package org.apache.http.impl.auth;

import com.google.common.net.HttpHeaders;
import java.net.InetAddress;
import java.net.UnknownHostException;
import je.n;
import org.apache.http.HttpHost;
import org.apache.http.auth.AuthenticationException;
import org.apache.http.auth.InvalidCredentialsException;
import org.apache.http.auth.KerberosCredentials;
import org.apache.http.message.BufferedHeader;
import org.apache.http.util.CharArrayBuffer;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.Oid;

/* loaded from: classes4.dex */
public abstract class GGSSchemeBase extends org.apache.http.impl.auth.a {

    /* renamed from: f, reason: collision with root package name */
    public final boolean f40172f;

    /* renamed from: g, reason: collision with root package name */
    public final boolean f40173g;

    /* renamed from: n, reason: collision with root package name */
    public byte[] f40175n;

    /* renamed from: c, reason: collision with root package name */
    public final ge.a f40170c = ge.h.n(getClass());

    /* renamed from: d, reason: collision with root package name */
    public final fe.a f40171d = new fe.a(0);

    /* renamed from: m, reason: collision with root package name */
    public State f40174m = State.UNINITIATED;

    /* loaded from: classes4.dex */
    public enum State {
        UNINITIATED,
        CHALLENGE_RECEIVED,
        TOKEN_GENERATED,
        FAILED
    }

    /* loaded from: classes4.dex */
    public static /* synthetic */ class a {

        /* renamed from: a, reason: collision with root package name */
        public static final /* synthetic */ int[] f40176a;

        static {
            int[] iArr = new int[State.values().length];
            f40176a = iArr;
            try {
                iArr[State.UNINITIATED.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                f40176a[State.FAILED.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                f40176a[State.CHALLENGE_RECEIVED.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
            try {
                f40176a[State.TOKEN_GENERATED.ordinal()] = 4;
            } catch (NoSuchFieldError unused4) {
            }
        }
    }

    public GGSSchemeBase(boolean z10, boolean z11) {
        this.f40172f = z10;
        this.f40173g = z11;
    }

    public GSSContext a(GSSManager gSSManager, Oid oid, GSSName gSSName, GSSCredential gSSCredential) {
        GSSContext createContext = gSSManager.createContext(gSSName.canonicalize(oid), oid, gSSCredential, 0);
        createContext.requestMutualAuth(true);
        return createContext;
    }

    @Override // ke.b
    @Deprecated
    public je.d authenticate(ke.i iVar, n nVar) {
        return authenticate(iVar, nVar, null);
    }

    @Override // org.apache.http.impl.auth.a, ke.h
    public je.d authenticate(ke.i iVar, n nVar, mf.e eVar) {
        HttpHost h10;
        of.a.i(nVar, "HTTP request");
        int i10 = a.f40176a[this.f40174m.ordinal()];
        if (i10 == 1) {
            throw new AuthenticationException(getSchemeName() + " authentication has not been initiated");
        }
        if (i10 == 2) {
            throw new AuthenticationException(getSchemeName() + " authentication has failed");
        }
        if (i10 == 3) {
            try {
                org.apache.http.conn.routing.a aVar = (org.apache.http.conn.routing.a) eVar.getAttribute("http.route");
                if (aVar == null) {
                    throw new AuthenticationException("Connection route is not available");
                }
                if (isProxy()) {
                    h10 = aVar.c();
                    if (h10 == null) {
                        h10 = aVar.h();
                    }
                } else {
                    h10 = aVar.h();
                }
                String hostName = h10.getHostName();
                if (this.f40173g) {
                    try {
                        hostName = e(hostName);
                    } catch (UnknownHostException unused) {
                    }
                }
                if (!this.f40172f) {
                    hostName = hostName + ":" + h10.getPort();
                }
                if (this.f40170c.isDebugEnabled()) {
                    this.f40170c.debug("init " + hostName);
                }
                this.f40175n = c(this.f40175n, hostName, iVar);
                this.f40174m = State.TOKEN_GENERATED;
            } catch (GSSException e10) {
                this.f40174m = State.FAILED;
                if (e10.getMajor() == 9 || e10.getMajor() == 8) {
                    throw new InvalidCredentialsException(e10.getMessage(), e10);
                }
                if (e10.getMajor() == 13) {
                    throw new InvalidCredentialsException(e10.getMessage(), e10);
                }
                if (e10.getMajor() == 10 || e10.getMajor() == 19 || e10.getMajor() == 20) {
                    throw new AuthenticationException(e10.getMessage(), e10);
                }
                throw new AuthenticationException(e10.getMessage());
            }
        } else if (i10 != 4) {
            throw new IllegalStateException("Illegal state: " + this.f40174m);
        }
        String str = new String(this.f40171d.f(this.f40175n));
        if (this.f40170c.isDebugEnabled()) {
            this.f40170c.debug("Sending response '" + str + "' back to the auth server");
        }
        CharArrayBuffer charArrayBuffer = new CharArrayBuffer(32);
        if (isProxy()) {
            charArrayBuffer.append(HttpHeaders.PROXY_AUTHORIZATION);
        } else {
            charArrayBuffer.append(HttpHeaders.AUTHORIZATION);
        }
        charArrayBuffer.append(": Negotiate ");
        charArrayBuffer.append(str);
        return new BufferedHeader(charArrayBuffer);
    }

    public byte[] b(byte[] bArr, Oid oid, String str, ke.i iVar) {
        GSSManager d10 = d();
        GSSContext a10 = a(d10, oid, d10.createName("HTTP@" + str, GSSName.NT_HOSTBASED_SERVICE), iVar instanceof KerberosCredentials ? ((KerberosCredentials) iVar).getGSSCredential() : null);
        return bArr != null ? a10.initSecContext(bArr, 0, bArr.length) : a10.initSecContext(new byte[0], 0, 0);
    }

    public abstract byte[] c(byte[] bArr, String str, ke.i iVar);

    public GSSManager d() {
        return GSSManager.getInstance();
    }

    public final String e(String str) {
        InetAddress byName = InetAddress.getByName(str);
        String canonicalHostName = byName.getCanonicalHostName();
        return byName.getHostAddress().contentEquals(canonicalHostName) ? str : canonicalHostName;
    }

    @Override // ke.b
    public boolean isComplete() {
        State state = this.f40174m;
        return state == State.TOKEN_GENERATED || state == State.FAILED;
    }

    @Override // org.apache.http.impl.auth.a
    public void parseChallenge(CharArrayBuffer charArrayBuffer, int i10, int i11) {
        String substringTrimmed = charArrayBuffer.substringTrimmed(i10, i11);
        if (this.f40170c.isDebugEnabled()) {
            this.f40170c.debug("Received challenge '" + substringTrimmed + "' from the auth server");
        }
        if (this.f40174m == State.UNINITIATED) {
            this.f40175n = fe.a.n(substringTrimmed.getBytes());
            this.f40174m = State.CHALLENGE_RECEIVED;
        } else {
            this.f40170c.debug("Authentication already attempted");
            this.f40174m = State.FAILED;
        }
    }
}
