package org.apache.storm.messaging.netty;

import java.io.IOException;
import java.util.Map;
import org.apache.storm.shade.org.jboss.netty.channel.Channel;
import org.apache.storm.shade.org.jboss.netty.channel.ChannelHandlerContext;
import org.apache.storm.shade.org.jboss.netty.channel.ChannelStateEvent;
import org.apache.storm.shade.org.jboss.netty.channel.Channels;
import org.apache.storm.shade.org.jboss.netty.channel.MessageEvent;
import org.apache.storm.shade.org.jboss.netty.channel.SimpleChannelUpstreamHandler;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/storm/messaging/netty/KerberosSaslClientHandler.class */
public class KerberosSaslClientHandler extends SimpleChannelUpstreamHandler {
    private static final Logger LOG = LoggerFactory.getLogger(KerberosSaslClientHandler.class);
    private ISaslClient client;
    long start_time = System.currentTimeMillis();
    private Map storm_conf;
    private String jaas_section;
    private String host;

    public KerberosSaslClientHandler(ISaslClient iSaslClient, Map map, String str, String str2) throws IOException {
        this.client = iSaslClient;
        this.storm_conf = map;
        this.jaas_section = str;
        this.host = str2;
    }

    @Override // org.apache.storm.shade.org.jboss.netty.channel.SimpleChannelUpstreamHandler
    public void channelConnected(ChannelHandlerContext channelHandlerContext, ChannelStateEvent channelStateEvent) {
        Channel channel = channelHandlerContext.getChannel();
        this.client.channelConnected(channel);
        LOG.info("Connection established from {} to {}", channel.getLocalAddress(), channel.getRemoteAddress());
        try {
            KerberosSaslNettyClient kerberosSaslNettyClient = KerberosSaslNettyClientState.getKerberosSaslNettyClient.get(channel);
            if (kerberosSaslNettyClient == null) {
                LOG.debug("Creating saslNettyClient now for channel: {}", channel);
                kerberosSaslNettyClient = new KerberosSaslNettyClient(this.storm_conf, this.jaas_section, this.host);
                KerberosSaslNettyClientState.getKerberosSaslNettyClient.set(channel, kerberosSaslNettyClient);
            }
            LOG.debug("Going to initiate Kerberos negotiations.");
            byte[] saslResponse = kerberosSaslNettyClient.saslResponse(new SaslMessageToken(new byte[0]));
            LOG.debug("Sending initial challenge: {}", saslResponse);
            channel.write(new SaslMessageToken(saslResponse));
        } catch (Exception e) {
            LOG.error("Failed to authenticate with server due to error: ", e);
        }
    }

    @Override // org.apache.storm.shade.org.jboss.netty.channel.SimpleChannelUpstreamHandler
    public void messageReceived(ChannelHandlerContext channelHandlerContext, MessageEvent messageEvent) throws Exception {
        LOG.debug("send/recv time (ms): {}", Long.valueOf(System.currentTimeMillis() - this.start_time));
        Channel channel = channelHandlerContext.getChannel();
        KerberosSaslNettyClient kerberosSaslNettyClient = KerberosSaslNettyClientState.getKerberosSaslNettyClient.get(channel);
        if (kerberosSaslNettyClient == null) {
            throw new Exception("saslNettyClient was unexpectedly null for channel:" + channel);
        }
        if (messageEvent.getMessage() instanceof ControlMessage) {
            ControlMessage controlMessage = (ControlMessage) messageEvent.getMessage();
            if (controlMessage != ControlMessage.SASL_COMPLETE_REQUEST) {
                LOG.warn("Unexpected control message: {}", controlMessage);
                return;
            }
            LOG.debug("Server has sent us the SaslComplete message. Allowing normal work to proceed.");
            if (!kerberosSaslNettyClient.isComplete()) {
                LOG.error("Server returned a Sasl-complete message, but as far as we can tell, we are not authenticated yet.");
                throw new Exception("Server returned a Sasl-complete message, but as far as we can tell, we are not authenticated yet.");
            }
            channelHandlerContext.getPipeline().remove(this);
            this.client.channelReady();
            Channels.fireMessageReceived(channelHandlerContext, controlMessage);
            return;
        }
        if (!(messageEvent.getMessage() instanceof SaslMessageToken)) {
            LOG.error("Unexpected message from server: {}", messageEvent.getMessage());
            return;
        }
        SaslMessageToken saslMessageToken = (SaslMessageToken) messageEvent.getMessage();
        LOG.debug("Responding to server's token of length: {}", Integer.valueOf(saslMessageToken.getSaslToken().length));
        byte[] saslResponse = kerberosSaslNettyClient.saslResponse(saslMessageToken);
        if (saslResponse != null) {
            LOG.debug("Response to server token has length: {}", Integer.valueOf(saslResponse.length));
            channel.write(new SaslMessageToken(saslResponse));
            return;
        }
        LOG.debug("Response to server is null: authentication should now be complete.");
        if (kerberosSaslNettyClient.isComplete()) {
            this.client.channelReady();
        } else {
            LOG.warn("Generated a null response, but authentication is not complete.");
            throw new Exception("Our reponse to the server is null, but as far as we can tell, we are not authenticated yet.");
        }
    }
}
