public class org.apache.kafkaesqueesque.common.security.oauthbearer.internals.OAuthBearerSaslServer extends java.lang.Object implements javax.security.sasl.SaslServer { private static final org.slf4j.Logger log; private static final java.lang.String NEGOTIATED_PROPERTY_KEY_TOKEN; private static final java.lang.String INTERNAL_ERROR_ON_SERVER; private final org.apache.kafkaesqueesque.common.security.auth.AuthenticateCallbackHandler callbackHandler; private boolean complete; private org.apache.kafkaesqueesque.common.security.oauthbearer.OAuthBearerToken tokenForNegotiatedProperty; private java.lang.String errorMessage; private org.apache.kafkaesqueesque.common.security.auth.SaslExtensions extensions; public void (javax.security.auth.callback.CallbackHandler) { java.lang.Object[] v; org.apache.kafkaesqueesque.common.security.oauthbearer.internals.OAuthBearerSaslServer v; java.lang.IllegalArgumentException v; javax.security.auth.callback.CallbackHandler v; java.lang.Class v, v; java.lang.Object v; java.lang.String v, v, v; boolean v; v := @this: org.apache.kafkaesqueesque.common.security.oauthbearer.internals.OAuthBearerSaslServer; v := @parameter: javax.security.auth.callback.CallbackHandler; specialinvoke v.()>(); v. = null; v. = null; v = staticinvoke (v); v = v instanceof org.apache.kafkaesqueesque.common.security.auth.AuthenticateCallbackHandler; if v != 0 goto label; v = new java.lang.IllegalArgumentException; v = newarray (java.lang.Object)[2]; v = class "Lorg/apache/kafkaesqueesque/common/security/auth/AuthenticateCallbackHandler;"; v = virtualinvoke v.(); v[0] = v; v = virtualinvoke v.(); v = virtualinvoke v.(); v[1] = v; v = staticinvoke ("Callback handler must be castable to %s: %s", v); specialinvoke v.(java.lang.String)>(v); throw v; label: v. = v; return; } public byte[] evaluateResponse(byte[]) throws javax.security.sasl.SaslException, org.apache.kafkaesqueesque.common.errors.SaslAuthenticationException { byte[] v, v; org.apache.kafkaesqueesque.common.security.oauthbearer.internals.OAuthBearerSaslServer v; javax.security.sasl.SaslException v; org.apache.kafkaesqueesque.common.errors.SaslAuthenticationException v; byte v; int v; java.lang.String v, v, v, v, v; org.apache.kafkaesqueesque.common.security.oauthbearer.internals.OAuthBearerClientInitialResponse v; org.slf4j.Logger v, v; org.apache.kafkaesqueesque.common.security.auth.SaslExtensions v; v := @this: org.apache.kafkaesqueesque.common.security.oauthbearer.internals.OAuthBearerSaslServer; v := @parameter: byte[]; v = lengthof v; if v != 1 goto label; v = v[0]; if v != 1 goto label; v = v.; if v == null goto label; v = ; interfaceinvoke v.("Received %x response from client after it received our error"); v = new org.apache.kafkaesqueesque.common.errors.SaslAuthenticationException; v = v.; specialinvoke v.(java.lang.String)>(v); throw v; label: v. = null; label: v = new org.apache.kafkaesqueesque.common.security.oauthbearer.internals.OAuthBearerClientInitialResponse; specialinvoke v.(byte[])>(v); label: goto label; label: v := @caughtexception; v = ; v = virtualinvoke v.(); interfaceinvoke v.(v); throw v; label: v = virtualinvoke v.(); v = virtualinvoke v.(); v = virtualinvoke v.(); v = specialinvoke v.(v, v, v); return v; catch javax.security.sasl.SaslException from label to label with label; } public java.lang.String getAuthorizationID() { java.lang.IllegalStateException v; org.apache.kafkaesqueesque.common.security.oauthbearer.OAuthBearerToken v; org.apache.kafkaesqueesque.common.security.oauthbearer.internals.OAuthBearerSaslServer v; java.lang.String v; boolean v; v := @this: org.apache.kafkaesqueesque.common.security.oauthbearer.internals.OAuthBearerSaslServer; v = v.; if v != 0 goto label; v = new java.lang.IllegalStateException; specialinvoke v.(java.lang.String)>("Authentication exchange has not completed"); throw v; label: v = v.; v = interfaceinvoke v.(); return v; } public java.lang.String getMechanismName() { org.apache.kafkaesqueesque.common.security.oauthbearer.internals.OAuthBearerSaslServer v; v := @this: org.apache.kafkaesqueesque.common.security.oauthbearer.internals.OAuthBearerSaslServer; return "OAUTHBEARER"; } public java.lang.Object getNegotiatedProperty(java.lang.String) { java.lang.IllegalStateException v; org.apache.kafkaesqueesque.common.security.oauthbearer.OAuthBearerToken v, v; org.apache.kafkaesqueesque.common.security.oauthbearer.internals.OAuthBearerSaslServer v; long v; org.apache.kafkaesqueesque.common.security.auth.SaslExtensions v; java.lang.Long v; java.util.Map v; java.lang.Object v; java.lang.String v, v, v; boolean v, v, v; v := @this: org.apache.kafkaesqueesque.common.security.oauthbearer.internals.OAuthBearerSaslServer; v := @parameter: java.lang.String; v = v.; if v != 0 goto label; v = new java.lang.IllegalStateException; specialinvoke v.(java.lang.String)>("Authentication exchange has not completed"); throw v; label: v = "OAUTHBEARER.token"; v = virtualinvoke v.(v); if v == 0 goto label; v = v.; return v; label: v = "CREDENTIAL.LIFETIME.MS"; v = virtualinvoke v.(v); if v == 0 goto label; v = v.; v = interfaceinvoke v.(); v = staticinvoke (v); return v; label: v = v.; v = virtualinvoke v.(); v = interfaceinvoke v.(v); return v; } public boolean isComplete() { boolean v; org.apache.kafkaesqueesque.common.security.oauthbearer.internals.OAuthBearerSaslServer v; v := @this: org.apache.kafkaesqueesque.common.security.oauthbearer.internals.OAuthBearerSaslServer; v = v.; return v; } public byte[] unwrap(byte[], int, int) { byte[] v, v; java.lang.IllegalStateException v; org.apache.kafkaesqueesque.common.security.oauthbearer.internals.OAuthBearerSaslServer v; int v, v, v; boolean v; v := @this: org.apache.kafkaesqueesque.common.security.oauthbearer.internals.OAuthBearerSaslServer; v := @parameter: byte[]; v := @parameter: int; v := @parameter: int; v = v.; if v != 0 goto label; v = new java.lang.IllegalStateException; specialinvoke v.(java.lang.String)>("Authentication exchange has not completed"); throw v; label: v = v + v; v = staticinvoke (v, v, v); return v; } public byte[] wrap(byte[], int, int) { byte[] v, v; java.lang.IllegalStateException v; org.apache.kafkaesqueesque.common.security.oauthbearer.internals.OAuthBearerSaslServer v; int v, v, v; boolean v; v := @this: org.apache.kafkaesqueesque.common.security.oauthbearer.internals.OAuthBearerSaslServer; v := @parameter: byte[]; v := @parameter: int; v := @parameter: int; v = v.; if v != 0 goto label; v = new java.lang.IllegalStateException; specialinvoke v.(java.lang.String)>("Authentication exchange has not completed"); throw v; label: v = v + v; v = staticinvoke (v, v, v); return v; } public void dispose() { org.apache.kafkaesqueesque.common.security.oauthbearer.internals.OAuthBearerSaslServer v; v := @this: org.apache.kafkaesqueesque.common.security.oauthbearer.internals.OAuthBearerSaslServer; v. = 0; v. = null; v. = null; return; } private byte[] process(java.lang.String, java.lang.String, org.apache.kafkaesqueesque.common.security.auth.SaslExtensions) throws javax.security.sasl.SaslException { byte[] v, v; java.lang.Object[] v; org.apache.kafkaesqueesque.common.security.oauthbearer.internals.OAuthBearerSaslServer v; org.apache.kafkaesqueesque.common.errors.SaslAuthenticationException v; javax.security.auth.callback.Callback[] v; java.nio.charset.Charset v; java.util.Map v; java.lang.String v, v, v, v, v, v, v, v, v, v, v, v; boolean v, v; org.apache.kafkaesqueesque.common.security.oauthbearer.OAuthBearerToken v; org.slf4j.Logger v, v; org.apache.kafkaesqueesque.common.security.auth.SaslExtensions v, v; java.lang.Exception v; org.apache.kafkaesqueesque.common.security.auth.AuthenticateCallbackHandler v; org.apache.kafkaesqueesque.common.security.oauthbearer.OAuthBearerValidatorCallback v; v := @this: org.apache.kafkaesqueesque.common.security.oauthbearer.internals.OAuthBearerSaslServer; v := @parameter: java.lang.String; v := @parameter: java.lang.String; v := @parameter: org.apache.kafkaesqueesque.common.security.auth.SaslExtensions; v = new org.apache.kafkaesqueesque.common.security.oauthbearer.OAuthBearerValidatorCallback; specialinvoke v.(java.lang.String)>(v); label: v = v.; v = newarray (javax.security.auth.callback.Callback)[1]; v[0] = v; interfaceinvoke v.(v); label: goto label; label: v := @caughtexception; specialinvoke v.(v); label: v = virtualinvoke v.(); if v != null goto label; v = virtualinvoke v.(); v = virtualinvoke v.(); v = virtualinvoke v.(); v = staticinvoke (v, v, v); v. = v; v = ; v = v.; interfaceinvoke v.(v); v = v.; v = ; v = virtualinvoke v.(v); return v; label: v = virtualinvoke v.(); if v != 0 goto label; v = interfaceinvoke v.(); v = virtualinvoke v.(v); if v != 0 goto label; v = new org.apache.kafkaesqueesque.common.errors.SaslAuthenticationException; v = newarray (java.lang.Object)[2]; v[0] = v; v = interfaceinvoke v.(); v[1] = v; v = staticinvoke ("Authentication failed: Client requested an authorization id (%s) that is different from the token\'s principal name (%s)", v); specialinvoke v.(java.lang.String)>(v); throw v; label: v = specialinvoke v.(v, v); v. = v; v = new org.apache.kafkaesqueesque.common.security.auth.SaslExtensions; specialinvoke v.(java.util.Map)>(v); v. = v; v. = 1; v = ; v = interfaceinvoke v.(); interfaceinvoke v.("Successfully authenticate User={}", v); v = newarray (byte)[0]; return v; catch java.io.IOException from label to label with label; catch javax.security.auth.callback.UnsupportedCallbackException from label to label with label; } private java.util.Map processExtensions(org.apache.kafkaesqueesque.common.security.oauthbearer.OAuthBearerToken, org.apache.kafkaesqueesque.common.security.auth.SaslExtensions) throws javax.security.sasl.SaslException { java.lang.Object[] v; org.apache.kafkaesqueesque.common.security.oauthbearer.internals.OAuthBearerSaslServer v; javax.security.auth.callback.UnsupportedCallbackException v; java.lang.Integer v; org.apache.kafkaesqueesque.common.errors.SaslAuthenticationException v; javax.security.auth.callback.Callback[] v; java.util.Map v, v, v, v; int v; java.lang.String v, v; boolean v; org.apache.kafkaesqueesque.common.security.oauthbearer.OAuthBearerExtensionsValidatorCallback v; org.apache.kafkaesqueesque.common.security.oauthbearer.OAuthBearerToken v; org.slf4j.Logger v; java.io.IOException v; org.apache.kafkaesqueesque.common.security.auth.SaslExtensions v; org.apache.kafkaesqueesque.common.security.auth.AuthenticateCallbackHandler v; v := @this: org.apache.kafkaesqueesque.common.security.oauthbearer.internals.OAuthBearerSaslServer; v := @parameter: org.apache.kafkaesqueesque.common.security.oauthbearer.OAuthBearerToken; v := @parameter: org.apache.kafkaesqueesque.common.security.auth.SaslExtensions; v = new org.apache.kafkaesqueesque.common.security.oauthbearer.OAuthBearerExtensionsValidatorCallback; specialinvoke v.(org.apache.kafkaesqueesque.common.security.oauthbearer.OAuthBearerToken,org.apache.kafkaesqueesque.common.security.auth.SaslExtensions)>(v, v); label: v = v.; v = newarray (javax.security.auth.callback.Callback)[1]; v[0] = v; interfaceinvoke v.(v); label: goto label; label: v := @caughtexception; goto label; label: v := @caughtexception; specialinvoke v.(v); label: v = virtualinvoke v.(); v = interfaceinvoke v.(); if v != 0 goto label; v = newarray (java.lang.Object)[2]; v = virtualinvoke v.(); v = interfaceinvoke v.(); v = staticinvoke (v); v[0] = v; v = virtualinvoke v.(); v = staticinvoke (v, "", "", ": ", "; "); v[1] = v; v = staticinvoke ("Authentication failed: %d extensions are invalid! They are: %s", v); v = ; interfaceinvoke v.(v); v = new org.apache.kafkaesqueesque.common.errors.SaslAuthenticationException; specialinvoke v.(java.lang.String)>(v); throw v; label: v = virtualinvoke v.(); return v; catch javax.security.auth.callback.UnsupportedCallbackException from label to label with label; catch java.io.IOException from label to label with label; } private static java.lang.String jsonErrorResponse(java.lang.String, java.lang.String, java.lang.String) { java.lang.Object[] v, v, v, v; java.lang.String v, v, v, v, v; v := @parameter: java.lang.String; v := @parameter: java.lang.String; v := @parameter: java.lang.String; v = newarray (java.lang.Object)[1]; v[0] = v; v = staticinvoke ("{\"status\":\"%s\"", v); if v == null goto label; v = newarray (java.lang.Object)[2]; v[0] = v; v[1] = v; v = staticinvoke ("%s, \"scope\":\"%s\"", v); label: if v == null goto label; v = newarray (java.lang.Object)[2]; v[0] = v; v[1] = v; v = staticinvoke ("%s, \"openid-configuration\":\"%s\"", v); label: v = newarray (java.lang.Object)[1]; v[0] = v; v = staticinvoke ("%s}", v); return v; } private void handleCallbackError(java.lang.Exception) throws javax.security.sasl.SaslException { java.lang.Object[] v; org.slf4j.Logger v; org.apache.kafkaesqueesque.common.security.oauthbearer.internals.OAuthBearerSaslServer v; java.lang.String v, v; javax.security.sasl.SaslException v; java.lang.Exception v; v := @this: org.apache.kafkaesqueesque.common.security.oauthbearer.internals.OAuthBearerSaslServer; v := @parameter: java.lang.Exception; v = newarray (java.lang.Object)[2]; v[0] = "Authentication could not be performed due to an internal error on the server"; v = virtualinvoke v.(); v[1] = v; v = staticinvoke ("%s: %s", v); v = ; interfaceinvoke v.(v, v); v = new javax.security.sasl.SaslException; specialinvoke v.(java.lang.String)>(v); throw v; } public static java.lang.String[] mechanismNamesCompatibleWithPolicy(java.util.Map) { java.util.Map v; java.lang.Object v; java.lang.String[] v; java.lang.String v, v; boolean v; v := @parameter: java.util.Map; if v == null goto label; v = "true"; v = interfaceinvoke v.("javax.security.sasl.policy.noplaintext"); v = staticinvoke (v); v = virtualinvoke v.(v); if v == 0 goto label; v = newarray (java.lang.String)[0]; goto label; label: v = newarray (java.lang.String)[1]; v[0] = "OAUTHBEARER"; label: return v; } static void () { org.slf4j.Logger v; v = staticinvoke (class "Lorg/apache/kafkaesqueesque/common/security/oauthbearer/internals/OAuthBearerSaslServer;"); = v; return; } }