package com.unboundid.ldap.sdk;

import com.microsoft.identity.client.claims.WWWAuthenticateHeader;
import com.unboundid.asn1.ASN1OctetString;
import com.unboundid.util.Debug;
import com.unboundid.util.DebugType;
import com.unboundid.util.InternalUseOnly;
import com.unboundid.util.NotMutable;
import com.unboundid.util.StaticUtils;
import com.unboundid.util.ThreadSafety;
import com.unboundid.util.ThreadSafetyLevel;
import com.unboundid.util.Validator;
import java.io.File;
import java.io.FileWriter;
import java.io.PrintWriter;
import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.concurrent.atomic.AtomicReference;
import java.util.logging.Level;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.Configuration;
import javax.security.auth.login.LoginContext;
import javax.security.sasl.RealmCallback;
import javax.security.sasl.Sasl;
import microsoft.exchange.webservices.data.core.XmlElementNames;
import org.apache.commons.io.IOUtils;
import org.slf4j.helpers.MessageFormatter;
import vv.o;
import vv.u;

@ThreadSafety(level = ThreadSafetyLevel.NOT_THREADSAFE)
@NotMutable
/* loaded from: classes5.dex */
public final class GSSAPIBindRequest extends SASLBindRequest implements CallbackHandler, PrivilegedExceptionAction<Object> {
    public static final String GSSAPI_MECHANISM_NAME = "GSSAPI";
    private static final String PROPERTY_SUBJECT_CREDS_ONLY = "javax.security.auth.useSubjectCredsOnly";
    private static final long serialVersionUID = 2511890818146955112L;
    private final List<SASLQualityOfProtection> allowedQoP;
    private final String authenticationID;
    private final String authorizationID;
    private final String configFilePath;
    private final AtomicReference<LDAPConnection> conn;
    private final boolean enableGSSAPIDebugging;
    private final Boolean isInitiator;
    private final String jaasClientName;
    private final String kdcAddress;
    private final String keyTabPath;
    private int messageID;
    private final ASN1OctetString password;
    private final String realm;
    private final boolean refreshKrb5Config;
    private final boolean renewTGT;
    private final boolean requireCachedCredentials;
    private final String saslClientServerName;
    private final String servicePrincipalProtocol;
    private Set<String> suppressedSystemProperties;
    private final String ticketCachePath;
    private final List<String> unhandledCallbackMessages;
    private final boolean useKeyTab;
    private final boolean useSubjectCredentialsOnly;
    private final boolean useTicketCache;
    private static final String PROPERTY_CONFIG_FILE = "java.security.auth.login.config";
    private static final String DEFAULT_CONFIG_FILE = StaticUtils.getSystemProperty(PROPERTY_CONFIG_FILE);
    private static final String PROPERTY_KDC_ADDRESS = "java.security.krb5.kdc";
    private static final String DEFAULT_KDC_ADDRESS = StaticUtils.getSystemProperty(PROPERTY_KDC_ADDRESS);
    private static final String PROPERTY_REALM = "java.security.krb5.realm";
    private static final String DEFAULT_REALM = StaticUtils.getSystemProperty(PROPERTY_REALM);

    public GSSAPIBindRequest(GSSAPIBindRequestProperties gSSAPIBindRequestProperties, Control... controlArr) throws LDAPException {
        super(controlArr);
        Validator.ensureNotNull(gSSAPIBindRequestProperties);
        this.authenticationID = gSSAPIBindRequestProperties.getAuthenticationID();
        this.password = gSSAPIBindRequestProperties.getPassword();
        this.realm = gSSAPIBindRequestProperties.getRealm();
        this.allowedQoP = gSSAPIBindRequestProperties.getAllowedQoP();
        this.kdcAddress = gSSAPIBindRequestProperties.getKDCAddress();
        this.jaasClientName = gSSAPIBindRequestProperties.getJAASClientName();
        this.saslClientServerName = gSSAPIBindRequestProperties.getSASLClientServerName();
        this.servicePrincipalProtocol = gSSAPIBindRequestProperties.getServicePrincipalProtocol();
        this.enableGSSAPIDebugging = gSSAPIBindRequestProperties.enableGSSAPIDebugging();
        this.useKeyTab = gSSAPIBindRequestProperties.useKeyTab();
        this.useSubjectCredentialsOnly = gSSAPIBindRequestProperties.useSubjectCredentialsOnly();
        this.useTicketCache = gSSAPIBindRequestProperties.useTicketCache();
        this.requireCachedCredentials = gSSAPIBindRequestProperties.requireCachedCredentials();
        this.refreshKrb5Config = gSSAPIBindRequestProperties.refreshKrb5Config();
        this.renewTGT = gSSAPIBindRequestProperties.renewTGT();
        this.keyTabPath = gSSAPIBindRequestProperties.getKeyTabPath();
        this.ticketCachePath = gSSAPIBindRequestProperties.getTicketCachePath();
        this.isInitiator = gSSAPIBindRequestProperties.getIsInitiator();
        this.suppressedSystemProperties = gSSAPIBindRequestProperties.getSuppressedSystemProperties();
        this.unhandledCallbackMessages = new ArrayList(5);
        this.conn = new AtomicReference<>();
        this.messageID = -1;
        String authorizationID = gSSAPIBindRequestProperties.getAuthorizationID();
        if (authorizationID == null) {
            this.authorizationID = null;
        } else {
            this.authorizationID = authorizationID;
        }
        String configFilePath = gSSAPIBindRequestProperties.getConfigFilePath();
        if (configFilePath != null) {
            this.configFilePath = configFilePath;
            return;
        }
        String str = DEFAULT_CONFIG_FILE;
        if (str == null) {
            this.configFilePath = getConfigFilePath(gSSAPIBindRequestProperties);
        } else {
            this.configFilePath = str;
        }
    }

    public GSSAPIBindRequest(String str, String str2) throws LDAPException {
        this(new GSSAPIBindRequestProperties(str, str2), new Control[0]);
    }

    public GSSAPIBindRequest(String str, String str2, String str3, String str4, String str5, String str6) throws LDAPException {
        this(new GSSAPIBindRequestProperties(str, str2, new ASN1OctetString(str3), str4, str5, str6), new Control[0]);
    }

    public GSSAPIBindRequest(String str, String str2, String str3, String str4, String str5, String str6, Control[] controlArr) throws LDAPException {
        this(new GSSAPIBindRequestProperties(str, str2, new ASN1OctetString(str3), str4, str5, str6), controlArr);
    }

    public GSSAPIBindRequest(String str, String str2, byte[] bArr, String str3, String str4, String str5) throws LDAPException {
        this(new GSSAPIBindRequestProperties(str, str2, new ASN1OctetString(bArr), str3, str4, str5), new Control[0]);
    }

    public GSSAPIBindRequest(String str, String str2, byte[] bArr, String str3, String str4, String str5, Control[] controlArr) throws LDAPException {
        this(new GSSAPIBindRequestProperties(str, str2, new ASN1OctetString(bArr), str3, str4, str5), controlArr);
    }

    public GSSAPIBindRequest(String str, String str2, Control[] controlArr) throws LDAPException {
        this(new GSSAPIBindRequestProperties(str, str2), controlArr);
    }

    public GSSAPIBindRequest(String str, byte[] bArr) throws LDAPException {
        this(new GSSAPIBindRequestProperties(str, bArr), new Control[0]);
    }

    public GSSAPIBindRequest(String str, byte[] bArr, Control[] controlArr) throws LDAPException {
        this(new GSSAPIBindRequestProperties(str, bArr), controlArr);
    }

    private void clearProperty(String str) {
        if (this.suppressedSystemProperties.contains(str)) {
            return;
        }
        StaticUtils.clearSystemProperty(str);
    }

    private static String getConfigFilePath(GSSAPIBindRequestProperties gSSAPIBindRequestProperties) throws LDAPException {
        try {
            File createTempFile = File.createTempFile("GSSAPIBindRequest-JAAS-Config-", ".conf");
            createTempFile.deleteOnExit();
            PrintWriter printWriter = new PrintWriter(new FileWriter(createTempFile));
            try {
                try {
                    Class.forName("com.sun.security.auth.module.Krb5LoginModule");
                    writeSunJAASConfig(printWriter, gSSAPIBindRequestProperties);
                    String absolutePath = createTempFile.getAbsolutePath();
                    printWriter.close();
                    return absolutePath;
                } catch (ClassNotFoundException e11) {
                    Debug.debugException(e11);
                    try {
                        Class.forName("com.ibm.security.auth.module.Krb5LoginModule");
                        writeIBMJAASConfig(printWriter, gSSAPIBindRequestProperties);
                        String absolutePath2 = createTempFile.getAbsolutePath();
                        printWriter.close();
                        return absolutePath2;
                    } catch (ClassNotFoundException e12) {
                        Debug.debugException(e12);
                        throw new LDAPException(ResultCode.LOCAL_ERROR, o.ERR_GSSAPI_CANNOT_CREATE_JAAS_CONFIG.b(o.ERR_GSSAPI_NO_SUPPORTED_JAAS_MODULE.a()));
                    }
                }
            } catch (Throwable th2) {
                printWriter.close();
                throw th2;
            }
        } catch (LDAPException e13) {
            Debug.debugException(e13);
            throw e13;
        } catch (Exception e14) {
            Debug.debugException(e14);
            throw new LDAPException(ResultCode.LOCAL_ERROR, o.ERR_GSSAPI_CANNOT_CREATE_JAAS_CONFIG.b(StaticUtils.getExceptionMessage(e14)), e14);
        }
    }

    private void setProperty(String str, String str2) {
        if (this.suppressedSystemProperties.contains(str)) {
            return;
        }
        StaticUtils.setSystemProperty(str, str2);
    }

    private static void writeIBMJAASConfig(PrintWriter printWriter, GSSAPIBindRequestProperties gSSAPIBindRequestProperties) {
        printWriter.println(gSSAPIBindRequestProperties.getJAASClientName() + " {");
        printWriter.println("  com.ibm.security.auth.module.Krb5LoginModule required");
        if (gSSAPIBindRequestProperties.getIsInitiator() == null || gSSAPIBindRequestProperties.getIsInitiator().booleanValue()) {
            printWriter.println("  credsType=initiator");
        } else {
            printWriter.println("  credsType=acceptor");
        }
        if (gSSAPIBindRequestProperties.refreshKrb5Config()) {
            printWriter.println("  refreshKrb5Config=true");
        }
        if (gSSAPIBindRequestProperties.useKeyTab()) {
            printWriter.println("  useKeyTab=true");
            if (gSSAPIBindRequestProperties.getKeyTabPath() != null) {
                printWriter.println("  keyTab=\"" + gSSAPIBindRequestProperties.getKeyTabPath() + '\"');
            }
        }
        if (gSSAPIBindRequestProperties.useTicketCache()) {
            String ticketCachePath = gSSAPIBindRequestProperties.getTicketCachePath();
            if (ticketCachePath != null) {
                printWriter.println("  useCcache=\"file://" + new File(ticketCachePath).getAbsolutePath().replace('\\', IOUtils.DIR_SEPARATOR_UNIX) + '\"');
            } else if (gSSAPIBindRequestProperties.requireCachedCredentials()) {
                printWriter.println("  useDefaultCcache=true");
            }
        } else {
            printWriter.println("  useDefaultCcache=false");
        }
        if (gSSAPIBindRequestProperties.enableGSSAPIDebugging()) {
            printWriter.println(" debug=true");
        }
        printWriter.println("  ;");
        printWriter.println("};");
    }

    private static void writeSunJAASConfig(PrintWriter printWriter, GSSAPIBindRequestProperties gSSAPIBindRequestProperties) {
        printWriter.println(gSSAPIBindRequestProperties.getJAASClientName() + " {");
        printWriter.println("  com.sun.security.auth.module.Krb5LoginModule required");
        printWriter.println("  client=true");
        if (gSSAPIBindRequestProperties.getIsInitiator() != null) {
            printWriter.println("  isInitiator=" + gSSAPIBindRequestProperties.getIsInitiator());
        }
        if (gSSAPIBindRequestProperties.refreshKrb5Config()) {
            printWriter.println("  refreshKrb5Config=true");
        }
        if (gSSAPIBindRequestProperties.useKeyTab()) {
            printWriter.println("  useKeyTab=true");
            if (gSSAPIBindRequestProperties.getKeyTabPath() != null) {
                printWriter.println("  keyTab=\"" + gSSAPIBindRequestProperties.getKeyTabPath() + '\"');
            }
        }
        if (gSSAPIBindRequestProperties.useTicketCache()) {
            printWriter.println("  useTicketCache=true");
            printWriter.println("  renewTGT=" + gSSAPIBindRequestProperties.renewTGT());
            printWriter.println("  doNotPrompt=" + gSSAPIBindRequestProperties.requireCachedCredentials());
            String ticketCachePath = gSSAPIBindRequestProperties.getTicketCachePath();
            if (ticketCachePath != null) {
                printWriter.println("  ticketCache=\"" + ticketCachePath + '\"');
            }
        } else {
            printWriter.println("  useTicketCache=false");
        }
        if (gSSAPIBindRequestProperties.enableGSSAPIDebugging()) {
            printWriter.println(" debug=true");
        }
        printWriter.println("  ;");
        printWriter.println("};");
    }

    @Override // com.unboundid.ldap.sdk.BindRequest, com.unboundid.ldap.sdk.ReadOnlyLDAPRequest
    public GSSAPIBindRequest duplicate() {
        return duplicate(getControls());
    }

    @Override // com.unboundid.ldap.sdk.BindRequest, com.unboundid.ldap.sdk.ReadOnlyLDAPRequest
    public GSSAPIBindRequest duplicate(Control[] controlArr) {
        try {
            GSSAPIBindRequestProperties gSSAPIBindRequestProperties = new GSSAPIBindRequestProperties(this.authenticationID, this.authorizationID, this.password, this.realm, this.kdcAddress, this.configFilePath);
            gSSAPIBindRequestProperties.setAllowedQoP(this.allowedQoP);
            gSSAPIBindRequestProperties.setServicePrincipalProtocol(this.servicePrincipalProtocol);
            gSSAPIBindRequestProperties.setUseTicketCache(this.useTicketCache);
            gSSAPIBindRequestProperties.setRequireCachedCredentials(this.requireCachedCredentials);
            gSSAPIBindRequestProperties.setRenewTGT(this.renewTGT);
            gSSAPIBindRequestProperties.setRefreshKrb5Config(this.refreshKrb5Config);
            gSSAPIBindRequestProperties.setUseKeyTab(this.useKeyTab);
            gSSAPIBindRequestProperties.setKeyTabPath(this.keyTabPath);
            gSSAPIBindRequestProperties.setUseSubjectCredentialsOnly(this.useSubjectCredentialsOnly);
            gSSAPIBindRequestProperties.setTicketCachePath(this.ticketCachePath);
            gSSAPIBindRequestProperties.setEnableGSSAPIDebugging(this.enableGSSAPIDebugging);
            gSSAPIBindRequestProperties.setJAASClientName(this.jaasClientName);
            gSSAPIBindRequestProperties.setSASLClientServerName(this.saslClientServerName);
            gSSAPIBindRequestProperties.setIsInitiator(this.isInitiator);
            gSSAPIBindRequestProperties.setSuppressedSystemProperties(this.suppressedSystemProperties);
            GSSAPIBindRequest gSSAPIBindRequest = new GSSAPIBindRequest(gSSAPIBindRequestProperties, controlArr);
            gSSAPIBindRequest.setResponseTimeoutMillis(getResponseTimeoutMillis(null));
            return gSSAPIBindRequest;
        } catch (Exception e11) {
            Debug.debugException(e11);
            return null;
        }
    }

    public boolean enableGSSAPIDebugging() {
        return this.enableGSSAPIDebugging;
    }

    public List<SASLQualityOfProtection> getAllowedQoP() {
        return this.allowedQoP;
    }

    public String getAuthenticationID() {
        return this.authenticationID;
    }

    public String getAuthorizationID() {
        return this.authorizationID;
    }

    public String getConfigFilePath() {
        return this.configFilePath;
    }

    public Boolean getIsInitiator() {
        return this.isInitiator;
    }

    public String getKDCAddress() {
        return this.kdcAddress;
    }

    public String getKeyTabPath() {
        return this.keyTabPath;
    }

    @Override // com.unboundid.ldap.sdk.SASLBindRequest, com.unboundid.ldap.sdk.LDAPRequest
    public int getLastMessageID() {
        return this.messageID;
    }

    public byte[] getPasswordBytes() {
        ASN1OctetString aSN1OctetString = this.password;
        if (aSN1OctetString == null) {
            return null;
        }
        return aSN1OctetString.getValue();
    }

    public String getPasswordString() {
        ASN1OctetString aSN1OctetString = this.password;
        if (aSN1OctetString == null) {
            return null;
        }
        return aSN1OctetString.stringValue();
    }

    public String getRealm() {
        return this.realm;
    }

    @Override // com.unboundid.ldap.sdk.BindRequest
    public GSSAPIBindRequest getRebindRequest(String str, int i11) {
        try {
            GSSAPIBindRequestProperties gSSAPIBindRequestProperties = new GSSAPIBindRequestProperties(this.authenticationID, this.authorizationID, this.password, this.realm, this.kdcAddress, this.configFilePath);
            gSSAPIBindRequestProperties.setAllowedQoP(this.allowedQoP);
            gSSAPIBindRequestProperties.setServicePrincipalProtocol(this.servicePrincipalProtocol);
            gSSAPIBindRequestProperties.setUseTicketCache(this.useTicketCache);
            gSSAPIBindRequestProperties.setRequireCachedCredentials(this.requireCachedCredentials);
            gSSAPIBindRequestProperties.setRenewTGT(this.renewTGT);
            gSSAPIBindRequestProperties.setUseSubjectCredentialsOnly(this.useSubjectCredentialsOnly);
            gSSAPIBindRequestProperties.setTicketCachePath(this.ticketCachePath);
            gSSAPIBindRequestProperties.setEnableGSSAPIDebugging(this.enableGSSAPIDebugging);
            gSSAPIBindRequestProperties.setJAASClientName(this.jaasClientName);
            gSSAPIBindRequestProperties.setSASLClientServerName(this.saslClientServerName);
            gSSAPIBindRequestProperties.setSuppressedSystemProperties(this.suppressedSystemProperties);
            return new GSSAPIBindRequest(gSSAPIBindRequestProperties, getControls());
        } catch (Exception e11) {
            Debug.debugException(e11);
            return null;
        }
    }

    @Override // com.unboundid.ldap.sdk.SASLBindRequest
    public String getSASLMechanismName() {
        return GSSAPI_MECHANISM_NAME;
    }

    public String getServicePrincipalProtocol() {
        return this.servicePrincipalProtocol;
    }

    public Set<String> getSuppressedSystemProperties() {
        return this.suppressedSystemProperties;
    }

    public String getTicketCachePath() {
        return this.ticketCachePath;
    }

    @Override // javax.security.auth.callback.CallbackHandler
    @InternalUseOnly
    public void handle(Callback[] callbackArr) throws UnsupportedCallbackException {
        for (Callback callback : callbackArr) {
            if (callback instanceof NameCallback) {
                ((NameCallback) callback).setName(this.authenticationID);
            } else if (callback instanceof PasswordCallback) {
                ASN1OctetString aSN1OctetString = this.password;
                if (aSN1OctetString == null) {
                    throw new UnsupportedCallbackException(callback, o.ERR_GSSAPI_NO_PASSWORD_AVAILABLE.a());
                }
                ((PasswordCallback) callback).setPassword(aSN1OctetString.stringValue().toCharArray());
            } else if (callback instanceof RealmCallback) {
                RealmCallback realmCallback = (RealmCallback) callback;
                String str = this.realm;
                if (str == null) {
                    this.unhandledCallbackMessages.add(o.ERR_GSSAPI_REALM_REQUIRED_BUT_NONE_PROVIDED.b(realmCallback.getPrompt()));
                } else {
                    realmCallback.setText(str);
                }
            } else {
                DebugType debugType = DebugType.LDAP;
                if (Debug.debugEnabled(debugType)) {
                    Debug.debug(Level.WARNING, debugType, "Unexpected GSSAPI SASL callback of type " + callback.getClass().getName());
                }
                this.unhandledCallbackMessages.add(o.ERR_GSSAPI_UNEXPECTED_CALLBACK.b(callback.getClass().getName()));
            }
        }
    }

    @Override // com.unboundid.ldap.sdk.BindRequest, com.unboundid.ldap.sdk.LDAPRequest
    public BindResult process(LDAPConnection lDAPConnection, int i11) throws LDAPException {
        if (!this.conn.compareAndSet(null, lDAPConnection)) {
            throw new LDAPException(ResultCode.LOCAL_ERROR, o.ERR_GSSAPI_MULTIPLE_CONCURRENT_REQUESTS.a());
        }
        setProperty(PROPERTY_CONFIG_FILE, this.configFilePath);
        setProperty(PROPERTY_SUBJECT_CREDS_ONLY, String.valueOf(this.useSubjectCredentialsOnly));
        DebugType debugType = DebugType.LDAP;
        if (Debug.debugEnabled(debugType)) {
            Level level = Level.CONFIG;
            Debug.debug(level, debugType, "Using config file property java.security.auth.login.config = '" + this.configFilePath + "'.");
            Debug.debug(level, debugType, "Using subject creds only property javax.security.auth.useSubjectCredsOnly = '" + this.useSubjectCredentialsOnly + "'.");
        }
        String str = this.kdcAddress;
        if (str == null) {
            String str2 = DEFAULT_KDC_ADDRESS;
            if (str2 == null) {
                clearProperty(PROPERTY_KDC_ADDRESS);
                if (Debug.debugEnabled(debugType)) {
                    Debug.debug(Level.CONFIG, debugType, "Clearing kdcAddress property 'java.security.krb5.kdc'.");
                }
            } else {
                setProperty(PROPERTY_KDC_ADDRESS, str2);
                if (Debug.debugEnabled(debugType)) {
                    Debug.debug(Level.CONFIG, debugType, "Using default kdcAddress property java.security.krb5.kdc = '" + str2 + "'.");
                }
            }
        } else {
            setProperty(PROPERTY_KDC_ADDRESS, str);
            if (Debug.debugEnabled(debugType)) {
                Debug.debug(Level.CONFIG, debugType, "Using kdcAddress property java.security.krb5.kdc = '" + this.kdcAddress + "'.");
            }
        }
        String str3 = this.realm;
        if (str3 == null) {
            String str4 = DEFAULT_REALM;
            if (str4 == null) {
                clearProperty(PROPERTY_REALM);
                if (Debug.debugEnabled(debugType)) {
                    Debug.debug(Level.CONFIG, debugType, "Clearing realm property 'java.security.krb5.realm'.");
                }
            } else {
                setProperty(PROPERTY_REALM, str4);
                if (Debug.debugEnabled(debugType)) {
                    Debug.debug(Level.CONFIG, debugType, "Using default realm property java.security.krb5.realm = '" + str4 + "'.");
                }
            }
        } else {
            setProperty(PROPERTY_REALM, str3);
            if (Debug.debugEnabled(debugType)) {
                Debug.debug(Level.CONFIG, debugType, "Using realm property java.security.krb5.realm = '" + this.realm + "'.");
            }
        }
        try {
            Configuration.getConfiguration().refresh();
        } catch (Exception e11) {
            Debug.debugException(e11);
        }
        try {
            try {
                LoginContext loginContext = new LoginContext(this.jaasClientName, this);
                loginContext.login();
                try {
                    BindResult bindResult = (BindResult) Subject.doAs(loginContext.getSubject(), this);
                    this.conn.set(null);
                    return bindResult;
                } catch (Exception e12) {
                    Debug.debugException(e12);
                    if (e12 instanceof LDAPException) {
                        throw ((LDAPException) e12);
                    }
                    throw new LDAPException(ResultCode.LOCAL_ERROR, o.ERR_GSSAPI_AUTHENTICATION_FAILED.b(StaticUtils.getExceptionMessage(e12)), e12);
                }
            } catch (Exception e13) {
                Debug.debugException(e13);
                throw new LDAPException(ResultCode.LOCAL_ERROR, o.ERR_GSSAPI_CANNOT_INITIALIZE_JAAS_CONTEXT.b(StaticUtils.getExceptionMessage(e13)), e13);
            }
        } catch (Throwable th2) {
            this.conn.set(null);
            throw th2;
        }
    }

    public boolean refreshKrb5Config() {
        return this.refreshKrb5Config;
    }

    public boolean renewTGT() {
        return this.renewTGT;
    }

    public boolean requireCachedCredentials() {
        return this.requireCachedCredentials;
    }

    @Override // java.security.PrivilegedExceptionAction
    @InternalUseOnly
    public Object run() throws LDAPException {
        this.unhandledCallbackMessages.clear();
        LDAPConnection lDAPConnection = this.conn.get();
        HashMap hashMap = new HashMap(StaticUtils.computeMapCapacity(2));
        hashMap.put("javax.security.sasl.qop", SASLQualityOfProtection.toString(this.allowedQoP));
        hashMap.put("javax.security.sasl.server.authentication", "true");
        try {
            String str = this.saslClientServerName;
            if (str == null) {
                str = lDAPConnection.getConnectedAddress();
            }
            u uVar = new u(this, lDAPConnection, GSSAPI_MECHANISM_NAME, Sasl.createSaslClient(new String[]{GSSAPI_MECHANISM_NAME}, this.authorizationID, this.servicePrincipalProtocol, str, hashMap, this), getControls(), getResponseTimeoutMillis(lDAPConnection), this.unhandledCallbackMessages);
            try {
                return uVar.b();
            } finally {
                this.messageID = uVar.a();
            }
        } catch (Exception e11) {
            Debug.debugException(e11);
            throw new LDAPException(ResultCode.LOCAL_ERROR, o.ERR_GSSAPI_CANNOT_CREATE_SASL_CLIENT.b(StaticUtils.getExceptionMessage(e11)), e11);
        }
    }

    @Override // com.unboundid.ldap.sdk.SASLBindRequest, com.unboundid.ldap.sdk.ReadOnlyLDAPRequest
    public void toCode(List<String> list, String str, int i11, boolean z11) {
        ToCodeHelper.generateMethodCall(list, i11, "GSSAPIBindRequestProperties", str + "RequestProperties", "new GSSAPIBindRequestProperties", ToCodeArgHelper.createString(this.authenticationID, "Authentication ID"), ToCodeArgHelper.createString("---redacted-password---", "Password"));
        if (this.authorizationID != null) {
            ToCodeHelper.generateMethodCall(list, i11, (String) null, (String) null, str + "RequestProperties.setAuthorizationID", ToCodeArgHelper.createString(this.authorizationID, null));
        }
        if (this.realm != null) {
            ToCodeHelper.generateMethodCall(list, i11, (String) null, (String) null, str + "RequestProperties.setRealm", ToCodeArgHelper.createString(this.realm, null));
        }
        ArrayList arrayList = new ArrayList(3);
        Iterator<SASLQualityOfProtection> it2 = this.allowedQoP.iterator();
        while (it2.hasNext()) {
            arrayList.add("SASLQualityOfProtection." + it2.next().name());
        }
        ToCodeHelper.generateMethodCall(list, i11, (String) null, (String) null, str + "RequestProperties.setAllowedQoP", ToCodeArgHelper.createRaw(arrayList, (String) null));
        if (this.kdcAddress != null) {
            ToCodeHelper.generateMethodCall(list, i11, (String) null, (String) null, str + "RequestProperties.setKDCAddress", ToCodeArgHelper.createString(this.kdcAddress, null));
        }
        if (this.jaasClientName != null) {
            ToCodeHelper.generateMethodCall(list, i11, (String) null, (String) null, str + "RequestProperties.setJAASClientName", ToCodeArgHelper.createString(this.jaasClientName, null));
        }
        if (this.configFilePath != null) {
            ToCodeHelper.generateMethodCall(list, i11, (String) null, (String) null, str + "RequestProperties.setConfigFilePath", ToCodeArgHelper.createString(this.configFilePath, null));
        }
        if (this.saslClientServerName != null) {
            ToCodeHelper.generateMethodCall(list, i11, (String) null, (String) null, str + "RequestProperties.setSASLClientServerName", ToCodeArgHelper.createString(this.saslClientServerName, null));
        }
        if (this.servicePrincipalProtocol != null) {
            ToCodeHelper.generateMethodCall(list, i11, (String) null, (String) null, str + "RequestProperties.setServicePrincipalProtocol", ToCodeArgHelper.createString(this.servicePrincipalProtocol, null));
        }
        ToCodeHelper.generateMethodCall(list, i11, (String) null, (String) null, str + "RequestProperties.setRefreshKrb5Config", ToCodeArgHelper.createBoolean(this.refreshKrb5Config, null));
        ToCodeHelper.generateMethodCall(list, i11, (String) null, (String) null, str + "RequestProperties.setUseKeyTab", ToCodeArgHelper.createBoolean(this.useKeyTab, null));
        if (this.keyTabPath != null) {
            ToCodeHelper.generateMethodCall(list, i11, (String) null, (String) null, str + "RequestProperties.setKeyTabPath", ToCodeArgHelper.createString(this.keyTabPath, null));
        }
        ToCodeHelper.generateMethodCall(list, i11, (String) null, (String) null, str + "RequestProperties.setUseSubjectCredentialsOnly", ToCodeArgHelper.createBoolean(this.useSubjectCredentialsOnly, null));
        ToCodeHelper.generateMethodCall(list, i11, (String) null, (String) null, str + "RequestProperties.setUseTicketCache", ToCodeArgHelper.createBoolean(this.useTicketCache, null));
        ToCodeHelper.generateMethodCall(list, i11, (String) null, (String) null, str + "RequestProperties.setRequireCachedCredentials", ToCodeArgHelper.createBoolean(this.requireCachedCredentials, null));
        if (this.ticketCachePath != null) {
            ToCodeHelper.generateMethodCall(list, i11, (String) null, (String) null, str + "RequestProperties.setTicketCachePath", ToCodeArgHelper.createString(this.ticketCachePath, null));
        }
        ToCodeHelper.generateMethodCall(list, i11, (String) null, (String) null, str + "RequestProperties.setRenewTGT", ToCodeArgHelper.createBoolean(this.renewTGT, null));
        if (this.isInitiator != null) {
            ToCodeHelper.generateMethodCall(list, i11, (String) null, (String) null, str + "RequestProperties.setIsInitiator", ToCodeArgHelper.createBoolean(this.isInitiator.booleanValue(), null));
        }
        Set<String> set = this.suppressedSystemProperties;
        if (set != null && !set.isEmpty()) {
            ArrayList arrayList2 = new ArrayList(this.suppressedSystemProperties.size());
            Iterator<String> it3 = this.suppressedSystemProperties.iterator();
            while (it3.hasNext()) {
                arrayList2.add(ToCodeArgHelper.createString(it3.next(), null));
            }
            ToCodeHelper.generateMethodCall(list, i11, "List<String>", str + "SuppressedProperties", "Arrays.asList", arrayList2);
            ToCodeHelper.generateMethodCall(list, i11, (String) null, (String) null, str + "RequestProperties.setSuppressedSystemProperties", ToCodeArgHelper.createRaw(str + "SuppressedProperties", (String) null));
        }
        ToCodeHelper.generateMethodCall(list, i11, (String) null, (String) null, str + "RequestProperties.setEnableGSSAPIDebugging", ToCodeArgHelper.createBoolean(this.enableGSSAPIDebugging, null));
        ArrayList arrayList3 = new ArrayList(2);
        arrayList3.add(ToCodeArgHelper.createRaw(str + "RequestProperties", (String) null));
        Control[] controls = getControls();
        if (controls.length > 0) {
            arrayList3.add(ToCodeArgHelper.createControlArray(controls, "Bind Controls"));
        }
        ToCodeHelper.generateMethodCall(list, i11, "GSSAPIBindRequest", str + XmlElementNames.Request, "new GSSAPIBindRequest", arrayList3);
        if (z11) {
            StringBuilder sb2 = new StringBuilder();
            for (int i12 = 0; i12 < i11; i12++) {
                sb2.append(' ');
            }
            String sb3 = sb2.toString();
            list.add("");
            list.add(sb3 + "try");
            list.add(sb3 + MessageFormatter.DELIM_START);
            list.add(sb3 + "  BindResult " + str + "Result = connection.bind(" + str + "Request);");
            StringBuilder sb4 = new StringBuilder();
            sb4.append(sb3);
            sb4.append("  // The bind was processed successfully.");
            list.add(sb4.toString());
            list.add(sb3 + MessageFormatter.DELIM_STOP);
            list.add(sb3 + "catch (LDAPException e)");
            list.add(sb3 + MessageFormatter.DELIM_START);
            list.add(sb3 + "  // The bind failed.  Maybe the following will help explain why.");
            list.add(sb3 + "  // Note that the connection is now likely in an unauthenticated state.");
            StringBuilder sb5 = new StringBuilder();
            sb5.append(sb3);
            sb5.append("  ResultCode resultCode = e.getResultCode();");
            list.add(sb5.toString());
            list.add(sb3 + "  String message = e.getMessage();");
            list.add(sb3 + "  String matchedDN = e.getMatchedDN();");
            list.add(sb3 + "  String[] referralURLs = e.getReferralURLs();");
            list.add(sb3 + "  Control[] responseControls = e.getResponseControls();");
            StringBuilder sb6 = new StringBuilder();
            sb6.append(sb3);
            sb6.append(MessageFormatter.DELIM_STOP);
            list.add(sb6.toString());
        }
    }

    @Override // com.unboundid.ldap.sdk.LDAPRequest, com.unboundid.ldap.sdk.ReadOnlyLDAPRequest
    public void toString(StringBuilder sb2) {
        sb2.append("GSSAPIBindRequest(authenticationID='");
        sb2.append(this.authenticationID);
        sb2.append(WWWAuthenticateHeader.SINGLE_QUOTE);
        if (this.authorizationID != null) {
            sb2.append(", authorizationID='");
            sb2.append(this.authorizationID);
            sb2.append(WWWAuthenticateHeader.SINGLE_QUOTE);
        }
        if (this.realm != null) {
            sb2.append(", realm='");
            sb2.append(this.realm);
            sb2.append(WWWAuthenticateHeader.SINGLE_QUOTE);
        }
        sb2.append(", qop='");
        sb2.append(SASLQualityOfProtection.toString(this.allowedQoP));
        sb2.append(WWWAuthenticateHeader.SINGLE_QUOTE);
        if (this.kdcAddress != null) {
            sb2.append(", kdcAddress='");
            sb2.append(this.kdcAddress);
            sb2.append(WWWAuthenticateHeader.SINGLE_QUOTE);
        }
        if (this.isInitiator != null) {
            sb2.append(", isInitiator=");
            sb2.append(this.isInitiator);
        }
        sb2.append(", jaasClientName='");
        sb2.append(this.jaasClientName);
        sb2.append("', configFilePath='");
        sb2.append(this.configFilePath);
        sb2.append("', servicePrincipalProtocol='");
        sb2.append(this.servicePrincipalProtocol);
        sb2.append("', enableGSSAPIDebugging=");
        sb2.append(this.enableGSSAPIDebugging);
        Control[] controls = getControls();
        if (controls.length > 0) {
            sb2.append(", controls={");
            for (int i11 = 0; i11 < controls.length; i11++) {
                if (i11 > 0) {
                    sb2.append(", ");
                }
                sb2.append(controls[i11]);
            }
            sb2.append(MessageFormatter.DELIM_STOP);
        }
        sb2.append(')');
    }

    public boolean useKeyTab() {
        return this.useKeyTab;
    }

    public boolean useSubjectCredentialsOnly() {
        return this.useSubjectCredentialsOnly;
    }

    public boolean useTicketCache() {
        return this.useTicketCache;
    }
}
