package org.opennms.netmgt.poller.monitors;

import java.net.InetAddress;
import java.util.Map;
import net.sourceforge.jradiusclient.RadiusAttribute;
import net.sourceforge.jradiusclient.RadiusClient;
import net.sourceforge.jradiusclient.RadiusPacket;
import net.sourceforge.jradiusclient.exception.InvalidParameterException;
import net.sourceforge.jradiusclient.exception.RadiusException;
import net.sourceforge.jradiusclient.util.ChapUtil;
import org.apache.log4j.Level;
import org.opennms.core.utils.ParameterMap;
import org.opennms.core.utils.ThreadCategory;
import org.opennms.core.utils.TimeoutTracker;
import org.opennms.netmgt.model.PollStatus;
import org.opennms.netmgt.poller.Distributable;
import org.opennms.netmgt.poller.MonitoredService;
import org.opennms.netmgt.poller.NetworkInterface;
import org.opennms.netmgt.poller.NetworkInterfaceNotSupportedException;

@Distributable
/* loaded from: input_file:org/opennms/netmgt/poller/monitors/RadiusAuthMonitor.class */
public final class RadiusAuthMonitor extends IPv4Monitor {
    public static final int DEFAULT_TIMEOUT = 5000;
    public static final int DEFAULT_RETRY = 0;
    public static final int DEFAULT_AUTH_PORT = 1812;
    public static final int DEFAULT_ACCT_PORT = 1813;
    public static final String DEFAULT_AUTH_TYPE = "pap";
    public static final String DEFAULT_USER = "OpenNMS";
    public static final String DEFAULT_PASSWORD = "OpenNMS";
    public static final String DEFAULT_SECRET = "secret";
    public static final String DEFAULT_NASID = "opennms";

    public RadiusAuthMonitor() throws ClassNotFoundException, InstantiationException, IllegalAccessException {
        ThreadCategory.getInstance(getClass()).info(getClass().getName() + ": RadiusAuthMonitor class loaded");
    }

    public PollStatus poll(MonitoredService monitoredService, Map<String, Object> map) {
        RadiusPacket radiusPacket;
        NetworkInterface netInterface = monitoredService.getNetInterface();
        ThreadCategory threadCategory = ThreadCategory.getInstance(getClass());
        PollStatus unavailable = PollStatus.unavailable();
        if (netInterface.getType() != 1) {
            threadCategory.error(getClass().getName() + ": Unsupported interface type, only TYPE_IPV4 currently supported");
            throw new NetworkInterfaceNotSupportedException(getClass().getName() + ": Unsupported interface type, only TYPE_IPV4 currently supported");
        }
        if (map == null) {
            throw new NullPointerException();
        }
        TimeoutTracker timeoutTracker = new TimeoutTracker(map, 0, 5000);
        int keyedInteger = ParameterMap.getKeyedInteger(map, "authport", 1812);
        int keyedInteger2 = ParameterMap.getKeyedInteger(map, "acctport", 1813);
        String keyedString = ParameterMap.getKeyedString(map, "user", "OpenNMS");
        String keyedString2 = ParameterMap.getKeyedString(map, "password", "OpenNMS");
        String keyedString3 = ParameterMap.getKeyedString(map, "secret", "secret");
        String keyedString4 = ParameterMap.getKeyedString(map, "authtype", "pap");
        String keyedString5 = ParameterMap.getKeyedString(map, "nasid", "opennms");
        InetAddress inetAddress = (InetAddress) netInterface.getAddress();
        try {
            RadiusClient radiusClient = new RadiusClient(inetAddress.getCanonicalHostName(), keyedInteger, keyedInteger2, keyedString3, timeoutTracker.getConnectionTimeout());
            timeoutTracker.reset();
            while (timeoutTracker.shouldRetry()) {
                try {
                    timeoutTracker.startAttempt();
                    ChapUtil chapUtil = new ChapUtil();
                    radiusPacket = new RadiusPacket(1);
                    RadiusAttribute radiusAttribute = new RadiusAttribute(32, keyedString5.getBytes());
                    RadiusAttribute radiusAttribute2 = new RadiusAttribute(1, keyedString.getBytes());
                    threadCategory.debug(getClass().getName() + ": attempting Radius auth with authType: " + keyedString4);
                    radiusPacket.setAttribute(radiusAttribute2);
                    radiusPacket.setAttribute(radiusAttribute);
                    if (keyedString4.equalsIgnoreCase("chap")) {
                        byte[] nextChapChallenge = chapUtil.getNextChapChallenge(16);
                        radiusPacket.setAttribute(new RadiusAttribute(3, chapEncrypt(keyedString2, nextChapChallenge, chapUtil)));
                        radiusPacket.setAttribute(new RadiusAttribute(60, nextChapChallenge));
                    } else {
                        radiusPacket.setAttribute(new RadiusAttribute(2, keyedString2.getBytes()));
                    }
                } catch (RadiusException e) {
                    unavailable = logDown(Level.ERROR, "Radius Exception : " + e);
                } catch (InvalidParameterException e2) {
                    unavailable = logDown(Level.ERROR, "Invalid Radius Parameter: " + e2);
                }
                if (radiusClient.authenticate(radiusPacket).getPacketType() == 2) {
                    double elapsedTimeInMillis = timeoutTracker.elapsedTimeInMillis();
                    unavailable = PollStatus.available(Double.valueOf(elapsedTimeInMillis));
                    if (threadCategory.isDebugEnabled()) {
                        threadCategory.debug(getClass().getName() + ": Radius service is AVAILABLE on: " + inetAddress.getCanonicalHostName());
                        threadCategory.debug("poll: responseTime= " + elapsedTimeInMillis + "ms");
                    }
                    break;
                }
                continue;
                timeoutTracker.nextAttempt();
            }
            return unavailable;
        } catch (InvalidParameterException e3) {
            return logDown(Level.ERROR, "Radius parameter exception: " + e3.getMessage());
        } catch (RadiusException e4) {
            return logDown(Level.ERROR, "Radius Exception: " + e4.getMessage());
        }
    }

    private static byte[] chapEncrypt(String str, byte[] bArr, ChapUtil chapUtil) {
        byte nextChapIdentifier = chapUtil.getNextChapIdentifier();
        byte[] bArr2 = new byte[17];
        bArr2[0] = nextChapIdentifier;
        System.arraycopy(ChapUtil.chapEncrypt(nextChapIdentifier, str.getBytes(), bArr), 0, bArr2, 1, 16);
        return bArr2;
    }
}
