package org.eclipse.hono.service.auth;

import io.vertx.core.AsyncResult;
import io.vertx.core.Future;
import io.vertx.core.Handler;
import io.vertx.core.json.JsonObject;
import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import java.util.Objects;
import javax.security.auth.login.CredentialException;
import org.eclipse.hono.auth.HonoUser;
import org.eclipse.hono.client.ClientErrorException;
import org.eclipse.hono.util.AuthenticationConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/eclipse/hono/service/auth/AbstractHonoAuthenticationService.class */
public abstract class AbstractHonoAuthenticationService<T> extends BaseAuthenticationService<T> {
    public static final String[] DEFAULT_SASL_MECHANISMS = {"EXTERNAL", "PLAIN"};
    protected final Logger log = LoggerFactory.getLogger(getClass());

    @Override // org.eclipse.hono.service.auth.AuthenticationService
    public String[] getSupportedSaslMechanisms() {
        return DEFAULT_SASL_MECHANISMS;
    }

    public static boolean isCompatibleSaslMechanism(String str) {
        return "EXTERNAL".equals(str) || "PLAIN".equals(str);
    }

    @Override // org.eclipse.hono.service.auth.AuthenticationService
    public final void authenticate(JsonObject jsonObject, Handler<AsyncResult<HonoUser>> handler) {
        String string = ((JsonObject) Objects.requireNonNull(jsonObject)).getString("mechanism");
        this.log.debug("received authentication request [mechanism: {}]", string);
        boolean contains = Arrays.asList(getSupportedSaslMechanisms()).contains(string);
        if (!contains || !"PLAIN".equals(string)) {
            if (!contains || !"EXTERNAL".equals(string)) {
                handler.handle(Future.failedFuture(new ClientErrorException(400, "unsupported SASL mechanism")));
                return;
            }
            String str = new String(jsonObject.getBinary("sasl-response"), StandardCharsets.UTF_8);
            String string2 = jsonObject.getString("subject-dn");
            this.log.debug("processing EXTERNAL authentication request [Subject DN: {}]", string2);
            verifyExternal(str, string2, handler);
            return;
        }
        try {
            String[] parseSaslResponse = AuthenticationConstants.parseSaslResponse(jsonObject.getBinary("sasl-response", new byte[0]));
            String str2 = parseSaslResponse[0];
            String str3 = parseSaslResponse[1];
            String str4 = parseSaslResponse[2];
            this.log.debug("processing PLAIN authentication request [authzid: {}, authcid: {}, pwd: *****]", str2, str3);
            verifyPlain(str2, str3, str4, handler);
        } catch (CredentialException e) {
            handler.handle(Future.failedFuture(new ClientErrorException(400, e)));
        }
    }

    public abstract void verifyPlain(String str, String str2, String str3, Handler<AsyncResult<HonoUser>> handler);

    public abstract void verifyExternal(String str, String str2, Handler<AsyncResult<HonoUser>> handler);

    public String toString() {
        return getClass().getSimpleName();
    }
}
