package com.crystaldecisions.sdk.plugin.authentication.secwinad.internal;

import com.businessobjects.foundation.logging.ILogger;
import com.businessobjects.foundation.logging.LoggerManager;
import java.security.PrivilegedAction;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.Oid;

/* loaded from: input_file:lib/XMLConnector.jar:lib/cecore.jar:com/crystaldecisions/sdk/plugin/authentication/secwinad/internal/SecWinADAction.class */
public class SecWinADAction implements PrivilegedAction {
    private static final ILogger LOG = LoggerManager.getLogger("com.crystaldecisions.sdk.plugin.authentication.ldap.internal.SecWinADAction");
    private static final String KRB5_MECHANISM_OID = "1.2.840.113554.1.2.2";
    private static final String KRB5_PRINCIPALNAMETYPE_OID = "1.2.840.113554.1.2.2.1";
    private String m_userName;
    private SecWinADParameters m_param;
    private GSSContext m_context;
    private GSSCredential m_userCreds;
    private GSSManager m_manager;
    private boolean m_initialized = false;
    private byte[] m_token = new byte[0];

    public void setName(String str) {
        this.m_userName = str;
    }

    public String getName() {
        return this.m_userName;
    }

    public void setParam(SecWinADParameters secWinADParameters) {
        this.m_param = secWinADParameters;
    }

    public SecWinADParameters getParam() {
        return this.m_param;
    }

    public void setToken(byte[] bArr) {
        this.m_token = bArr;
    }

    public void setCredential(GSSCredential gSSCredential) {
        this.m_userCreds = gSSCredential;
    }

    public void setManager(GSSManager gSSManager) {
        this.m_manager = gSSManager;
    }

    @Override // java.security.PrivilegedAction
    public Object run() {
        try {
            if (!this.m_initialized) {
                if (this.m_manager == null) {
                    this.m_manager = GSSManager.getInstance();
                }
                Oid oid = new Oid(KRB5_MECHANISM_OID);
                GSSName createName = this.m_manager.createName(this.m_param.m_SERVER_SSPI_SPN, new Oid(KRB5_PRINCIPALNAMETYPE_OID));
                if (this.m_userCreds == null) {
                    this.m_userCreds = this.m_manager.createCredential(this.m_manager.createName(getName(), GSSName.NT_USER_NAME), Integer.MAX_VALUE, oid, 1);
                }
                this.m_context = this.m_manager.createContext(createName, oid, this.m_userCreds, Integer.MAX_VALUE);
                this.m_initialized = true;
                this.m_context.requestMutualAuth(true);
                if (this.m_param.m_CACHE_SECCONTEXT) {
                    this.m_context.requestCredDeleg(true);
                }
            }
            if (this.m_context.isEstablished()) {
                return null;
            }
            if (this.m_token == null) {
                this.m_token = new byte[0];
            }
            byte[] initSecContext = this.m_context.initSecContext(this.m_token, 0, this.m_token.length);
            if (LOG.isDebugEnabled() && this.m_context.isEstablished()) {
                if (this.m_context.getCredDelegState()) {
                    LOG.debug("context state: CredDeleg is on");
                } else {
                    LOG.debug("context state: CredDeleg is off");
                }
                if (this.m_context.getMutualAuthState()) {
                    LOG.debug("context stat: MutualAuth is on");
                } else {
                    LOG.debug("context stat: MutalAuth is off");
                }
            }
            return initSecContext;
        } catch (GSSException e) {
            LOG.error(new StringBuffer().append("LoginContext failed. ").append(e.getMessage()).toString());
            return e;
        }
    }

    public void release() {
        if (this.m_context != null) {
            try {
                this.m_context.dispose();
                this.m_context = null;
                this.m_userCreds = null;
                this.m_initialized = false;
                this.m_token = null;
            } catch (GSSException e) {
                LOG.error(new StringBuffer().append("Can't dispose LoginContext. ").append(e.getMessage()).toString());
            }
        }
    }

    protected void finalize() {
        release();
    }
}
