package org.irods.irods4j.authentication;

import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.node.ObjectNode;
import java.io.IOException;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.irods.irods4j.common.JsonUtil;
import org.irods.irods4j.low_level.api.IRODSApi;
import org.irods.irods4j.low_level.api.IRODSException;

/* loaded from: input_file:org/irods/irods4j/authentication/PamPasswordAuthPlugin.class */
public class PamPasswordAuthPlugin extends AuthPlugin {
    private static final Logger log = LogManager.getLogger();
    private static final String PERFORM_NATIVE_AUTH = "perform_native_auth";

    public PamPasswordAuthPlugin() {
        addOperation(AuthPlugin.AUTH_CLIENT_AUTH_REQUEST, this::clientRequest);
        addOperation(PERFORM_NATIVE_AUTH, this::performNativeAuth);
    }

    @Override // org.irods.irods4j.authentication.AuthPlugin
    public JsonNode authClientStart(IRODSApi.RcComm rcComm, JsonNode jsonNode) {
        ObjectNode deepCopy = jsonNode.deepCopy();
        deepCopy.put(AuthPlugin.AUTH_NEXT_OPERATION, AuthPlugin.AUTH_CLIENT_AUTH_REQUEST);
        deepCopy.put("user_name", rcComm.proxyUsername);
        deepCopy.put("zone_name", rcComm.proxyUserZone);
        deepCopy.put(AuthPlugin.AUTH_PASSWORD_KEY, jsonNode.get("password").asText());
        deepCopy.remove("password");
        return deepCopy;
    }

    private JsonNode clientRequest(IRODSApi.RcComm rcComm, JsonNode jsonNode) throws IOException, IRODSException {
        ObjectNode deepCopy = jsonNode.deepCopy();
        deepCopy.put(AuthPlugin.AUTH_NEXT_OPERATION, AuthPlugin.AUTH_AGENT_AUTH_REQUEST);
        if (!rcComm.secure) {
            throw new IllegalStateException("SSL/TLS is required for PAM authentication");
        }
        ObjectNode request = request(rcComm, deepCopy);
        request.put(AuthPlugin.AUTH_NEXT_OPERATION, PERFORM_NATIVE_AUTH);
        if (request.has("request_result")) {
            return request;
        }
        throw new IllegalStateException("Missing property: request_result");
    }

    private JsonNode performNativeAuth(IRODSApi.RcComm rcComm, JsonNode jsonNode) throws Exception {
        ObjectNode deepCopy = jsonNode.deepCopy();
        deepCopy.remove(AuthPlugin.AUTH_PASSWORD_KEY);
        ObjectNode createObjectNode = JsonUtil.getJsonMapper().createObjectNode();
        createObjectNode.put("password", deepCopy.get("request_result").asText());
        AuthManager.authenticateClient(rcComm, "native", createObjectNode);
        deepCopy.put(AuthPlugin.AUTH_NEXT_OPERATION, AuthPlugin.AUTH_FLOW_COMPLETE);
        return deepCopy;
    }
}
