package org.irods.irods4j.authentication;

import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.node.ObjectNode;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Base64;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.irods.irods4j.low_level.api.IRODSApi;
import org.irods.irods4j.low_level.api.IRODSException;

/* loaded from: input_file:org/irods/irods4j/authentication/NativeAuthPlugin.class */
public class NativeAuthPlugin extends AuthPlugin {
    private static final Logger log = LogManager.getLogger();

    public NativeAuthPlugin() {
        addOperation(AuthPlugin.AUTH_ESTABLISH_CONTEXT, this::establishContext);
        addOperation(AuthPlugin.AUTH_CLIENT_AUTH_REQUEST, this::clientRequest);
        addOperation(AuthPlugin.AUTH_CLIENT_AUTH_RESPONSE, this::clientResponse);
    }

    @Override // org.irods.irods4j.authentication.AuthPlugin
    public JsonNode authClientStart(IRODSApi.RcComm rcComm, JsonNode jsonNode) {
        ObjectNode deepCopy = jsonNode.deepCopy();
        deepCopy.put(AuthPlugin.AUTH_NEXT_OPERATION, AuthPlugin.AUTH_CLIENT_AUTH_REQUEST);
        deepCopy.put("user_name", rcComm.proxyUsername);
        deepCopy.put("zone_name", rcComm.proxyUserZone);
        return deepCopy;
    }

    private JsonNode establishContext(IRODSApi.RcComm rcComm, JsonNode jsonNode) throws NoSuchAlgorithmException {
        ObjectNode deepCopy = jsonNode.deepCopy();
        String asText = ((ObjectNode) jsonNode).get("request_result").asText();
        StringBuilder sb = new StringBuilder();
        sb.append(asText);
        sb.setLength(64);
        log.debug("requestResultSb string = [{}]", sb.toString());
        StringBuilder sb2 = new StringBuilder();
        sb2.append((CharSequence) sb);
        rcComm.sessionSignature = generateSessionSignature(sb2.substring(0, 16));
        log.debug("Session signature = [{}]", rcComm.sessionSignature);
        if (!"anonymous".equals(jsonNode.get("user_name").asText())) {
            StringBuilder sb3 = new StringBuilder();
            sb3.append(jsonNode.get("password").asText());
            sb3.setLength(50);
            sb2.append((CharSequence) sb3);
            log.debug("MD5 string = [{}]", sb2.toString());
        }
        MessageDigest messageDigest = MessageDigest.getInstance("md5");
        messageDigest.update(sb2.toString().getBytes(StandardCharsets.UTF_8));
        byte[] digest = messageDigest.digest();
        for (int i = 0; i < 16; i++) {
            if (0 == digest[i]) {
                int i2 = i;
                digest[i2] = (byte) (digest[i2] + 1);
            }
        }
        deepCopy.remove("password");
        deepCopy.put("digest", Base64.getEncoder().encodeToString(digest));
        deepCopy.put(AuthPlugin.AUTH_NEXT_OPERATION, AuthPlugin.AUTH_CLIENT_AUTH_RESPONSE);
        return deepCopy;
    }

    private JsonNode clientRequest(IRODSApi.RcComm rcComm, JsonNode jsonNode) throws IOException, IRODSException {
        ObjectNode deepCopy = jsonNode.deepCopy();
        deepCopy.put(AuthPlugin.AUTH_NEXT_OPERATION, AuthPlugin.AUTH_AGENT_AUTH_REQUEST);
        ObjectNode request = request(rcComm, deepCopy);
        request.put(AuthPlugin.AUTH_NEXT_OPERATION, AuthPlugin.AUTH_ESTABLISH_CONTEXT);
        return request;
    }

    private JsonNode clientResponse(IRODSApi.RcComm rcComm, JsonNode jsonNode) throws IOException, IRODSException {
        if (!jsonNode.has("digest") || !jsonNode.has("user_name") || !jsonNode.has("zone_name")) {
            throw new IllegalStateException("Missing digest, user_name, and/or zone_name");
        }
        ObjectNode deepCopy = jsonNode.deepCopy();
        deepCopy.put(AuthPlugin.AUTH_NEXT_OPERATION, AuthPlugin.AUTH_AGENT_AUTH_RESPONSE);
        ObjectNode request = request(rcComm, deepCopy);
        rcComm.loggedIn = true;
        request.put(AuthPlugin.AUTH_NEXT_OPERATION, AuthPlugin.AUTH_FLOW_COMPLETE);
        return request;
    }

    private static String generateSessionSignature(String str) {
        if (str.length() < 16) {
            throw new IllegalArgumentException("Buffer must be at least 16 bytes long");
        }
        StringBuilder sb = new StringBuilder();
        for (byte b : str.getBytes(StandardCharsets.UTF_8)) {
            sb.append(String.format("%02x", Byte.valueOf(b)));
        }
        if (sb.length() != 32) {
            throw new IllegalStateException("Session signature is not 32 bytes in length");
        }
        return sb.toString();
    }
}
