package com.sshtools.client;

import com.sshtools.common.logger.Log;
import com.sshtools.common.nio.ConnectionTaskWrapper;
import com.sshtools.common.ssh.ConnectionProtocol;
import com.sshtools.common.ssh.ExecutorOperationSupport;
import com.sshtools.common.ssh.Service;
import com.sshtools.common.util.ByteArrayReader;
import java.io.IOException;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.StringTokenizer;

/* loaded from: input_file:WEB-INF/lib/maverick-ng-client-2.0.4.jar:com/sshtools/client/AuthenticationProtocolClient.class */
public class AuthenticationProtocolClient implements Service {
    public static final int SSH_MSG_USERAUTH_REQUEST = 50;
    public static final int SSH_MSG_USERAUTH_FAILURE = 51;
    public static final int SSH_MSG_USERAUTH_SUCCESS = 52;
    public static final int SSH_MSG_USERAUTH_BANNER = 53;
    TransportProtocolClient transport;
    SshClientContext context;
    String username;
    List<ClientAuthenticator> authenticators;
    ClientAuthenticator currentAuthenticator;
    int authIndex = 0;
    Set<String> supportedAuths = null;
    boolean authenticated = false;

    public AuthenticationProtocolClient(TransportProtocolClient transportProtocolClient, SshClientContext sshClientContext, String str) {
        this.transport = transportProtocolClient;
        this.context = sshClientContext;
        this.username = str;
    }

    @Override // com.sshtools.common.ssh.Service
    public boolean processMessage(byte[] bArr) throws IOException {
        ByteArrayReader byteArrayReader = new ByteArrayReader(bArr);
        try {
            if (this.currentAuthenticator != null) {
                if (this.currentAuthenticator.processMessage(byteArrayReader)) {
                    return true;
                }
                byteArrayReader.reset();
            }
            byteArrayReader.skip(1L);
            switch (bArr[0]) {
                case 51:
                    String readString = byteArrayReader.readString();
                    final boolean readBoolean = byteArrayReader.readBoolean();
                    if (this.currentAuthenticator == null) {
                        this.transport.getConnectFuture().connected(this.transport, this.transport.getConnection());
                    } else if (readBoolean) {
                        this.currentAuthenticator.success();
                    } else {
                        this.currentAuthenticator.failure();
                    }
                    if (Log.isDebugEnabled()) {
                        Log.debug("SSH_MSG_USERAUTH_FAILURE received auths=" + readString, new Object[0]);
                    }
                    boolean z = this.supportedAuths == null;
                    StringTokenizer stringTokenizer = new StringTokenizer(readString, ",");
                    this.supportedAuths = new HashSet();
                    while (stringTokenizer.hasMoreTokens()) {
                        this.supportedAuths.add(stringTokenizer.nextToken());
                    }
                    if (z) {
                        checkForKeyboardInteractiveAuthentication();
                    }
                    if (canAuthenticate()) {
                        doNextAuthentication();
                    } else {
                        this.transport.addTask(ExecutorOperationSupport.EVENTS, new ConnectionTaskWrapper(this.transport.getConnection(), new Runnable() { // from class: com.sshtools.client.AuthenticationProtocolClient.1
                            @Override // java.lang.Runnable
                            public void run() {
                                ArrayList arrayList = new ArrayList();
                                Iterator<ClientStateListener> it = AuthenticationProtocolClient.this.context.getStateListeners().iterator();
                                while (it.hasNext()) {
                                    it.next().authenticate(AuthenticationProtocolClient.this.transport.getConnection(), AuthenticationProtocolClient.this.supportedAuths, readBoolean, arrayList);
                                    AuthenticationProtocolClient.this.authenticators.addAll(arrayList);
                                }
                                if (AuthenticationProtocolClient.this.canAuthenticate()) {
                                    AuthenticationProtocolClient.this.doNextAuthentication();
                                }
                            }
                        }));
                    }
                    byteArrayReader.close();
                    return true;
                case 52:
                    this.authenticated = true;
                    if (Log.isDebugEnabled()) {
                        Log.debug("SSH_MSG_USERAUTH_SUCCESS received", new Object[0]);
                    }
                    this.currentAuthenticator.success();
                    ConnectionProtocolClient connectionProtocolClient = new ConnectionProtocolClient(this.transport, this.username);
                    stop();
                    this.transport.setActiveService(connectionProtocolClient);
                    connectionProtocolClient.start();
                    byteArrayReader.close();
                    return true;
                case 53:
                    String readString2 = byteArrayReader.readString();
                    if (this.context.getBannerDisplay() != null) {
                        this.context.getBannerDisplay().displayBanner(readString2);
                    }
                    if (Log.isDebugEnabled()) {
                        Log.debug("SSH_MSG_USERAUTH_BANNER received", new Object[0]);
                        Log.debug(byteArrayReader.readString(), new Object[0]);
                    }
                    byteArrayReader.close();
                    return true;
                default:
                    byteArrayReader.close();
                    return false;
            }
        } finally {
            byteArrayReader.close();
        }
    }

    private void checkForKeyboardInteractiveAuthentication() {
        int i = -1;
        boolean z = false;
        int i2 = 0;
        for (ClientAuthenticator clientAuthenticator : this.authenticators) {
            if (clientAuthenticator instanceof PasswordAuthenticator) {
                i = i2;
            }
            if (clientAuthenticator instanceof KeyboardInteractiveAuthenticator) {
                z = true;
            }
            i2++;
        }
        if (z || i <= -1 || !this.supportedAuths.contains("keyboard-interactive")) {
            return;
        }
        this.authenticators.add(i, new KeyboardInteractiveAuthenticator(new PasswordOverKeyboardInteractiveCallback((PasswordAuthenticator) this.authenticators.get(i))));
    }

    @Override // com.sshtools.common.ssh.Service
    public void start() {
        if (Log.isDebugEnabled()) {
            Log.debug("Starting Authentication Protocol", new Object[0]);
        }
        this.authenticators = new ArrayList(this.context.getAuthenticators());
        doNoneAuthentication();
    }

    private void doNoneAuthentication() {
        this.transport.postMessage(new AuthenticationMessage(this.username, ConnectionProtocol.SERVICE_NAME, "none"));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean canAuthenticate() {
        return this.authIndex < this.authenticators.size();
    }

    public void doNextAuthentication() {
        if (canAuthenticate()) {
            List<ClientAuthenticator> list = this.authenticators;
            int i = this.authIndex;
            this.authIndex = i + 1;
            this.currentAuthenticator = list.get(i);
            this.currentAuthenticator.authenticate(this.transport, this.username);
        }
    }

    @Override // com.sshtools.common.ssh.Service
    public void stop() {
        if (Log.isDebugEnabled()) {
            Log.debug("Stopping Authentication Protocol", new Object[0]);
        }
        this.transport.getConnection().getAuthenticatedFuture().authenticated(this.authenticated);
    }

    @Override // com.sshtools.common.ssh.Service
    public String getName() {
        return "ssh-userauth";
    }

    @Override // com.sshtools.common.ssh.Service
    public int getIdleTimeoutSeconds() {
        return ((SshClientContext) this.transport.getContext2()).getIdleAuthenticationTimeoutSeconds();
    }

    @Override // com.sshtools.common.ssh.Service
    public boolean idle() {
        this.transport.disconnect(11, "Idle unauthenticated connection");
        return true;
    }

    public void doAuthentication(ClientAuthenticator clientAuthenticator) {
        this.currentAuthenticator = clientAuthenticator;
        this.currentAuthenticator.authenticate(this.transport, this.username);
    }
}
