package com.sshtools.server;

import com.maverick.util.ByteArrayReader;
import com.sshtools.common.Connection;
import com.sshtools.common.Service;
import com.sshtools.common.SshAttributes;
import com.sshtools.common.SshMessage;
import com.sshtools.common.SshTransport;
import com.sshtools.common.io.Buffer;
import com.sshtools.common.io.Session;
import com.sshtools.server.events.EventServiceImplementation;
import com.sshtools.server.events.SSHDEvent;
import com.sshtools.server.events.SSHDEventCodes;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/sshtools/server/AuthenticationProtocol.class */
public class AuthenticationProtocol implements Service {
    public static final int SSH_MSG_USERAUTH_REQUEST = 50;
    public static final int SSH_MSG_USERAUTH_FAILURE = 51;
    public static final int SSH_MSG_USERAUTH_SUCCESS = 52;
    public static final int SSH_MSG_USERAUTH_BANNER = 53;
    SshTransport transport;
    Session session;
    SshServerContext context;
    AuthenticationMechanism currentAuthentication;
    String currentMethod;
    String username;
    String service;
    static final String SERVICE_NAME = "ssh-userauth";
    static Logger log = LoggerFactory.getLogger(AuthenticationProtocol.class);
    boolean authInProgress = false;
    int failed = 0;
    ArrayList<String> completedAuthentications = new ArrayList<>();
    Map<String, Object> authenticationParameters = Collections.synchronizedMap(new HashMap());
    Date started = new Date();

    public void init(Session session, SshTransport sshTransport) {
        this.session = session;
        this.transport = sshTransport;
        this.context = (SshServerContext) session.getAttribute("context");
    }

    public void stop() {
    }

    public void start() {
        if (this.context.getBannerMessage().length() > 0) {
            this.session.write(new SshMessage() { // from class: com.sshtools.server.AuthenticationProtocol.1
                public boolean writeMessageIntoBuffer(Session session, Buffer buffer) {
                    buffer.put((byte) 53);
                    byte[] bytes = AuthenticationProtocol.this.context.getBannerMessage().getBytes();
                    buffer.putInt(bytes.length);
                    buffer.put(bytes);
                    buffer.putInt(0);
                    return true;
                }

                public void messageSent() {
                    if (AuthenticationProtocol.log.isDebugEnabled()) {
                        AuthenticationProtocol.log.debug("Sent SSH_MSG_USERAUTH_BANNER");
                    }
                }

                public int getId() {
                    return 53;
                }
            });
        }
    }

    public boolean processMessage(byte[] bArr) throws IOException {
        if (this.authInProgress) {
            return this.currentAuthentication.processMessage(bArr);
        }
        switch (bArr[0]) {
            case SSH_MSG_USERAUTH_REQUEST /* 50 */:
                processRequest(bArr);
                return true;
            default:
                return false;
        }
    }

    public Object getParameter(String str) {
        return this.authenticationParameters.get(str);
    }

    public void setParameter(String str, Object obj) {
        this.authenticationParameters.put(str, obj);
    }

    void processRequest(byte[] bArr) throws IOException {
        ByteArrayReader byteArrayReader = new ByteArrayReader(bArr);
        try {
            byteArrayReader.skip(1L);
            this.username = byteArrayReader.readString();
            this.service = byteArrayReader.readString();
            this.currentMethod = byteArrayReader.readString();
            Connection<SshServerContext> connectionById = this.context.getConnectionManager().getConnectionById(SshAttributes.getUUID(this.session));
            connectionById.setUsername(this.username);
            if (log.isInfoEnabled()) {
                log.info("Client is attempting " + this.currentMethod + " authentication");
            }
            byte[] bArr2 = null;
            if (byteArrayReader.available() > 0) {
                bArr2 = new byte[byteArrayReader.available()];
                byteArrayReader.read(bArr2);
            }
            this.currentAuthentication = this.context.getAuthenticationMechanismFactory().createInstance(this.currentMethod, this.session, this.transport, this, connectionById);
            this.authInProgress = true;
            this.currentAuthentication.startRequest(this.username, bArr2);
        } catch (UnsupportedChannelException e) {
            if (!this.currentMethod.equals(AuthenticationMechanismFactory.NONE) && log.isErrorEnabled()) {
                log.error("Failed to initialize " + this.currentMethod + " authentication mechanism", e);
            }
            failedAuthentication();
        } finally {
            byteArrayReader.close();
        }
    }

    public void completedAuthentication() throws IOException {
        if (this.currentAuthentication.isPassword()) {
            this.completedAuthentications.add("password");
        }
        this.completedAuthentications.add(this.currentAuthentication.getName());
        EventServiceImplementation.getInstance().fireEvent(new SSHDEvent((Object) this, SSHDEventCodes.EVENT_USERAUTH_SUCCESS, true).addAttribute(SSHDEventCodes.ATTRIBUTE_CONNECTION, this.context.getConnectionManager().getConnectionById(SshAttributes.getUUID(this.session))).addAttribute(SSHDEventCodes.ATTRIBUTE_ATTEMPTED_USERNAME, this.username).addAttribute(SSHDEventCodes.ATTRIBUTE_AUTHENTICATION_METHOD, this.currentMethod).addAttribute(SSHDEventCodes.ATTRIBUTE_OPERATION_STARTED, this.started).addAttribute(SSHDEventCodes.ATTRIBUTE_OPERATION_FINISHED, new Date()));
        boolean z = true;
        for (String str : this.context.getRequiredAuthentications().getList()) {
            z &= this.completedAuthentications.contains(str);
        }
        if (!z) {
            failedAuthentication(true, true);
        } else {
            this.session.write(new SshMessage() { // from class: com.sshtools.server.AuthenticationProtocol.2
                public boolean writeMessageIntoBuffer(Session session, Buffer buffer) {
                    buffer.put((byte) 52);
                    return true;
                }

                public void messageSent() {
                    if (AuthenticationProtocol.log.isDebugEnabled()) {
                        AuthenticationProtocol.log.debug("Sent SSH_MSG_USERAUTH_SUCCESS");
                    }
                    AuthenticationProtocol.this.transport.startService(AuthenticationProtocol.this.session, new ConnectionProtocol(AuthenticationProtocol.this.username));
                    EventServiceImplementation.getInstance().fireEvent(new SSHDEvent((Object) this, SSHDEventCodes.EVENT_AUTHENTICATION_COMPLETE, true).addAttribute(SSHDEventCodes.ATTRIBUTE_CONNECTION, AuthenticationProtocol.this.context.getConnectionManager().getConnectionById(SshAttributes.getUUID(AuthenticationProtocol.this.session))).addAttribute(SSHDEventCodes.ATTRIBUTE_AUTHENTICATION_METHODS, AuthenticationProtocol.this.completedAuthentications));
                }

                public int getId() {
                    return 52;
                }
            });
            this.authInProgress = false;
        }
    }

    public void discardAuthentication() {
        this.authInProgress = false;
    }

    public void failedAuthentication() throws IOException {
        failedAuthentication(false, false);
    }

    public void failedAuthentication(final boolean z, boolean z2) throws IOException {
        if (!this.currentMethod.equals(AuthenticationMechanismFactory.NONE) && !z) {
            if (!z2) {
                this.failed++;
            }
            if (this.failed >= this.context.getMaxAuthentications()) {
                this.transport.disconnect(this.session, 11, "Too many bad authentication attempts!");
                return;
            }
        }
        this.session.write(new SshMessage() { // from class: com.sshtools.server.AuthenticationProtocol.3
            public boolean writeMessageIntoBuffer(Session session, Buffer buffer) {
                buffer.put((byte) 51);
                String str = "";
                for (String str2 : AuthenticationProtocol.this.context.getAuthenticationMechanismFactory().getSupportedMechanisms()) {
                    if (!AuthenticationProtocol.this.completedAuthentications.contains(str2)) {
                        if (!str.equals("")) {
                            str = String.valueOf(str) + ",";
                        }
                        str = String.valueOf(str) + str2;
                    }
                }
                buffer.putInt(str.length());
                buffer.put(str.getBytes());
                buffer.put((byte) (z ? 1 : 0));
                return true;
            }

            public void messageSent() {
                if (!AuthenticationProtocol.this.currentMethod.equals(AuthenticationMechanismFactory.NONE)) {
                    if (z) {
                        EventServiceImplementation.getInstance().fireEvent(new SSHDEvent((Object) this, SSHDEventCodes.EVENT_USERAUTH_SUCCESS, true).addAttribute(SSHDEventCodes.ATTRIBUTE_CONNECTION, AuthenticationProtocol.this.context.getConnectionManager().getConnectionById(SshAttributes.getUUID(AuthenticationProtocol.this.session))).addAttribute(SSHDEventCodes.ATTRIBUTE_ATTEMPTED_USERNAME, AuthenticationProtocol.this.username).addAttribute(SSHDEventCodes.ATTRIBUTE_AUTHENTICATION_METHOD, AuthenticationProtocol.this.currentMethod));
                    } else {
                        EventServiceImplementation.getInstance().fireEvent(new SSHDEvent((Object) this, SSHDEventCodes.EVENT_USERAUTH_FAILURE, true).addAttribute(SSHDEventCodes.ATTRIBUTE_CONNECTION, AuthenticationProtocol.this.context.getConnectionManager().getConnectionById(SshAttributes.getUUID(AuthenticationProtocol.this.session))).addAttribute(SSHDEventCodes.ATTRIBUTE_ATTEMPTED_USERNAME, AuthenticationProtocol.this.username).addAttribute(SSHDEventCodes.ATTRIBUTE_AUTHENTICATION_METHOD, AuthenticationProtocol.this.currentMethod));
                    }
                }
                if (AuthenticationProtocol.log.isDebugEnabled()) {
                    AuthenticationProtocol.log.debug("Sent SSH_MSG_USERAUTH_FAILURE");
                }
            }

            public int getId() {
                return 51;
            }
        });
        this.authInProgress = false;
    }

    public void idle() {
    }
}
