package org.dcache.dss;

import com.google.common.base.Function;
import com.google.common.base.Supplier;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.util.Objects;
import java.util.Optional;
import org.dcache.util.Args;
import org.ietf.jgss.ChannelBinding;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.Oid;

/* loaded from: input_file:org/dcache/dss/KerberosDssContextFactory.class */
public class KerberosDssContextFactory implements DssContextFactory {
    private final Function<GSSName, GSSContext> createInitialContext;
    private final Supplier<GSSContext> createAcceptingContext;
    private final Oid krb5Mechanism;
    private final GSSManager manager;
    private final GSSCredential credential;
    private final Optional<GSSName> peer;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/dcache/dss/KerberosDssContextFactory$WrappedGssException.class */
    public static class WrappedGssException extends RuntimeException {
        private static final long serialVersionUID = -4196646840625155999L;

        public WrappedGssException(GSSException gSSException) {
            super((Throwable) gSSException);
        }

        @Override // java.lang.Throwable
        public synchronized GSSException getCause() {
            return super.getCause();
        }
    }

    protected KerberosDssContextFactory(String str, Optional<String> optional) throws GSSException {
        this.createInitialContext = new Function<GSSName, GSSContext>() { // from class: org.dcache.dss.KerberosDssContextFactory.1
            public GSSContext apply(GSSName gSSName) {
                try {
                    return KerberosDssContextFactory.this.manager.createContext(gSSName, KerberosDssContextFactory.this.krb5Mechanism, KerberosDssContextFactory.this.credential, 0);
                } catch (GSSException e) {
                    throw new WrappedGssException(e);
                }
            }
        };
        this.createAcceptingContext = new Supplier<GSSContext>() { // from class: org.dcache.dss.KerberosDssContextFactory.2
            /* renamed from: get, reason: merged with bridge method [inline-methods] */
            public GSSContext m2get() {
                try {
                    return KerberosDssContextFactory.this.manager.createContext(KerberosDssContextFactory.this.credential);
                } catch (GSSException e) {
                    throw new WrappedGssException(e);
                }
            }
        };
        try {
            this.krb5Mechanism = new Oid("1.2.840.113554.1.2.2");
            this.manager = GSSManager.getInstance();
            this.credential = this.manager.createCredential(createName(str), 0, this.krb5Mechanism, 2);
            this.peer = optional.map(this::createName);
        } catch (WrappedGssException e) {
            throw e.getCause();
        }
    }

    public KerberosDssContextFactory(String str) throws GSSException {
        this(new Args(str));
    }

    public KerberosDssContextFactory(Args args) throws GSSException {
        this(args.argv(0), (Optional<String>) Optional.empty());
    }

    public KerberosDssContextFactory(String str, String str2) throws GSSException {
        this(str, (Optional<String>) Optional.of(str2));
    }

    @Override // org.dcache.dss.DssContextFactory
    public DssContext create(InetSocketAddress inetSocketAddress, InetSocketAddress inetSocketAddress2) throws IOException {
        try {
            Optional<GSSName> optional = this.peer;
            Function<GSSName, GSSContext> function = this.createInitialContext;
            Objects.requireNonNull(function);
            Optional<U> map = optional.map((v1) -> {
                return r1.apply(v1);
            });
            Supplier<GSSContext> supplier = this.createAcceptingContext;
            Objects.requireNonNull(supplier);
            GSSContext gSSContext = (GSSContext) map.orElseGet(supplier::get);
            gSSContext.setChannelBinding(new ChannelBinding(inetSocketAddress.getAddress(), inetSocketAddress2.getAddress(), (byte[]) null));
            return new KerberosDssContext(gSSContext);
        } catch (GSSException e) {
            throw new IOException((Throwable) e);
        } catch (WrappedGssException e2) {
            throw new IOException((Throwable) e2.getCause());
        }
    }

    private GSSName createName(String str) {
        try {
            return this.manager.createName(str, (Oid) null);
        } catch (GSSException e) {
            throw new WrappedGssException(e);
        }
    }
}
