package alluxio.security.authentication;

import alluxio.exception.status.UnauthenticatedException;
import alluxio.grpc.SaslMessage;
import alluxio.grpc.SaslMessageType;
import alluxio.shaded.client.com.google.common.base.Preconditions;
import alluxio.shaded.client.com.google.protobuf.ByteString;
import java.util.UUID;
import javax.security.sasl.SaslClient;
import javax.security.sasl.SaslException;

/* loaded from: input_file:alluxio/security/authentication/DefaultSaslHandshakeClientHandler.class */
public class DefaultSaslHandshakeClientHandler implements SaslHandshakeClientHandler {
    private static final byte[] S_INITIATE_CHALLENGE = new byte[0];
    private final SaslClientHandler mSaslClientHandler;
    private final SaslClient mSaslClient;

    public DefaultSaslHandshakeClientHandler(SaslClientHandler saslClientHandler) throws UnauthenticatedException {
        this.mSaslClientHandler = saslClientHandler;
        this.mSaslClient = this.mSaslClientHandler.getSaslClient();
    }

    @Override // alluxio.security.authentication.SaslHandshakeClientHandler
    public SaslMessage handleSaslMessage(SaslMessage saslMessage) throws SaslException {
        switch (saslMessage.getMessageType()) {
            case CHALLENGE:
                byte[] evaluateChallenge = this.mSaslClient.evaluateChallenge(saslMessage.getMessage().toByteArray());
                SaslMessage.Builder messageType = SaslMessage.newBuilder().setMessageType(SaslMessageType.CHALLENGE);
                if (evaluateChallenge != null) {
                    messageType.setMessage(ByteString.copyFrom(evaluateChallenge));
                }
                return messageType.build();
            case SUCCESS:
                if (saslMessage.hasMessage()) {
                    this.mSaslClient.evaluateChallenge(saslMessage.getMessage().toByteArray());
                }
                Preconditions.checkArgument(this.mSaslClient.isComplete());
                return null;
            default:
                throw new SaslException("Client can't process Sasl message type:" + saslMessage.getMessageType().name());
        }
    }

    @Override // alluxio.security.authentication.SaslHandshakeClientHandler
    public SaslMessage getInitialMessage(UUID uuid) throws SaslException {
        byte[] bArr = null;
        if (this.mSaslClientHandler.getSaslClient().hasInitialResponse()) {
            bArr = this.mSaslClient.evaluateChallenge(S_INITIATE_CHALLENGE);
        }
        SaslMessage.Builder authenticationScheme = SaslMessage.newBuilder().setMessageType(SaslMessageType.CHALLENGE).setAuthenticationScheme(this.mSaslClientHandler.getClientScheme());
        if (bArr != null) {
            authenticationScheme.setMessage(ByteString.copyFrom(bArr));
        }
        authenticationScheme.setClientId(uuid.toString());
        return authenticationScheme.build();
    }
}
