package org.apache.storm.messaging.netty;

import java.io.IOException;
import org.apache.storm.shade.io.netty.channel.Channel;
import org.apache.storm.shade.io.netty.channel.ChannelHandlerContext;
import org.apache.storm.shade.io.netty.channel.ChannelInboundHandlerAdapter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BOOT-INF/classes/data/StormApp.jar:org/apache/storm/messaging/netty/SaslStormClientHandler.class */
public class SaslStormClientHandler extends ChannelInboundHandlerAdapter {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) SaslStormClientHandler.class);
    private final long startTime = System.currentTimeMillis();
    private final ISaslClient client;
    private byte[] token;
    private String name;

    public SaslStormClientHandler(ISaslClient iSaslClient) throws IOException {
        this.client = iSaslClient;
        getSASLCredentials();
    }

    @Override // org.apache.storm.shade.io.netty.channel.ChannelInboundHandlerAdapter, org.apache.storm.shade.io.netty.channel.ChannelInboundHandler
    public void channelActive(ChannelHandlerContext channelHandlerContext) {
        Channel channel = channelHandlerContext.channel();
        LOG.info("Connection established from " + channel.localAddress() + " to " + channel.remoteAddress());
        try {
            if (((SaslNettyClient) channel.attr(SaslNettyClientState.SASL_NETTY_CLIENT).get()) == null) {
                LOG.debug("Creating saslNettyClient now for channel: " + channel);
                channel.attr(SaslNettyClientState.SASL_NETTY_CLIENT).set(new SaslNettyClient(this.name, this.token));
            }
            LOG.debug("Sending SASL_TOKEN_MESSAGE_REQUEST");
            channel.writeAndFlush(ControlMessage.SASL_TOKEN_MESSAGE_REQUEST, channel.voidPromise());
        } catch (Exception e) {
            LOG.error("Failed to authenticate with server due to error: ", (Throwable) e);
        }
    }

    @Override // org.apache.storm.shade.io.netty.channel.ChannelInboundHandlerAdapter, org.apache.storm.shade.io.netty.channel.ChannelInboundHandler
    public void channelRead(ChannelHandlerContext channelHandlerContext, Object obj) throws Exception {
        LOG.debug("send/recv time (ms): {}", Long.valueOf(System.currentTimeMillis() - this.startTime));
        if (obj instanceof ControlMessage) {
            handleControlMessage(channelHandlerContext, (ControlMessage) obj);
        } else if (obj instanceof SaslMessageToken) {
            handleSaslMessageToken(channelHandlerContext, (SaslMessageToken) obj);
        } else {
            LOG.error("Unexpected message from server: {}", obj);
        }
    }

    private SaslNettyClient getChannelSaslNettyClient(Channel channel) throws Exception {
        SaslNettyClient saslNettyClient = (SaslNettyClient) channel.attr(SaslNettyClientState.SASL_NETTY_CLIENT).get();
        if (saslNettyClient == null) {
            throw new Exception("saslNettyClient was unexpectedly null for channel: " + channel);
        }
        return saslNettyClient;
    }

    private void handleControlMessage(ChannelHandlerContext channelHandlerContext, ControlMessage controlMessage) throws Exception {
        SaslNettyClient channelSaslNettyClient = getChannelSaslNettyClient(channelHandlerContext.channel());
        if (controlMessage != ControlMessage.SASL_COMPLETE_REQUEST) {
            LOG.warn("Unexpected control message: {}", controlMessage);
            return;
        }
        LOG.debug("Server has sent us the SaslComplete message. Allowing normal work to proceed.");
        if (!channelSaslNettyClient.isComplete()) {
            LOG.error("Server returned a Sasl-complete message, but as far as we can tell, we are not authenticated yet.");
            throw new Exception("Server returned a Sasl-complete message, but as far as we can tell, we are not authenticated yet.");
        }
        channelHandlerContext.pipeline().remove(this);
        this.client.channelReady(channelHandlerContext.channel());
        channelHandlerContext.fireChannelRead((Object) controlMessage);
    }

    private void handleSaslMessageToken(ChannelHandlerContext channelHandlerContext, SaslMessageToken saslMessageToken) throws Exception {
        Channel channel = channelHandlerContext.channel();
        SaslNettyClient channelSaslNettyClient = getChannelSaslNettyClient(channel);
        LOG.debug("Responding to server's token of length: " + saslMessageToken.getSaslToken().length);
        byte[] saslResponse = channelSaslNettyClient.saslResponse(saslMessageToken);
        if (saslResponse != null) {
            LOG.debug("Response to server token has length:" + saslResponse.length);
            channel.writeAndFlush(new SaslMessageToken(saslResponse), channel.voidPromise());
            return;
        }
        LOG.debug("Response to server is null: authentication should now be complete.");
        if (channelSaslNettyClient.isComplete()) {
            this.client.channelReady(channel);
        } else {
            LOG.warn("Generated a null response, but authentication is not complete.");
            throw new Exception("Server response is null, but as far as we can tell, we are not authenticated yet.");
        }
    }

    private void getSASLCredentials() throws IOException {
        this.name = this.client.name();
        String secretKey = this.client.secretKey();
        if (secretKey != null) {
            this.token = secretKey.getBytes();
        }
        LOG.debug("SASL credentials for storm topology " + this.name + " is " + secretKey);
    }
}
