package org.postgresql.gss;

import java.io.IOException;
import java.lang.invoke.MethodHandle;
import java.lang.invoke.MethodHandles;
import java.lang.invoke.MethodType;
import java.security.PrivilegedAction;
import java.util.Set;
import java.util.concurrent.Callable;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import org.ietf.jgss.GSSCredential;
import org.postgresql.PGProperty;
import org.postgresql.core.PGStream;
import org.postgresql.util.GT;
import org.postgresql.util.PSQLException;
import org.postgresql.util.PSQLState;
import org.postgresql.util.internal.Nullness;

/* loaded from: input_file:org/postgresql/gss/MakeGSS.class */
public class MakeGSS {
    private static final Logger LOGGER = Logger.getLogger(MakeGSS.class.getName());
    private static final MethodHandle SUBJECT_CURRENT;
    private static final MethodHandle ACCESS_CONTROLLER_GET_CONTEXT;
    private static final MethodHandle SUBJECT_GET_SUBJECT;
    private static final MethodHandle SUBJECT_DO_AS;
    private static final MethodHandle SUBJECT_CALL_AS;

    private static Subject getCurrentSubject() {
        try {
            if (SUBJECT_CURRENT != null) {
                return (Subject) SUBJECT_CURRENT.invokeExact();
            }
            if (SUBJECT_GET_SUBJECT == null || ACCESS_CONTROLLER_GET_CONTEXT == null) {
                return null;
            }
            return (Subject) SUBJECT_GET_SUBJECT.invoke((Object) ACCESS_CONTROLLER_GET_CONTEXT.invoke());
        } catch (Throwable th) {
            if (th instanceof RuntimeException) {
                throw ((RuntimeException) th);
            }
            if (th instanceof Error) {
                throw ((Error) th);
            }
            throw new RuntimeException(th);
        }
    }

    public static void authenticate(boolean z, PGStream pGStream, String str, String str2, char[] cArr, String str3, String str4, boolean z2, boolean z3, boolean z4) throws IOException, PSQLException {
        Exception invoke;
        Set privateCredentials;
        LOGGER.log(Level.FINEST, " <=BE AuthenticationReqGSS");
        if (str3 == null) {
            str3 = PGProperty.JAAS_APPLICATION_NAME.getDefaultValue();
        }
        if (str4 == null) {
            str4 = "postgres";
        }
        try {
            boolean z5 = z3;
            Subject currentSubject = getCurrentSubject();
            if (currentSubject != null && (privateCredentials = currentSubject.getPrivateCredentials(GSSCredential.class)) != null && !privateCredentials.isEmpty()) {
                z5 = false;
            }
            if (z5) {
                LoginContext loginContext = new LoginContext((String) Nullness.castNonNull(str3), new GSSCallbackHandler(str2, cArr));
                loginContext.login();
                currentSubject = loginContext.getSubject();
            }
            PrivilegedAction gssEncAction = z ? new GssEncAction(pGStream, currentSubject, str, str2, str4, z2, z4) : new GssAction(pGStream, currentSubject, str, str2, str4, z2, z4);
            Subject subject = currentSubject;
            if (SUBJECT_DO_AS != null) {
                invoke = (Exception) SUBJECT_DO_AS.invoke(subject, gssEncAction);
            } else {
                if (SUBJECT_CALL_AS == null) {
                    throw new PSQLException(GT.tr("Neither Subject.doAs (Java before 18) nor Subject.callAs (Java 18+) method found", new Object[0]), PSQLState.OBJECT_NOT_IN_STATE);
                }
                invoke = (Exception) SUBJECT_CALL_AS.invoke(subject, gssEncAction);
            }
            if (invoke instanceof IOException) {
                throw ((IOException) invoke);
            }
            if (invoke instanceof PSQLException) {
                throw ((PSQLException) invoke);
            }
            if (invoke != null) {
                throw new PSQLException(GT.tr("GSS Authentication failed", new Object[0]), PSQLState.CONNECTION_FAILURE, invoke);
            }
        } catch (Throwable th) {
            throw new PSQLException(GT.tr("GSS Authentication failed", new Object[0]), PSQLState.CONNECTION_FAILURE, th);
        }
    }

    static {
        MethodHandle methodHandle = null;
        try {
            methodHandle = MethodHandles.lookup().findStatic(Subject.class, "current", MethodType.methodType(Subject.class));
        } catch (IllegalAccessException | NoSuchMethodException e) {
        }
        SUBJECT_CURRENT = methodHandle;
        MethodHandle methodHandle2 = null;
        MethodHandle methodHandle3 = null;
        try {
            Class<?> cls = Class.forName("java.security.AccessController");
            Class<?> cls2 = Class.forName("java.security.AccessControlContext");
            methodHandle2 = MethodHandles.lookup().findStatic(cls, "getContext", MethodType.methodType(cls2));
            methodHandle3 = MethodHandles.lookup().findStatic(Subject.class, "getSubject", MethodType.methodType((Class<?>) Subject.class, cls2));
        } catch (ClassNotFoundException | IllegalAccessException | NoSuchMethodException e2) {
        }
        ACCESS_CONTROLLER_GET_CONTEXT = methodHandle2;
        SUBJECT_GET_SUBJECT = methodHandle3;
        MethodHandle methodHandle4 = null;
        try {
            methodHandle4 = MethodHandles.lookup().findStatic(Subject.class, "doAs", MethodType.methodType(Object.class, Subject.class, PrivilegedAction.class));
        } catch (IllegalAccessException | NoSuchMethodException e3) {
        }
        SUBJECT_DO_AS = methodHandle4;
        MethodHandle methodHandle5 = null;
        try {
            methodHandle5 = MethodHandles.lookup().findStatic(Subject.class, "callAs", MethodType.methodType(Object.class, Subject.class, Callable.class));
        } catch (IllegalAccessException | NoSuchMethodException e4) {
        }
        SUBJECT_CALL_AS = methodHandle5;
    }
}
