package com.sshtools.daemon.authentication;

import com.sshtools.daemon.platform.NativeAuthenticationProvider;
import com.sshtools.daemon.platform.PasswordChangeException;
import com.sshtools.j2ssh.authentication.SshMsgUserAuthInfoRequest;
import com.sshtools.j2ssh.authentication.SshMsgUserAuthInfoResponse;
import com.sshtools.j2ssh.authentication.SshMsgUserAuthRequest;
import com.sshtools.j2ssh.transport.SshMessage;
import java.io.IOException;
import java.util.Map;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.eclipse.jgit.lib.RefDatabase;

/* loaded from: input_file:com/sshtools/daemon/authentication/KBIPasswordAuthenticationServer.class */
public class KBIPasswordAuthenticationServer extends SshAuthenticationServer {
    private static Log log = LogFactory.getLog(KBIPasswordAuthenticationServer.class);

    @Override // com.sshtools.daemon.authentication.SshAuthenticationServer
    public final String getMethodName() {
        return "keyboard-interactive";
    }

    public void setAuthenticatedTokens(Map map) {
    }

    @Override // com.sshtools.daemon.authentication.SshAuthenticationServer
    public int authenticate(AuthenticationProtocolServer authenticationProtocolServer, SshMsgUserAuthRequest sshMsgUserAuthRequest) throws IOException {
        NativeAuthenticationProvider nativeAuthenticationProvider = NativeAuthenticationProvider.getInstance();
        if (nativeAuthenticationProvider == null) {
            log.error("Cannot perfrom authentication witout native authentication provider");
            return 2;
        }
        authenticationProtocolServer.registerMessage(61, SshMsgUserAuthInfoResponse.class);
        SshMsgUserAuthInfoRequest sshMsgUserAuthInfoRequest = new SshMsgUserAuthInfoRequest("Password authentication", RefDatabase.ALL, RefDatabase.ALL);
        sshMsgUserAuthInfoRequest.addPrompt(String.valueOf(sshMsgUserAuthRequest.getUsername()) + "'s password", false);
        authenticationProtocolServer.sendMessage(sshMsgUserAuthInfoRequest);
        SshMessage readMessage = authenticationProtocolServer.readMessage();
        if (!(readMessage instanceof SshMsgUserAuthInfoResponse)) {
            log.error("Client replied with an invalid message " + readMessage.getMessageName());
            return 2;
        }
        String[] responses = ((SshMsgUserAuthInfoResponse) readMessage).getResponses();
        if (responses.length != 1) {
            log.error("Client responded with too many values!");
            return 2;
        }
        String str = responses[0];
        try {
            if (nativeAuthenticationProvider.logonUser(sshMsgUserAuthRequest.getUsername(), str)) {
                log.info(String.valueOf(sshMsgUserAuthRequest.getUsername()) + " has passed password authentication");
                return 4;
            }
            log.info(String.valueOf(sshMsgUserAuthRequest.getUsername()) + " has failed password authentication");
            return 2;
        } catch (PasswordChangeException unused) {
            SshMsgUserAuthInfoRequest sshMsgUserAuthInfoRequest2 = new SshMsgUserAuthInfoRequest("Password change required", RefDatabase.ALL, RefDatabase.ALL);
            sshMsgUserAuthInfoRequest2.addPrompt("New password", false);
            sshMsgUserAuthInfoRequest2.addPrompt("Confirm password", false);
            authenticationProtocolServer.sendMessage(sshMsgUserAuthInfoRequest2);
            SshMessage readMessage2 = authenticationProtocolServer.readMessage();
            if (!(readMessage2 instanceof SshMsgUserAuthInfoResponse)) {
                log.error("Client replied with an invalid message " + readMessage2.getMessageName());
                return 2;
            }
            String[] responses2 = ((SshMsgUserAuthInfoResponse) readMessage2).getResponses();
            if (responses2.length == 2) {
                return (responses2[0].equals(responses2[1]) && nativeAuthenticationProvider.changePassword(sshMsgUserAuthRequest.getUsername(), str, responses2[0])) ? 4 : 2;
            }
            log.error("Client replied with an invalid message " + readMessage2.getMessageName());
            return 2;
        }
    }
}
