package org.ldaptive.provider.apache;

import javax.security.auth.login.Configuration;
import org.apache.catalina.authenticator.Constants;
import org.apache.directory.api.ldap.model.constants.SaslQoP;
import org.apache.directory.api.ldap.model.constants.SaslSecurityStrength;
import org.apache.directory.ldap.client.api.SaslCramMd5Request;
import org.apache.directory.ldap.client.api.SaslDigestMd5Request;
import org.apache.directory.ldap.client.api.SaslGssApiRequest;
import org.ldaptive.Credential;
import org.ldaptive.sasl.DigestMd5Config;
import org.ldaptive.sasl.GssApiConfig;
import org.ldaptive.sasl.QualityOfProtection;
import org.ldaptive.sasl.SaslConfig;
import org.ldaptive.sasl.SecurityStrength;

/* loaded from: input_file:WEB-INF/lib/ldaptive-apache-1.2.4.jar:org/ldaptive/provider/apache/ApacheLdapSaslUtils.class */
public final class ApacheLdapSaslUtils {
    private ApacheLdapSaslUtils() {
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static SaslDigestMd5Request createDigestMd5Request(String str, Credential credential, SaslConfig saslConfig) {
        SaslDigestMd5Request saslDigestMd5Request = new SaslDigestMd5Request();
        if (str != null) {
            saslDigestMd5Request.setUsername(str);
        }
        if (credential != null) {
            saslDigestMd5Request.setCredentials(credential.getBytes());
        }
        if (saslConfig.getAuthorizationId() != null && !"".equals(saslConfig.getAuthorizationId())) {
            saslDigestMd5Request.setAuthorizationId(saslConfig.getAuthorizationId());
        }
        if (saslConfig.getMutualAuthentication() != null) {
            saslDigestMd5Request.setMutualAuthentication(saslConfig.getMutualAuthentication().booleanValue());
        }
        if (saslConfig.getQualityOfProtection() != null) {
            saslDigestMd5Request.setQualityOfProtection(getQualityOfProtection(saslConfig.getQualityOfProtection()));
        }
        if (saslConfig.getSecurityStrength() != null) {
            saslDigestMd5Request.setSecurityStrength(getSecurityStrength(saslConfig.getSecurityStrength()));
        }
        if (saslConfig instanceof DigestMd5Config) {
            DigestMd5Config digestMd5Config = (DigestMd5Config) saslConfig;
            if (digestMd5Config.getRealm() != null) {
                saslDigestMd5Request.setRealmName(digestMd5Config.getRealm());
            }
        }
        return saslDigestMd5Request;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static SaslCramMd5Request createCramMd5Request(String str, Credential credential, SaslConfig saslConfig) {
        SaslCramMd5Request saslCramMd5Request = new SaslCramMd5Request();
        if (str != null) {
            saslCramMd5Request.setUsername(str);
        }
        if (credential != null) {
            saslCramMd5Request.setCredentials(credential.getBytes());
        }
        if (saslConfig.getAuthorizationId() != null && !"".equals(saslConfig.getAuthorizationId())) {
            saslCramMd5Request.setAuthorizationId(saslConfig.getAuthorizationId());
        }
        if (saslConfig.getMutualAuthentication() != null) {
            saslCramMd5Request.setMutualAuthentication(saslConfig.getMutualAuthentication().booleanValue());
        }
        if (saslConfig.getQualityOfProtection() != null) {
            saslCramMd5Request.setQualityOfProtection(getQualityOfProtection(saslConfig.getQualityOfProtection()));
        }
        if (saslConfig.getSecurityStrength() != null) {
            saslCramMd5Request.setSecurityStrength(getSecurityStrength(saslConfig.getSecurityStrength()));
        }
        return saslCramMd5Request;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static SaslGssApiRequest createGssApiRequest(String str, Credential credential, SaslConfig saslConfig) {
        SaslGssApiRequest saslGssApiRequest = new SaslGssApiRequest();
        if (str != null) {
            saslGssApiRequest.setUsername(str);
        }
        if (credential != null) {
            saslGssApiRequest.setCredentials(credential.getBytes());
        }
        if (saslConfig.getAuthorizationId() != null) {
            saslGssApiRequest.setAuthorizationId(saslConfig.getAuthorizationId());
        }
        if (saslConfig.getMutualAuthentication() != null) {
            saslGssApiRequest.setMutualAuthentication(saslConfig.getMutualAuthentication().booleanValue());
        }
        if (saslConfig.getQualityOfProtection() != null) {
            saslGssApiRequest.setQualityOfProtection(getQualityOfProtection(saslConfig.getQualityOfProtection()));
        }
        if (saslConfig.getSecurityStrength() != null) {
            saslGssApiRequest.setSecurityStrength(getSecurityStrength(saslConfig.getSecurityStrength()));
        }
        if (saslConfig instanceof GssApiConfig) {
            GssApiConfig gssApiConfig = (GssApiConfig) saslConfig;
            if (gssApiConfig.getRealm() != null) {
                saslGssApiRequest.setRealmName(gssApiConfig.getRealm());
            }
        }
        String property = System.getProperty("java.security.krb5.realm");
        if (property != null) {
            saslGssApiRequest.setRealmName(property);
        }
        String property2 = System.getProperty("java.security.krb5.kdc");
        if (property2 != null) {
            saslGssApiRequest.setKdcHost(property2);
        }
        if (System.getProperty(Constants.JAAS_CONF_PROPERTY) != null) {
            saslGssApiRequest.setLoginModuleConfiguration(Configuration.getConfiguration());
        }
        saslGssApiRequest.setLoginContextName("com.sun.security.jgss.initiate");
        return saslGssApiRequest;
    }

    protected static SaslQoP getQualityOfProtection(QualityOfProtection qualityOfProtection) {
        SaslQoP saslQoP;
        switch (qualityOfProtection) {
            case AUTH:
                saslQoP = SaslQoP.AUTH;
                break;
            case AUTH_INT:
                saslQoP = SaslQoP.AUTH_INT;
                break;
            case AUTH_CONF:
                saslQoP = SaslQoP.AUTH_CONF;
                break;
            default:
                throw new IllegalArgumentException("Unknown SASL quality of protection: " + qualityOfProtection);
        }
        return saslQoP;
    }

    protected static SaslSecurityStrength getSecurityStrength(SecurityStrength securityStrength) {
        SaslSecurityStrength saslSecurityStrength;
        switch (securityStrength) {
            case HIGH:
                saslSecurityStrength = SaslSecurityStrength.HIGH;
                break;
            case MEDIUM:
                saslSecurityStrength = SaslSecurityStrength.MEDIUM;
                break;
            case LOW:
                saslSecurityStrength = SaslSecurityStrength.LOW;
                break;
            default:
                throw new IllegalArgumentException("Unknown SASL security strength: " + securityStrength);
        }
        return saslSecurityStrength;
    }
}
