package org.ldaptive.transport;

import javax.security.sasl.Sasl;
import javax.security.sasl.SaslException;
import org.ldaptive.BindResponse;
import org.ldaptive.ResultCode;
import org.ldaptive.sasl.DefaultSaslClientRequest;
import org.ldaptive.sasl.Mechanism;
import org.ldaptive.sasl.QualityOfProtection;
import org.ldaptive.sasl.SaslClient;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/ldaptive-2.2.1-SNAPSHOT.jar:org/ldaptive/transport/DefaultSaslClient.class */
public class DefaultSaslClient implements SaslClient<DefaultSaslClientRequest> {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) DefaultSaslClient.class);
    private javax.security.sasl.SaslClient client;

    public javax.security.sasl.SaslClient getClient() {
        return this.client;
    }

    @Override // org.ldaptive.sasl.SaslClient
    public BindResponse bind(TransportConnection transportConnection, DefaultSaslClientRequest defaultSaslClientRequest) throws SaslException {
        try {
            this.client = Sasl.createSaslClient(new String[]{defaultSaslClientRequest.getMechanism().mechanism()}, defaultSaslClientRequest.getAuthorizationID(), "ldap", transportConnection.getLdapURL().getHostname(), defaultSaslClientRequest.getSaslProperties(), defaultSaslClientRequest);
            BindResponse execute = transportConnection.operation(defaultSaslClientRequest.createBindRequest(this.client.hasInitialResponse() ? this.client.evaluateChallenge(new byte[0]) : null)).execute();
            if (ResultCode.SASL_BIND_IN_PROGRESS != execute.getResultCode()) {
                return execute;
            }
            while (!this.client.isComplete() && ResultCode.SASL_BIND_IN_PROGRESS == execute.getResultCode()) {
                execute = transportConnection.operation(defaultSaslClientRequest.createBindRequest(this.client.evaluateChallenge(execute.getServerSaslCreds()))).execute();
            }
            if (ResultCode.SASL_BIND_IN_PROGRESS == execute.getResultCode()) {
                throw new SaslException("SASL client error: client completed but bind still in progress for " + defaultSaslClientRequest + " with " + execute);
            }
            if (!this.client.isComplete() && execute.getServerSaslCreds() != null) {
                this.client.evaluateChallenge(execute.getServerSaslCreds());
            }
            if (this.client.isComplete() || ResultCode.SUCCESS != execute.getResultCode()) {
                return execute;
            }
            throw new SaslException("SASL client error: client did not complete for " + defaultSaslClientRequest + " with " + execute);
        } catch (Throwable th) {
            dispose();
            if (th instanceof SaslException) {
                throw th;
            }
            throw new SaslException("SASL bind failed for " + defaultSaslClientRequest, th);
        }
    }

    public Mechanism getMechanism() {
        return Mechanism.valueOf(this.client.getMechanismName());
    }

    public QualityOfProtection getQualityOfProtection() {
        if (this.client.isComplete()) {
            return QualityOfProtection.fromString((String) this.client.getNegotiatedProperty("javax.security.sasl.qop"));
        }
        return null;
    }

    public void dispose() {
        try {
        } catch (SaslException e) {
            LOGGER.warn("Error disposing of SASL client", e);
        } finally {
            this.client = null;
        }
        if (this.client != null) {
            this.client.dispose();
        }
    }
}
