package com.exasol.jdbc;

import java.io.IOException;
import java.security.PrivilegedAction;
import java.sql.SQLException;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.Oid;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:drivers/exasol/exasol-jdbc-6.1.0.jar:com/exasol/jdbc/GSSPrivilegedAction.class */
public class GSSPrivilegedAction implements PrivilegedAction<Exception> {
    private final EXAConnection connection;
    private final boolean useSpnego;
    private final GSSCredential credentials;

    public GSSPrivilegedAction(EXAConnection eXAConnection, GSSCredential gSSCredential, boolean z) {
        this.credentials = gSSCredential;
        this.connection = eXAConnection;
        this.useSpnego = z;
    }

    private static boolean canUseSPNEGO(GSSManager gSSManager) throws GSSException {
        Oid oid = new Oid("1.3.6.1.5.5.2");
        for (Oid oid2 : gSSManager.getMechs()) {
            if (oid2.equals(oid)) {
                return true;
            }
        }
        return false;
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // java.security.PrivilegedAction
    public Exception run() {
        GSSCredential gSSCredential;
        try {
            GSSManager gSSManager = GSSManager.getInstance();
            Oid[] oidArr = new Oid[1];
            if (this.credentials == null) {
                if (this.useSpnego && canUseSPNEGO(gSSManager)) {
                    oidArr[0] = new Oid("1.3.6.1.5.5.2");
                } else {
                    oidArr[0] = new Oid("1.2.840.113554.1.2.2");
                }
                gSSCredential = gSSManager.createCredential(gSSManager.createName(this.connection.getKerberosUserName(), GSSName.NT_USER_NAME), 28800, oidArr, 1);
            } else {
                oidArr[0] = new Oid("1.2.840.113554.1.2.2");
                gSSCredential = this.credentials;
            }
            GSSName createName = gSSManager.createName(this.connection.getKerberosTargetNameGSS(), GSSName.NT_HOSTBASED_SERVICE);
            this.connection.log("GSSPrivilegedAction: GSSName=" + createName + ", Oid=" + oidArr[0].toString());
            GSSContext createContext = gSSManager.createContext(createName, oidArr[0], gSSCredential, 0);
            createContext.requestMutualAuth(true);
            byte[] bArr = new byte[0];
            boolean z = false;
            while (!z) {
                byte[] initSecContext = createContext.initSecContext(bArr, 0, bArr.length);
                if (createContext.isEstablished()) {
                    this.connection.getAttributes();
                    z = true;
                }
                if (initSecContext != null) {
                    bArr = this.connection.exchangeTicket(initSecContext);
                }
            }
            return null;
        } catch (IOException e) {
            this.connection.log("GSSPrivilegedAction: IOException: " + e.getMessage());
            this.connection.logStackTrace(e);
            return e;
        } catch (SQLException e2) {
            this.connection.log("GSSPrivilegedAction: SQLException: " + e2.getSQLState() + " - " + e2.getMessage());
            this.connection.logStackTrace(e2);
            return e2;
        } catch (GSSException e3) {
            this.connection.log("GSSPrivilegedAction: GSSException: " + e3.getMessage());
            this.connection.logStackTrace(e3);
            return e3;
        }
    }
}
