package org.jivesoftware.openfire.sasl;

import java.nio.charset.StandardCharsets;
import java.util.StringTokenizer;
import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;
import org.jivesoftware.util.JiveGlobals;
import org.jivesoftware.util.StringUtils;

/* loaded from: input_file:org/jivesoftware/openfire/sasl/JiveSharedSecretSaslServer.class */
public class JiveSharedSecretSaslServer implements SaslServer {
    public static final String NAME = "JIVE-SHAREDSECRET";
    private boolean complete = false;

    public String getMechanismName() {
        return NAME;
    }

    public byte[] evaluateResponse(byte[] bArr) throws SaslException {
        if (isComplete()) {
            throw new IllegalStateException("Authentication exchange already completed.");
        }
        if (bArr == null || bArr.length == 0) {
            return new byte[0];
        }
        this.complete = true;
        StringTokenizer stringTokenizer = new StringTokenizer(new String(bArr, StandardCharsets.UTF_8), "��");
        stringTokenizer.nextToken();
        if (authenticateSharedSecret(stringTokenizer.nextToken())) {
            return null;
        }
        throw new SaslException("Authentication failed");
    }

    public boolean isComplete() {
        return this.complete;
    }

    public String getAuthorizationID() {
        if (isComplete()) {
            return null;
        }
        throw new IllegalStateException("Authentication exchange not completed.");
    }

    public byte[] unwrap(byte[] bArr, int i, int i2) throws SaslException {
        if (isComplete()) {
            throw new IllegalStateException("SASL Mechanism '" + getMechanismName() + " does not support integrity nor privacy.");
        }
        throw new IllegalStateException("Authentication exchange not completed.");
    }

    public byte[] wrap(byte[] bArr, int i, int i2) throws SaslException {
        if (isComplete()) {
            throw new IllegalStateException("SASL Mechanism '" + getMechanismName() + " does not support integrity nor privacy.");
        }
        throw new IllegalStateException("Authentication exchange not completed.");
    }

    public Object getNegotiatedProperty(String str) {
        if (!isComplete()) {
            throw new IllegalStateException("Authentication exchange not completed.");
        }
        if (str.equals("javax.security.sasl.qop")) {
            return "auth";
        }
        return null;
    }

    public void dispose() throws SaslException {
        this.complete = false;
    }

    public static boolean authenticateSharedSecret(String str) {
        if (isSharedSecretAllowed()) {
            return StringUtils.hash(getSharedSecret()).equals(str);
        }
        return false;
    }

    public static boolean isSharedSecretAllowed() {
        return JiveGlobals.getBooleanProperty("xmpp.auth.sharedSecretEnabled");
    }

    public static String getSharedSecret() {
        if (!isSharedSecretAllowed()) {
            return null;
        }
        String property = JiveGlobals.getProperty("xmpp.auth.sharedSecret");
        if (property == null) {
            property = StringUtils.randomString(8);
            JiveGlobals.setProperty("xmpp.auth.sharedSecret", property);
        }
        return property;
    }

    public static void setSharedSecretAllowed(boolean z) {
        JiveGlobals.setProperty("xmpp.auth.sharedSecretEnabled", z ? "true" : "false");
    }
}
