package com.maconomy.gss.server;

import com.maconomy.util.MByteSerializer;
import com.maconomy.util.xml.XmlAbstractListAttribute;
import java.io.IOException;
import java.security.PrivilegedAction;
import org.apache.xerces.impl.xs.SchemaSymbols;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;
import org.ietf.jgss.MessageProp;
import org.ietf.jgss.Oid;

/* loaded from: input_file:lib/Jaconomy.jar:com/maconomy/gss/server/GSSTicketVerifier.class */
public class GSSTicketVerifier implements PrivilegedAction {
    private final String tokenStr;
    private final boolean returnDomainName;
    private final boolean debug;

    public GSSTicketVerifier(String str, boolean z, boolean z2) {
        this.tokenStr = str;
        this.returnDomainName = z;
        this.debug = z2;
    }

    @Override // java.security.PrivilegedAction
    public Object run() {
        try {
            if (this.debug) {
                System.setProperty("sun.security.krb5.debug", SchemaSymbols.ATTVAL_TRUE);
            }
            GSSManager gSSManager = GSSManager.getInstance();
            new Oid("1.2.840.113554.1.2.2");
            GSSContext createContext = gSSManager.createContext((GSSCredential) null);
            byte[] convertStringToBytes = MByteSerializer.convertStringToBytes(this.tokenStr);
            byte[] acceptSecContext = createContext.acceptSecContext(convertStringToBytes, 0, convertStringToBytes.length);
            if (createContext.isEstablished()) {
                if (acceptSecContext != null && acceptSecContext.length > 0) {
                    System.err.println("Context established but I should send token to client for mutual verification");
                }
            } else {
                if (acceptSecContext != null && acceptSecContext.length > 0) {
                    KerberosServerPlugin.getOutputStream().print("2," + MByteSerializer.convertBytesToString(acceptSecContext) + ";");
                    return null;
                }
                KerberosServerPlugin.getOutputStream().print("-1, Error : Context not established but no return token given for client;");
                System.exit(-1);
            }
            if (this.debug) {
                try {
                    System.out.print("Context Established! ");
                    System.out.println("Client is " + createContext.getSrcName());
                    System.out.println("Server is " + createContext.getTargName());
                } catch (Throwable th) {
                }
            }
            int indexOf = createContext.getSrcName().toString().indexOf(64);
            String str = !this.returnDomainName ? "0," + createContext.getSrcName().toString().substring(0, indexOf) + ";" : "0," + createContext.getSrcName().toString().substring(0, indexOf) + XmlAbstractListAttribute.SEPARATOR + createContext.getSrcName().toString().substring(indexOf + 1) + ";";
            if (createContext.getMutualAuthState() && this.debug) {
                System.out.println("Mutual authentication took place!");
            }
            new MessageProp(0, false);
            createContext.dispose();
            if (str == null) {
                return null;
            }
            KerberosServerPlugin.getOutputStream().print(str);
            if (!this.debug) {
                return null;
            }
            System.out.println("Returning '" + str + "'");
            return null;
        } catch (IOException e) {
            System.out.println("Caught IOException");
            e.printStackTrace();
            KerberosServerPlugin.getOutputStream().print("-1," + e.getMessage() + ";");
            return null;
        } catch (GSSException e2) {
            System.out.println("Caught GSSException");
            e2.printStackTrace();
            KerberosServerPlugin.getOutputStream().print("1," + e2.getMessage() + ";");
            return null;
        }
    }
}
