true");
                    appConfigurationEntry = new AppConfigurationEntry("com.sun.security.auth.module.Krb5LoginModule", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, hashMap2);
                    if (rj.g.isLoggable(Level.FINER)) {
                        rj.g.finer(toString() + " Setting Sun Krb5LoginModule");
                    }
                }
                this.b = new AppConfigurationEntry[1];
                this.b[0] = appConfigurationEntry;
                Configuration.setConfiguration(this);
            }
        }
    }

    static {
        new b();
    }

    public rj(SQLServerConnection sQLServerConnection, String str, int i) {
        this.a = sQLServerConnection;
        String property = sQLServerConnection.r.getProperty(SQLServerDriverStringProperty.SERVER_SPN.toString());
        if (property != null) {
            this.b = property;
        } else {
            this.b = a(str, i);
        }
    }

    public static GSSCredential a(Subject subject, GSSManager gSSManager, Oid oid) {
        return (GSSCredential) Subject.doAs(subject, new a(gSSManager, oid));
    }

    @Override // defpackage.qk
    public int a() {
        try {
            if (this.e != null) {
                this.e.dispose();
            }
            if (this.f != null) {
                this.f.dispose();
            }
            if (this.d == null) {
                return 0;
            }
            this.d.logout();
            return 0;
        } catch (GSSException e) {
            g.fine(toString() + " Release of the credentials failed GSSException: " + e);
            return 0;
        } catch (LoginException e2) {
            g.fine(toString() + " Release of the credentials failed LoginException: " + e2);
            return 0;
        }
    }

    public final String a(String str, int i) {
        if (g.isLoggable(Level.FINER)) {
            g.finer(toString() + " Server: " + str + " port: " + i);
        }
        String str2 = "MSSQLSvc/" + str + VTimeZone.COLON + i;
        if (g.isLoggable(Level.FINER)) {
            g.finer(toString() + " SPN: " + str2);
        }
        return str2;
    }

    @Override // defpackage.qk
    public byte[] a(byte[] bArr, boolean[] zArr) {
        if (this.f == null) {
            b();
        }
        return b(bArr, zArr);
    }

    public final void b() {
        try {
            Oid oid = new Oid("1.2.840.113554.1.2.2");
            try {
                Subject subject = Subject.getSubject(AccessController.getContext());
                if (subject == null) {
                    this.d = new LoginContext("SQLJDBCDriver");
                    this.d.login();
                    subject = this.d.getSubject();
                }
                GSSName createName = this.c.createName(this.b, (Oid) null);
                if (g.isLoggable(Level.FINER)) {
                    g.finer(toString() + " Getting client credentials");
                }
                this.e = a(subject, this.c, oid);
                if (g.isLoggable(Level.FINER)) {
                    g.finer(toString() + " creating security context");
                }
                this.f = this.c.createContext(createName, oid, this.e, 0);
                this.f.requestCredDeleg(true);
                this.f.requestMutualAuth(true);
                this.f.requestInteg(true);
            } catch (LoginException e) {
                this.a.a(0, SQLServerException.a("R_integratedAuthenticationFailed"), e);
                throw null;
            }
        } catch (GSSException e2) {
            g.finer(toString() + "initAuthInit failed GSSException:-" + e2);
            this.a.a(0, SQLServerException.a("R_integratedAuthenticationFailed"), e2);
            throw null;
        } catch (PrivilegedActionException e3) {
            g.finer(toString() + "initAuthInit failed privileged exception:-" + e3);
            this.a.a(0, SQLServerException.a("R_integratedAuthenticationFailed"), e3);
            throw null;
        }
    }

    public final byte[] b(byte[] bArr, boolean[] zArr) {
        try {
            if (g.isLoggable(Level.FINER)) {
                g.finer(toString() + " Sending token to server over secure context");
            }
            byte[] initSecContext = this.f.initSecContext(bArr, 0, bArr.length);
            if (this.f.isEstablished()) {
                zArr[0] = true;
                if (g.isLoggable(Level.FINER)) {
                    g.finer(toString() + "Authentication done.");
                }
            } else if (initSecContext == null) {
                g.info(toString() + "byteToken is null in initSecContext.");
                this.a.a(0, SQLServerException.a("R_integratedAuthenticationFailed"));
                throw null;
            }
            return initSecContext;
        } catch (GSSException e) {
            g.finer(toString() + "initSecContext Failed :-" + e);
            this.a.a(0, SQLServerException.a("R_integratedAuthenticationFailed"), e);
            throw null;
        }
    }
}
