package com.sap.db.util.security;

import com.sap.db.jdbc.ConnectionSapDB;
import com.sap.db.jdbc.Session;
import com.sap.db.jdbc.exceptions.SQLExceptionSapDB;
import com.sap.db.jdbc.packet.HAuthenticationPart;
import com.sap.db.jdbc.packet.HRequestPacket;
import com.sap.db.jdbc.trace.Tracer;
import com.sap.db.util.MessageKey;
import com.sap.db.util.MessageTranslator;
import java.sql.SQLException;
import java.util.LinkedHashMap;
import java.util.Map;
import org.ietf.jgss.GSSException;

/* loaded from: input_file:com/sap/db/util/security/AuthenticationManager.class */
public class AuthenticationManager extends AbstractAuthenticationManager {
    private Map<String, AbstractAuthenticationMethod> _methods = new LinkedHashMap();
    private AbstractAuthenticationMethod _currentMethod;

    @Override // com.sap.db.util.security.AbstractAuthenticationManager
    public void authenticate(ConnectionSapDB connectionSapDB, Session session, String str, String str2) throws SQLException {
        boolean z;
        byte[] evaluateAuthenticateReply;
        Tracer tracer = connectionSapDB.getTracer();
        boolean z2 = (str == null || str.isEmpty()) ? false : true;
        boolean z3 = !str2.isEmpty();
        if (connectionSapDB.getCookie() != null && z2) {
            this._methods.put("SessionCookie", new SessionCookieAuthentication(connectionSapDB));
            if (tracer.on()) {
                tracer.printMessage("Using Session Cookie Authentication");
            }
        } else if (z3) {
            if (tracer.on()) {
                tracer.printMessage("Reject GSS Authentication: Password is not empty");
            }
            if (!z2) {
                this._methods.put("SAML", new SAMLAuthentication());
                this._methods.put("SAPLogon", new SAPLogonAuthentication());
                this._methods.put("JWT", new JWTAuthentication());
            } else if (tracer.on()) {
                tracer.printMessage("Reject SAML, SAPLogon and JWT Authentication: User name is not empty");
            }
        } else {
            try {
                this._methods.put("GSS", new GSSAuthentication(connectionSapDB));
            } catch (GSSException e) {
                if (tracer.on()) {
                    tracer.printThrowable(e, "Reject GSS Authentication");
                }
            }
        }
        this._methods.put("SCRAMSHA256", new ScramSHA256Authentication());
        HRequestPacket requestPacket = connectionSapDB.getRequestPacket(session);
        do {
            z = false;
            HAuthenticationPart initAuthenticate = requestPacket.initAuthenticate();
            initAuthenticate.addArg();
            initAuthenticate.addRow((2 * this._methods.size()) + 1);
            initAuthenticate.addString(str);
            for (Map.Entry entry : new LinkedHashMap(this._methods).entrySet()) {
                String str3 = (String) entry.getKey();
                AbstractAuthenticationMethod abstractAuthenticationMethod = (AbstractAuthenticationMethod) entry.getValue();
                try {
                    initAuthenticate.addBytes(str3.getBytes(CHARSET_UTF_8));
                    initAuthenticate.addBytes(abstractAuthenticationMethod.getInitialData(str2.getBytes(CHARSET_UTF_8)));
                } catch (SQLException e2) {
                    z = true;
                    if (tracer.on()) {
                        tracer.printThrowable(e2, "Reject authentication method " + abstractAuthenticationMethod.getMethodName());
                    }
                    this._methods.remove(str3);
                    if (this._methods.size() == 0) {
                        connectionSapDB.freeRequestPacket(requestPacket);
                        throw new SQLException(MessageTranslator.translate(MessageKey.ERROR_CONNECTION_NOAUTHENTICATIONMETHODAVAILABLE, new Object[0]), "08001", -11111);
                    }
                }
            }
            if (!z) {
                initAuthenticate.close();
            }
        } while (z);
        do {
            requestPacket.close();
            HAuthenticationPart findAuthenticationPart = connectionSapDB.execute(this, session, requestPacket, new ConnectionSapDB.ExecuteFlag[0]).findAuthenticationPart(0);
            if (findAuthenticationPart == null || !findAuthenticationPart.nextField()) {
                throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_CONNECTION_NOAUTHENTICATIONMETHODAVAILABLE, new String[0]);
            }
            String valueAsString = findAuthenticationPart.getValueAsString();
            this._currentMethod = this._methods.get(valueAsString);
            findAuthenticationPart.nextField();
            evaluateAuthenticateReply = this._currentMethod.evaluateAuthenticateReply(findAuthenticationPart, tracer);
            if (evaluateAuthenticateReply != null) {
                requestPacket = connectionSapDB.getRequestPacket(session);
                HAuthenticationPart initAuthenticate2 = requestPacket.initAuthenticate();
                initAuthenticate2.addArg();
                initAuthenticate2.addRow(2);
                initAuthenticate2.addBytes(valueAsString.getBytes(AbstractAuthenticationManager.CHARSET_UTF_8));
                initAuthenticate2.addBytes(evaluateAuthenticateReply);
                initAuthenticate2.close();
            }
        } while (evaluateAuthenticateReply != null);
    }

    @Override // com.sap.db.util.security.AbstractAuthenticationManager
    public void setClientProofPart(HAuthenticationPart hAuthenticationPart, String str, String str2) throws SQLException {
        hAuthenticationPart.addRow(3);
        hAuthenticationPart.addString(str);
        hAuthenticationPart.addArg();
        hAuthenticationPart.addString(this._currentMethod.getMethodName());
        hAuthenticationPart.addArg();
        hAuthenticationPart.addBytes(this._currentMethod.getFinalData(str2));
        hAuthenticationPart.addArg();
    }

    @Override // com.sap.db.util.security.AbstractAuthenticationManager
    public String getMethodName() {
        return this._currentMethod != null ? this._currentMethod.getMethodName() : "NULL";
    }

    @Override // com.sap.db.util.security.AbstractAuthenticationManager
    public byte[] evaluateConnectReply(HAuthenticationPart hAuthenticationPart, Tracer tracer) throws SQLException {
        if (this._currentMethod != null) {
            return this._currentMethod.evaluateConnectReply(hAuthenticationPart, tracer);
        }
        return null;
    }

    @Override // com.sap.db.util.security.AbstractAuthenticationManager
    public boolean supportsReconnect() {
        if (this._currentMethod != null) {
            return this._currentMethod.supportsReconnect();
        }
        return false;
    }

    @Override // com.sap.db.util.security.AbstractAuthenticationManager
    String getUserNameFromServer() {
        if (this._currentMethod != null) {
            return this._currentMethod.getUserNameFromServer();
        }
        return null;
    }

    @Override // com.sap.db.util.security.AbstractAuthenticationManager
    void onAuthenticationCompleted() {
        if (this._currentMethod != null) {
            this._currentMethod.onAuthenticationCompleted();
        }
    }
}
