package org.apache.directory.server.changepw.protocol;

import java.io.UnsupportedEncodingException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.nio.ByteBuffer;
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.changepw.ChangePasswordServer;
import org.apache.directory.server.changepw.exceptions.ChangePasswordException;
import org.apache.directory.server.changepw.exceptions.ErrorType;
import org.apache.directory.server.changepw.messages.ChangePasswordErrorModifier;
import org.apache.directory.server.changepw.messages.ChangePasswordRequest;
import org.apache.directory.server.changepw.service.ChangePasswordContext;
import org.apache.directory.server.changepw.service.ChangePasswordService;
import org.apache.directory.server.i18n.I18n;
import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
import org.apache.directory.server.kerberos.shared.messages.ErrorMessage;
import org.apache.directory.server.kerberos.shared.messages.ErrorMessageModifier;
import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
import org.apache.directory.server.kerberos.shared.store.PrincipalStore;
import org.apache.mina.core.service.IoHandler;
import org.apache.mina.core.session.IdleStatus;
import org.apache.mina.core.session.IoSession;
import org.apache.mina.filter.codec.ProtocolCodecFilter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* JADX WARN: Classes with same name are omitted:
  input_file:resources/libs/apacheds-1.5.3/apacheds-protocol-changepw-1.5.3.jar:org/apache/directory/server/changepw/protocol/ChangePasswordProtocolHandler.class
  input_file:resources/libs/apacheds-1.5.4/apacheds-protocol-changepw-1.5.4.jar:org/apache/directory/server/changepw/protocol/ChangePasswordProtocolHandler.class
  input_file:resources/libs/apacheds-1.5.5/apacheds-protocol-changepw-1.5.5.jar:org/apache/directory/server/changepw/protocol/ChangePasswordProtocolHandler.class
 */
/* loaded from: input_file:resources/libs/apacheds-1.5.6/apacheds-protocol-changepw-1.5.6.jar:org/apache/directory/server/changepw/protocol/ChangePasswordProtocolHandler.class */
public class ChangePasswordProtocolHandler implements IoHandler {
    private static final Logger log = LoggerFactory.getLogger(ChangePasswordProtocolHandler.class);
    private ChangePasswordServer config;
    private PrincipalStore store;
    private String contextKey = "context";

    public ChangePasswordProtocolHandler(ChangePasswordServer changePasswordServer, PrincipalStore principalStore) {
        this.config = changePasswordServer;
        this.store = principalStore;
    }

    @Override // org.apache.mina.core.service.IoHandler
    public void sessionCreated(IoSession ioSession) throws Exception {
        if (log.isDebugEnabled()) {
            log.debug("{} CREATED:  {}", ioSession.getRemoteAddress(), ioSession.getTransportMetadata());
        }
        if (ioSession.getTransportMetadata().isConnectionless()) {
            ioSession.getFilterChain().addFirst("codec", new ProtocolCodecFilter(ChangePasswordUdpProtocolCodecFactory.getInstance()));
        } else {
            ioSession.getFilterChain().addFirst("codec", new ProtocolCodecFilter(ChangePasswordTcpProtocolCodecFactory.getInstance()));
        }
    }

    @Override // org.apache.mina.core.service.IoHandler
    public void sessionOpened(IoSession ioSession) {
        log.debug("{} OPENED", ioSession.getRemoteAddress());
    }

    @Override // org.apache.mina.core.service.IoHandler
    public void sessionClosed(IoSession ioSession) {
        log.debug("{} CLOSED", ioSession.getRemoteAddress());
    }

    @Override // org.apache.mina.core.service.IoHandler
    public void sessionIdle(IoSession ioSession, IdleStatus idleStatus) {
        log.debug("{} IDLE ({})", ioSession.getRemoteAddress(), idleStatus);
    }

    @Override // org.apache.mina.core.service.IoHandler
    public void exceptionCaught(IoSession ioSession, Throwable th) {
        log.debug(ioSession.getRemoteAddress() + " EXCEPTION", th);
        ioSession.close(true);
    }

    @Override // org.apache.mina.core.service.IoHandler
    public void messageReceived(IoSession ioSession, Object obj) {
        log.debug("{} RCVD:  {}", ioSession.getRemoteAddress(), obj);
        InetAddress address = ((InetSocketAddress) ioSession.getRemoteAddress()).getAddress();
        ChangePasswordRequest changePasswordRequest = (ChangePasswordRequest) obj;
        try {
            ChangePasswordContext changePasswordContext = new ChangePasswordContext();
            changePasswordContext.setConfig(this.config);
            changePasswordContext.setStore(this.store);
            changePasswordContext.setClientAddress(address);
            changePasswordContext.setRequest(changePasswordRequest);
            ioSession.setAttribute(getContextKey(), changePasswordContext);
            ChangePasswordService.execute(ioSession, changePasswordContext);
            ioSession.write(changePasswordContext.getReply());
        } catch (KerberosException e) {
            if (log.isDebugEnabled()) {
                log.warn(e.getLocalizedMessage(), (Throwable) e);
            } else {
                log.warn(e.getLocalizedMessage());
            }
            ErrorMessage errorMessage = getErrorMessage(this.config.getServicePrincipal(), e);
            ChangePasswordErrorModifier changePasswordErrorModifier = new ChangePasswordErrorModifier();
            changePasswordErrorModifier.setErrorMessage(errorMessage);
            ioSession.write(changePasswordErrorModifier.getChangePasswordError());
        } catch (Exception e2) {
            log.error(I18n.err(I18n.ERR_152, e2.getLocalizedMessage()), (Throwable) e2);
            ioSession.write(getErrorMessage(this.config.getServicePrincipal(), new ChangePasswordException(ErrorType.KRB5_KPASSWD_UNKNOWN_ERROR)));
        }
    }

    @Override // org.apache.mina.core.service.IoHandler
    public void messageSent(IoSession ioSession, Object obj) {
        if (log.isDebugEnabled()) {
            log.debug("{} SENT:  {}", ioSession.getRemoteAddress(), obj);
        }
    }

    protected String getContextKey() {
        return this.contextKey;
    }

    private ErrorMessage getErrorMessage(KerberosPrincipal kerberosPrincipal, KerberosException kerberosException) {
        ErrorMessageModifier errorMessageModifier = new ErrorMessageModifier();
        KerberosTime kerberosTime = new KerberosTime();
        errorMessageModifier.setErrorCode(kerberosException.getErrorCode());
        errorMessageModifier.setExplanatoryText(kerberosException.getLocalizedMessage());
        errorMessageModifier.setServerPrincipal(kerberosPrincipal);
        errorMessageModifier.setServerTime(kerberosTime);
        errorMessageModifier.setServerMicroSecond(0);
        errorMessageModifier.setExplanatoryData(buildExplanatoryData(kerberosException));
        return errorMessageModifier.getErrorMessage();
    }

    private byte[] buildExplanatoryData(KerberosException kerberosException) {
        short errorCode = (short) kerberosException.getErrorCode();
        byte[] bArr = {0};
        if (kerberosException.getExplanatoryData() == null || kerberosException.getExplanatoryData().length == 0) {
            try {
                bArr = kerberosException.getLocalizedMessage().getBytes("UTF-8");
            } catch (UnsupportedEncodingException e) {
                log.error(e.getLocalizedMessage());
            }
        } else {
            bArr = kerberosException.getExplanatoryData();
        }
        ByteBuffer allocate = ByteBuffer.allocate(256);
        allocate.putShort(errorCode);
        allocate.put(bArr);
        allocate.flip();
        byte[] bArr2 = new byte[allocate.remaining()];
        allocate.get(bArr2, 0, bArr2.length);
        return bArr2;
    }
}
