package org.dcache.xdr.gss;

import java.io.IOException;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import javax.security.auth.Subject;
import org.dcache.utils.Opaque;
import org.dcache.xdr.RpcLoginService;
import org.dcache.xdr.XdrTransport;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.Oid;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/dcache/xdr/gss/GssSessionManager.class */
public class GssSessionManager {
    private static final Logger _log = LoggerFactory.getLogger(GssSessionManager.class);
    private final GSSCredential _serviceCredential;
    private final RpcLoginService _loginService;
    private final String KRB5_OID = "1.2.840.113554.1.2.2";
    private final GSSManager gManager = GSSManager.getInstance();
    private final Map<Opaque, GSSContext> sessions = new ConcurrentHashMap();

    public GssSessionManager(RpcLoginService rpcLoginService, String str, String str2) throws GSSException, IOException {
        System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");
        System.setProperty("java.security.auth.login.config", JaasConfigGenerator.generateJaasConfig(str, str2));
        this._serviceCredential = this.gManager.createCredential((GSSName) null, Integer.MAX_VALUE, new Oid("1.2.840.113554.1.2.2"), 2);
        this._loginService = rpcLoginService;
    }

    public GssSessionManager(RpcLoginService rpcLoginService) throws GSSException {
        System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");
        this._serviceCredential = this.gManager.createCredential((GSSName) null, Integer.MAX_VALUE, new Oid("1.2.840.113554.1.2.2"), 2);
        this._loginService = rpcLoginService;
    }

    public GSSContext createContext(byte[] bArr) throws GSSException {
        GSSContext createContext = this.gManager.createContext(this._serviceCredential);
        this.sessions.put(new Opaque(bArr), createContext);
        return createContext;
    }

    public GSSContext getContext(byte[] bArr) throws GSSException {
        GSSContext gSSContext = this.sessions.get(new Opaque(bArr));
        if (gSSContext == null) {
            throw new GSSException(12);
        }
        return gSSContext;
    }

    public GSSContext getEstablishedContext(byte[] bArr) throws GSSException {
        GSSContext context = getContext(bArr);
        if (context.isEstablished()) {
            return context;
        }
        throw new GSSException(12);
    }

    public GSSContext destroyContext(byte[] bArr) throws GSSException {
        GSSContext remove = this.sessions.remove(new Opaque(bArr));
        if (remove == null || !remove.isEstablished()) {
            throw new GSSException(12);
        }
        return remove;
    }

    public Subject subjectOf(XdrTransport xdrTransport, GSSContext gSSContext) {
        return this._loginService.login(xdrTransport, gSSContext);
    }
}
