package com.sshtools.server;

import com.sshtools.common.auth.AbstractAuthenticationProtocol;
import com.sshtools.common.auth.AuthenticationMechanism;
import com.sshtools.common.auth.AuthenticationMechanismFactory;
import com.sshtools.common.auth.KeyboardInteractiveAuthentication;
import com.sshtools.common.auth.RequiredAuthenticationStrategy;
import com.sshtools.common.events.Event;
import com.sshtools.common.events.EventCodes;
import com.sshtools.common.events.EventServiceImplementation;
import com.sshtools.common.logger.Log;
import com.sshtools.common.policy.AuthenticationPolicy;
import com.sshtools.common.ssh.ExecutorOperationSupport;
import com.sshtools.common.ssh.SshException;
import com.sshtools.common.ssh.UnsupportedChannelException;
import com.sshtools.common.sshd.SshMessage;
import com.sshtools.common.util.ByteArrayReader;
import com.sshtools.common.util.Utils;
import com.sshtools.synergy.ssh.Connection;
import com.sshtools.synergy.ssh.ConnectionProtocol;
import com.sshtools.synergy.ssh.Service;
import com.sshtools.synergy.ssh.SshContext;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import org.jline.reader.impl.LineReaderImpl;

/* loaded from: classes.dex */
public class AuthenticationProtocolServer extends ExecutorOperationSupport<SshContext> implements Service, AbstractAuthenticationProtocol<SshServerContext> {
    static final String SERVICE_NAME = "ssh-userauth";
    boolean authInProgress;
    boolean authenticated;
    Map<String, Object> authenticationParameters;
    Date authenticationStarted;
    ArrayList<String> completedAuthentications;
    AuthenticationMechanism currentAuthentication;
    String currentMethod;
    int failed;
    boolean firstAttempt;
    Date methodStarted;
    String[] requiredAuthentications;
    String service;
    TransportProtocolServer transport;
    String username;

    public AuthenticationProtocolServer(TransportProtocolServer transportProtocolServer) {
        super("authentication-protocol");
        this.authInProgress = false;
        this.failed = 0;
        this.completedAuthentications = new ArrayList<>();
        this.authenticationParameters = new ConcurrentHashMap(8, 0.9f, 1);
        this.authenticationStarted = new Date();
        this.requiredAuthentications = null;
        this.authenticated = false;
        this.firstAttempt = true;
        this.transport = transportProtocolServer;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String createList(String[] strArr) {
        int i = 0;
        String str = LineReaderImpl.DEFAULT_BELL_STYLE;
        while (i < strArr.length) {
            StringBuilder sb = new StringBuilder();
            sb.append(str);
            sb.append(i > 0 ? "," : LineReaderImpl.DEFAULT_BELL_STYLE);
            sb.append(strArr[i]);
            str = sb.toString();
            i++;
        }
        return str;
    }

    /* JADX WARN: Removed duplicated region for block: B:11:0x0063 A[Catch: all -> 0x007d, TRY_LEAVE, TryCatch #0 {, blocks: (B:20:0x0003, B:4:0x001b, B:8:0x002c, B:9:0x004b, B:11:0x0063, B:16:0x006f, B:3:0x0009), top: B:19:0x0003 }] */
    /* JADX WARN: Removed duplicated region for block: B:8:0x002c A[Catch: all -> 0x007d, TryCatch #0 {, blocks: (B:20:0x0003, B:4:0x001b, B:8:0x002c, B:9:0x004b, B:11:0x0063, B:16:0x006f, B:3:0x0009), top: B:19:0x0003 }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private synchronized void failedAuthentication(final boolean r4, boolean r5, final java.lang.String[] r6) {
        /*
            r3 = this;
            monitor-enter(r3)
            if (r6 == 0) goto L9
            int r0 = r6.length     // Catch: java.lang.Throwable -> L7d
            if (r0 != 0) goto L7
            goto L9
        L7:
            r0 = r6
            goto L1b
        L9:
            com.sshtools.server.TransportProtocolServer r0 = r3.transport     // Catch: java.lang.Throwable -> L7d
            com.sshtools.server.SshServerContext r0 = r0.getContext()     // Catch: java.lang.Throwable -> L7d
            java.lang.Class<com.sshtools.common.auth.AuthenticationMechanismFactory> r1 = com.sshtools.common.auth.AuthenticationMechanismFactory.class
            java.lang.Object r0 = r0.getPolicy(r1)     // Catch: java.lang.Throwable -> L7d
            com.sshtools.common.auth.AuthenticationMechanismFactory r0 = (com.sshtools.common.auth.AuthenticationMechanismFactory) r0     // Catch: java.lang.Throwable -> L7d
            java.lang.String[] r0 = r0.getSupportedMechanisms()     // Catch: java.lang.Throwable -> L7d
        L1b:
            r3.fireFailureEvent(r4, r5, r6)     // Catch: java.lang.Throwable -> L7d
            java.lang.String r1 = r3.currentMethod     // Catch: java.lang.Throwable -> L7d
            java.lang.String r2 = "none"
            boolean r1 = r1.equals(r2)     // Catch: java.lang.Throwable -> L7d
            if (r1 != 0) goto L6e
            if (r4 != 0) goto L6e
            if (r5 != 0) goto L4b
            int r5 = r3.failed     // Catch: java.lang.Throwable -> L7d
            int r5 = r5 + 1
            r3.failed = r5     // Catch: java.lang.Throwable -> L7d
            com.sshtools.server.SshServerContext r5 = r3.getContext()     // Catch: java.lang.Throwable -> L7d
            java.lang.Class<com.sshtools.common.permissions.IPPolicy> r1 = com.sshtools.common.permissions.IPPolicy.class
            java.lang.Object r5 = r5.getPolicy(r1)     // Catch: java.lang.Throwable -> L7d
            com.sshtools.common.permissions.IPPolicy r5 = (com.sshtools.common.permissions.IPPolicy) r5     // Catch: java.lang.Throwable -> L7d
            com.sshtools.server.TransportProtocolServer r1 = r3.transport     // Catch: java.lang.Throwable -> L7d
            com.sshtools.synergy.ssh.Connection r1 = r1.getConnection()     // Catch: java.lang.Throwable -> L7d
            java.net.InetAddress r1 = r1.getRemoteAddress()     // Catch: java.lang.Throwable -> L7d
            r5.flagAddress(r1)     // Catch: java.lang.Throwable -> L7d
        L4b:
            int r5 = r3.failed     // Catch: java.lang.Throwable -> L7d
            com.sshtools.server.TransportProtocolServer r1 = r3.transport     // Catch: java.lang.Throwable -> L7d
            com.sshtools.synergy.ssh.SshContext r1 = r1.getSshContext()     // Catch: java.lang.Throwable -> L7d
            com.sshtools.server.SshServerContext r1 = (com.sshtools.server.SshServerContext) r1     // Catch: java.lang.Throwable -> L7d
            java.lang.Class<com.sshtools.common.policy.AuthenticationPolicy> r2 = com.sshtools.common.policy.AuthenticationPolicy.class
            java.lang.Object r1 = r1.getPolicy(r2)     // Catch: java.lang.Throwable -> L7d
            com.sshtools.common.policy.AuthenticationPolicy r1 = (com.sshtools.common.policy.AuthenticationPolicy) r1     // Catch: java.lang.Throwable -> L7d
            int r1 = r1.getMaxAuthentications()     // Catch: java.lang.Throwable -> L7d
            if (r5 < r1) goto L6e
            com.sshtools.server.TransportProtocolServer r4 = r3.transport     // Catch: java.lang.Throwable -> L7d
            r5 = 11
            java.lang.String r6 = "Too many bad authentication attempts!"
            r4.disconnect(r5, r6)     // Catch: java.lang.Throwable -> L7d
            monitor-exit(r3)
            return
        L6e:
            r5 = 0
            r3.authInProgress = r5     // Catch: java.lang.Throwable -> L7d
            com.sshtools.server.TransportProtocolServer r5 = r3.transport     // Catch: java.lang.Throwable -> L7d
            com.sshtools.server.AuthenticationProtocolServer$3 r1 = new com.sshtools.server.AuthenticationProtocolServer$3     // Catch: java.lang.Throwable -> L7d
            r1.<init>()     // Catch: java.lang.Throwable -> L7d
            r5.postMessage(r1)     // Catch: java.lang.Throwable -> L7d
            monitor-exit(r3)
            return
        L7d:
            r4 = move-exception
            monitor-exit(r3)
            throw r4
        */
        throw new UnsupportedOperationException("Method not decompiled: com.sshtools.server.AuthenticationProtocolServer.failedAuthentication(boolean, boolean, java.lang.String[]):void");
    }

    private void fireFailureEvent(boolean z, boolean z2, String[] strArr) {
        if (this.currentMethod.equals("none")) {
            return;
        }
        if (z) {
            EventServiceImplementation.getInstance().fireEvent(new Event((Object) this, EventCodes.EVENT_USERAUTH_SUCCESS, true).addAttribute(EventCodes.ATTRIBUTE_CONNECTION, this.transport.getConnection()).addAttribute(EventCodes.ATTRIBUTE_ATTEMPTED_USERNAME, this.username).addAttribute(EventCodes.ATTRIBUTE_AUTHENTICATION_METHODS, createList(strArr)).addAttribute(EventCodes.ATTRIBUTE_AUTHENTICATION_METHOD, this.currentMethod));
        } else {
            if (z2) {
                return;
            }
            EventServiceImplementation.getInstance().fireEvent(new Event((Object) this, EventCodes.EVENT_USERAUTH_FAILURE, true).addAttribute(EventCodes.ATTRIBUTE_CONNECTION, this.transport.getConnection()).addAttribute(EventCodes.ATTRIBUTE_ATTEMPTED_USERNAME, this.username).addAttribute(EventCodes.ATTRIBUTE_AUTHENTICATION_METHODS, createList(strArr)).addAttribute(EventCodes.ATTRIBUTE_AUTHENTICATION_METHOD, this.currentMethod));
        }
    }

    @Override // com.sshtools.common.auth.AbstractAuthenticationProtocol
    public boolean canContinue() {
        return this.failed <= ((AuthenticationPolicy) getContext().getPolicy(AuthenticationPolicy.class)).getMaxAuthentications();
    }

    @Override // com.sshtools.common.auth.AbstractAuthenticationProtocol
    public synchronized void completedAuthentication() {
        if (this.transport != null && this.transport.isConnected()) {
            if ((this.currentAuthentication instanceof KeyboardInteractiveAuthentication) && ((KeyboardInteractiveAuthentication) this.currentAuthentication).getSelectedProvider().getName().equals("password")) {
                this.completedAuthentications.add("password");
            }
            this.completedAuthentications.add(this.currentAuthentication.getMethod());
            boolean z = true;
            for (int i = 0; i < this.requiredAuthentications.length; i++) {
                z &= this.completedAuthentications.contains(this.requiredAuthentications[i]);
            }
            if (z) {
                this.authenticated = true;
                this.authInProgress = false;
                this.transport.postMessage(new SshMessage() { // from class: com.sshtools.server.AuthenticationProtocolServer.2
                    @Override // com.sshtools.common.sshd.SshMessage
                    public void messageSent(Long l) throws SshException {
                        if (Log.isDebugEnabled()) {
                            StringBuilder sb = new StringBuilder();
                            sb.append("Sent SSH_MSG_USERAUTH_SUCCESS method=");
                            sb.append(AuthenticationProtocolServer.this.currentMethod);
                            sb.append(" completed=");
                            AuthenticationProtocolServer authenticationProtocolServer = AuthenticationProtocolServer.this;
                            sb.append(authenticationProtocolServer.createList((String[]) authenticationProtocolServer.completedAuthentications.toArray(new String[0])));
                            sb.append(" required=");
                            AuthenticationProtocolServer authenticationProtocolServer2 = AuthenticationProtocolServer.this;
                            sb.append(authenticationProtocolServer2.createList(authenticationProtocolServer2.requiredAuthentications));
                            Log.debug(sb.toString(), new Object[0]);
                        }
                        EventServiceImplementation.getInstance().fireEvent(new Event((Object) this, EventCodes.EVENT_USERAUTH_SUCCESS, true).addAttribute(EventCodes.ATTRIBUTE_CONNECTION, AuthenticationProtocolServer.this.transport.getConnection()).addAttribute(EventCodes.ATTRIBUTE_ATTEMPTED_USERNAME, AuthenticationProtocolServer.this.username).addAttribute(EventCodes.ATTRIBUTE_AUTHENTICATION_METHOD, AuthenticationProtocolServer.this.currentMethod).addAttribute(EventCodes.ATTRIBUTE_OPERATION_STARTED, AuthenticationProtocolServer.this.methodStarted).addAttribute(EventCodes.ATTRIBUTE_OPERATION_FINISHED, new Date()));
                        EventServiceImplementation.getInstance().fireEvent(new Event((Object) this, EventCodes.EVENT_AUTHENTICATION_COMPLETE, true).addAttribute(EventCodes.ATTRIBUTE_CONNECTION, AuthenticationProtocolServer.this.transport.getConnection()).addAttribute(EventCodes.ATTRIBUTE_AUTHENTICATION_METHODS, AuthenticationProtocolServer.this.completedAuthentications).addAttribute(EventCodes.ATTRIBUTE_OPERATION_STARTED, AuthenticationProtocolServer.this.authenticationStarted).addAttribute(EventCodes.ATTRIBUTE_OPERATION_FINISHED, new Date()));
                        Iterator<ServerConnectionStateListener> it2 = AuthenticationProtocolServer.this.getContext().getStateListeners().iterator();
                        while (it2.hasNext()) {
                            it2.next().authenticationComplete(AuthenticationProtocolServer.this.transport.getConnection());
                        }
                        AuthenticationProtocolServer.this.transport.startService(new ConnectionProtocolServer(AuthenticationProtocolServer.this.transport, AuthenticationProtocolServer.this.username));
                    }

                    @Override // com.sshtools.common.sshd.SshMessage
                    public boolean writeMessageIntoBuffer(ByteBuffer byteBuffer) {
                        byteBuffer.put((byte) 52);
                        return true;
                    }
                });
            } else {
                failedAuthentication(true, true);
            }
            return;
        }
        if (Log.isDebugEnabled()) {
            Log.debug("Transport is no longer connected!", new Object[0]);
        }
    }

    @Override // com.sshtools.common.auth.AbstractAuthenticationProtocol
    public void discardAuthentication() {
        this.authInProgress = false;
    }

    @Override // com.sshtools.common.auth.AbstractAuthenticationProtocol
    public synchronized void failedAuthentication() {
        failedAuthentication(false, false);
    }

    @Override // com.sshtools.common.auth.AbstractAuthenticationProtocol
    public synchronized void failedAuthentication(boolean z, boolean z2) {
        if (this.transport != null && this.transport.isConnected()) {
            String[] supportedMechanisms = ((AuthenticationMechanismFactory) this.transport.getContext().getPolicy(AuthenticationMechanismFactory.class)).getSupportedMechanisms();
            if (Boolean.getBoolean("maverick.oldMethodsToContinue")) {
                failedAuthentication(z, z2, supportedMechanisms);
            } else {
                ArrayList arrayList = new ArrayList();
                for (int i = 0; i < supportedMechanisms.length; i++) {
                    if (!this.completedAuthentications.contains(supportedMechanisms[i])) {
                        arrayList.add(supportedMechanisms[i]);
                    }
                }
                failedAuthentication(z, z2, (String[]) arrayList.toArray(new String[0]));
            }
            return;
        }
        if (Log.isDebugEnabled()) {
            Log.debug("Transport is no longer connected!", new Object[0]);
        }
    }

    @Override // com.sshtools.common.ssh.ExecutorOperationSupport
    public SshContext getContext() {
        return this.transport.getContext();
    }

    @Override // com.sshtools.synergy.ssh.Service
    public int getIdleTimeoutSeconds() {
        return this.transport.getContext().getIdleAuthenticationTimeoutSeconds();
    }

    @Override // com.sshtools.synergy.ssh.Service
    public String getName() {
        return SERVICE_NAME;
    }

    public Object getParameter(String str) {
        return this.authenticationParameters.get(str);
    }

    @Override // com.sshtools.synergy.ssh.Service
    public boolean idle() {
        this.transport.disconnect(11, "Idle unauthenticated connection");
        return true;
    }

    @Override // com.sshtools.common.auth.AbstractAuthenticationProtocol
    public void markFailed() {
        this.failed++;
    }

    @Override // com.sshtools.synergy.ssh.Service
    public boolean processMessage(byte[] bArr) throws IOException {
        if (this.authInProgress) {
            return this.currentAuthentication.processMessage(bArr);
        }
        if (bArr[0] != 50) {
            return false;
        }
        processRequest(bArr);
        return true;
    }

    void processRequest(byte[] bArr) throws IOException {
        ByteArrayReader byteArrayReader = new ByteArrayReader(bArr);
        try {
            byteArrayReader.skip(1L);
            this.username = byteArrayReader.readString();
            this.service = byteArrayReader.readString();
            Connection connection = this.transport.getConnection();
            connection.setUsername(this.username);
            if (this.firstAttempt) {
                EventServiceImplementation.getInstance().fireEvent(new Event((Object) this, EventCodes.EVENT_AUTHENTICATION_STARTED, true).addAttribute(EventCodes.ATTRIBUTE_CONNECTION, this.transport.getConnection()).addAttribute(EventCodes.ATTRIBUTE_ATTEMPTED_USERNAME, this.username).addAttribute(EventCodes.ATTRIBUTE_OPERATION_STARTED, this.authenticationStarted).addAttribute(EventCodes.ATTRIBUTE_OPERATION_FINISHED, new Date()));
                this.firstAttempt = false;
            }
            this.methodStarted = new Date();
            EventServiceImplementation.getInstance().fireEvent(new Event((Object) this, EventCodes.EVENT_USERAUTH_STARTED, true).addAttribute(EventCodes.ATTRIBUTE_CONNECTION, this.transport.getConnection()).addAttribute(EventCodes.ATTRIBUTE_ATTEMPTED_USERNAME, this.username).addAttribute(EventCodes.ATTRIBUTE_AUTHENTICATION_METHOD, this.currentMethod).addAttribute(EventCodes.ATTRIBUTE_OPERATION_STARTED, this.methodStarted).addAttribute(EventCodes.ATTRIBUTE_OPERATION_FINISHED, new Date()));
            if (this.requiredAuthentications == null || ((AuthenticationPolicy) this.transport.getSshContext().getPolicy(AuthenticationPolicy.class)).getRequiredAuthenticationStrategy() == RequiredAuthenticationStrategy.ONCE_PER_AUTHENTICATION_ATTEMPT) {
                this.requiredAuthentications = ((AuthenticationMechanismFactory) this.transport.getSshContext().getPolicy(AuthenticationMechanismFactory.class)).getRequiredMechanisms(connection);
            }
            this.currentMethod = byteArrayReader.readString();
            if (Log.isDebugEnabled()) {
                Log.debug("Client is attempting " + this.currentMethod + " authentication", new Object[0]);
            }
            byte[] bArr2 = null;
            if (byteArrayReader.available() > 0) {
                bArr2 = new byte[byteArrayReader.available()];
                byteArrayReader.read(bArr2);
            }
            if (((AuthenticationMechanismFactory) this.transport.getContext().getPolicy(AuthenticationMechanismFactory.class)).isSupportedMechanism(this.currentMethod) && this.service.equals(ConnectionProtocol.SERVICE_NAME)) {
                try {
                    AuthenticationMechanism createInstance = ((AuthenticationMechanismFactory) this.transport.getContext().getPolicy(AuthenticationMechanismFactory.class)).createInstance(this.currentMethod, this.transport, this, connection);
                    this.currentAuthentication = createInstance;
                    this.authInProgress = true;
                    createInstance.startRequest(this.username, bArr2);
                    return;
                } catch (UnsupportedChannelException e) {
                    if (!this.currentMethod.equals("none") && Log.isErrorEnabled()) {
                        Log.error("Failed to initialize " + this.currentMethod + " authentication mechanism", e, new Object[0]);
                    }
                }
            }
            failedAuthentication();
        } finally {
            byteArrayReader.close();
        }
    }

    public void setParameter(String str, Object obj) {
        this.authenticationParameters.put(str, obj);
    }

    @Override // com.sshtools.synergy.ssh.Service
    public void start() {
        if (Utils.isNotBlank(((AuthenticationPolicy) this.transport.getSshContext().getPolicy(AuthenticationPolicy.class)).getBannerMessage())) {
            this.transport.postMessage(new SshMessage() { // from class: com.sshtools.server.AuthenticationProtocolServer.1
                @Override // com.sshtools.common.sshd.SshMessage
                public void messageSent(Long l) {
                    if (Log.isDebugEnabled()) {
                        Log.debug("Sent SSH_MSG_USERAUTH_BANNER", new Object[0]);
                    }
                }

                @Override // com.sshtools.common.sshd.SshMessage
                public boolean writeMessageIntoBuffer(ByteBuffer byteBuffer) {
                    byteBuffer.put((byte) 53);
                    byte[] bytes = ((AuthenticationPolicy) AuthenticationProtocolServer.this.transport.getSshContext().getPolicy(AuthenticationPolicy.class)).getBannerMessage().getBytes();
                    byteBuffer.putInt(bytes.length);
                    byteBuffer.put(bytes);
                    byteBuffer.putInt(0);
                    return true;
                }
            });
        }
    }

    @Override // com.sshtools.synergy.ssh.Service
    public synchronized void stop() {
        if (this.transport != null) {
            if (Log.isDebugEnabled()) {
                Log.debug("Cleaning up authentication protocol references", new Object[0]);
            }
            this.transport.getConnection().getAuthenticatedFuture().authenticated(this.authenticated);
        }
    }
}
