package org.mortbay.jetty.security;

import java.security.MessageDigest;
import java.security.Principal;
import org.mortbay.jetty.HttpTokens;
import org.mortbay.jetty.Request;
import org.mortbay.jetty.Response;
import org.mortbay.jetty.security.Credential;
import org.mortbay.log.Log;
import org.mortbay.util.QuotedStringTokenizer;
import org.mortbay.util.StringUtil;
import org.mortbay.util.TypeUtil;

/* loaded from: classes4.dex */
public class DigestAuthenticator implements Authenticator {

    /* renamed from: a, reason: collision with root package name */
    public long f9292a = 0;
    public long b = hashCode() ^ System.currentTimeMillis();

    /* renamed from: c, reason: collision with root package name */
    public boolean f9293c = false;

    /* loaded from: classes4.dex */
    public static class Digest extends Credential {

        /* renamed from: a, reason: collision with root package name */
        public String f9294a;
        public String b;

        /* renamed from: c, reason: collision with root package name */
        public String f9295c;

        /* renamed from: d, reason: collision with root package name */
        public String f9296d;
        public String e;
        public String f;

        /* renamed from: g, reason: collision with root package name */
        public String f9297g;
        public String h;

        /* renamed from: i, reason: collision with root package name */
        public String f9298i;

        @Override // org.mortbay.jetty.security.Credential
        public boolean check(Object obj) {
            byte[] digest;
            String obj2 = obj instanceof String ? (String) obj : obj.toString();
            try {
                MessageDigest messageDigest = MessageDigest.getInstance("MD5");
                if (obj instanceof Credential.MD5) {
                    digest = ((Credential.MD5) obj).getDigest();
                } else {
                    String str = this.b;
                    String str2 = StringUtil.__ISO_8859_1;
                    messageDigest.update(str.getBytes(str2));
                    messageDigest.update(HttpTokens.COLON);
                    messageDigest.update(this.f9295c.getBytes(str2));
                    messageDigest.update(HttpTokens.COLON);
                    messageDigest.update(obj2.getBytes(str2));
                    digest = messageDigest.digest();
                }
                messageDigest.reset();
                String str3 = this.f9294a;
                String str4 = StringUtil.__ISO_8859_1;
                messageDigest.update(str3.getBytes(str4));
                messageDigest.update(HttpTokens.COLON);
                messageDigest.update(this.h.getBytes(str4));
                byte[] digest2 = messageDigest.digest();
                messageDigest.update(TypeUtil.toString(digest, 16).getBytes(str4));
                messageDigest.update(HttpTokens.COLON);
                messageDigest.update(this.f9296d.getBytes(str4));
                messageDigest.update(HttpTokens.COLON);
                messageDigest.update(this.e.getBytes(str4));
                messageDigest.update(HttpTokens.COLON);
                messageDigest.update(this.f.getBytes(str4));
                messageDigest.update(HttpTokens.COLON);
                messageDigest.update(this.f9297g.getBytes(str4));
                messageDigest.update(HttpTokens.COLON);
                messageDigest.update(TypeUtil.toString(digest2, 16).getBytes(str4));
                return TypeUtil.toString(messageDigest.digest(), 16).equalsIgnoreCase(this.f9298i);
            } catch (Exception e) {
                Log.warn(e);
                return false;
            }
        }

        public String toString() {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append(this.b);
            stringBuffer.append(",");
            stringBuffer.append(this.f9298i);
            return stringBuffer.toString();
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r11v3, types: [org.mortbay.jetty.security.DigestAuthenticator$Digest, java.lang.Object, org.mortbay.jetty.security.Credential] */
    @Override // org.mortbay.jetty.security.Authenticator
    public Principal authenticate(UserRealm userRealm, String str, Request request, Response response) {
        String header = request.getHeader("Authorization");
        boolean z2 = false;
        Principal principal = null;
        if (header != null) {
            if (Log.isDebugEnabled()) {
                Log.debug("Credentials: ".concat(header));
            }
            QuotedStringTokenizer quotedStringTokenizer = new QuotedStringTokenizer(header, "=, ", true, false);
            String method = request.getMethod();
            ?? credential = new Credential();
            credential.b = null;
            credential.f9295c = null;
            credential.f9296d = null;
            credential.e = null;
            credential.f = null;
            credential.f9297g = null;
            credential.h = null;
            credential.f9298i = null;
            credential.f9294a = method;
            String str2 = null;
            String str3 = null;
            while (quotedStringTokenizer.hasMoreTokens()) {
                String nextToken = quotedStringTokenizer.nextToken();
                char charAt = nextToken.length() == 1 ? nextToken.charAt(0) : (char) 0;
                if (charAt != ' ') {
                    if (charAt != ',') {
                        if (charAt == '=') {
                            str3 = str2;
                        } else if (str3 != null) {
                            if ("username".equalsIgnoreCase(str3)) {
                                credential.b = nextToken;
                            } else if ("realm".equalsIgnoreCase(str3)) {
                                credential.f9295c = nextToken;
                            } else if ("nonce".equalsIgnoreCase(str3)) {
                                credential.f9296d = nextToken;
                            } else if ("nc".equalsIgnoreCase(str3)) {
                                credential.e = nextToken;
                            } else if ("cnonce".equalsIgnoreCase(str3)) {
                                credential.f = nextToken;
                            } else if ("qop".equalsIgnoreCase(str3)) {
                                credential.f9297g = nextToken;
                            } else if ("uri".equalsIgnoreCase(str3)) {
                                credential.h = nextToken;
                            } else if ("response".equalsIgnoreCase(str3)) {
                                credential.f9298i = nextToken;
                            }
                            str3 = null;
                        }
                        str2 = nextToken;
                    } else {
                        str3 = null;
                    }
                }
            }
            int checkNonce = checkNonce(credential.f9296d, request);
            if (checkNonce > 0) {
                principal = userRealm.authenticate(credential.b, credential, request);
            } else if (checkNonce == 0) {
                z2 = true;
            }
            if (principal == null) {
                StringBuffer stringBuffer = new StringBuffer("AUTH FAILURE: user ");
                stringBuffer.append(StringUtil.printable(credential.b));
                Log.warn(stringBuffer.toString());
            } else {
                request.setAuthType("DIGEST");
                request.setUserPrincipal(principal);
            }
        }
        if (principal == null && response != null) {
            sendChallenge(userRealm, request, response, z2);
        }
        return principal;
    }

    public int checkNonce(String str, Request request) {
        byte[] bArr;
        try {
            byte[] decode = B64Code.decode(str.toCharArray());
            if (decode.length != 24) {
                return -1;
            }
            long j = this.b;
            byte[] bArr2 = new byte[16];
            System.arraycopy(decode, 0, bArr2, 0, 8);
            long j2 = 0;
            for (int i2 = 0; i2 < 8; i2++) {
                bArr2[i2 + 8] = (byte) (j & 255);
                j >>= 8;
                j2 = (decode[7 - i2] & 255) + (j2 << 8);
            }
            long timeStamp = request.getTimeStamp() - j2;
            if (Log.isDebugEnabled()) {
                StringBuffer stringBuffer = new StringBuffer();
                stringBuffer.append("age=");
                stringBuffer.append(timeStamp);
                Log.debug(stringBuffer.toString());
            }
            try {
                MessageDigest messageDigest = MessageDigest.getInstance("MD5");
                messageDigest.reset();
                messageDigest.update(bArr2, 0, 16);
                bArr = messageDigest.digest();
            } catch (Exception e) {
                Log.warn(e);
                bArr = null;
            }
            for (int i3 = 0; i3 < 16; i3++) {
                if (decode[i3 + 8] != bArr[i3]) {
                    return -1;
                }
            }
            long j3 = this.f9292a;
            if (j3 > 0) {
                return (timeStamp < 0 || timeStamp > j3) ? 0 : 1;
            }
            return 1;
        } catch (Exception e2) {
            Log.ignore(e2);
            return -1;
        }
    }

    @Override // org.mortbay.jetty.security.Authenticator
    public String getAuthMethod() {
        return "DIGEST";
    }

    public long getMaxNonceAge() {
        return this.f9292a;
    }

    public long getNonceSecret() {
        return this.b;
    }

    public boolean getUseStale() {
        return this.f9293c;
    }

    public String newNonce(Request request) {
        byte[] bArr;
        long timeStamp = request.getTimeStamp();
        long j = this.b;
        byte[] bArr2 = new byte[24];
        for (int i2 = 0; i2 < 8; i2++) {
            bArr2[i2] = (byte) (timeStamp & 255);
            timeStamp >>= 8;
            bArr2[i2 + 8] = (byte) (255 & j);
            j >>= 8;
        }
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("MD5");
            messageDigest.reset();
            messageDigest.update(bArr2, 0, 16);
            bArr = messageDigest.digest();
        } catch (Exception e) {
            Log.warn(e);
            bArr = null;
        }
        for (int i3 = 0; i3 < bArr.length; i3++) {
            bArr2[i3 + 8] = bArr[i3];
            if (i3 == 23) {
                break;
            }
        }
        return new String(B64Code.encode(bArr2));
    }

    public void sendChallenge(UserRealm userRealm, Request request, Response response, boolean z2) {
        String str;
        String contextPath = request.getContextPath();
        if (contextPath == null) {
            contextPath = "/";
        }
        StringBuffer stringBuffer = new StringBuffer("Digest realm=\"");
        stringBuffer.append(userRealm.getName());
        stringBuffer.append("\", domain=\"");
        stringBuffer.append(contextPath);
        stringBuffer.append("\", nonce=\"");
        stringBuffer.append(newNonce(request));
        stringBuffer.append("\", algorithm=MD5, qop=\"auth\"");
        if (this.f9293c) {
            StringBuffer stringBuffer2 = new StringBuffer(" stale=");
            stringBuffer2.append(z2);
            str = stringBuffer2.toString();
        } else {
            str = "";
        }
        stringBuffer.append(str);
        response.setHeader("WWW-Authenticate", stringBuffer.toString());
        response.sendError(401);
    }

    public void setMaxNonceAge(long j) {
        this.f9292a = j;
    }

    public void setNonceSecret(long j) {
        this.b = j;
    }

    public void setUseStale(boolean z2) {
        this.f9293c = z2;
    }
}
