package c;

import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.Objects;
import org.apache.commons.logging.LogFactory;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.Oid;

/* loaded from: classes.dex */
public abstract class yg3 extends tg3 {
    public final boolean R;
    public final boolean S;
    public byte[] U;
    public final j83 P = LogFactory.getLog(getClass());
    public final d83 Q = new d83(0);
    public a T = a.UNINITIATED;

    /* loaded from: classes.dex */
    public enum a {
        UNINITIATED,
        CHALLENGE_RECEIVED,
        TOKEN_GENERATED,
        FAILED
    }

    public yg3(boolean z, boolean z2) {
        this.R = z;
        this.S = z2;
    }

    @Override // c.tg3, c.tb3
    public fa3 a(ub3 ub3Var, qa3 qa3Var, sm3 sm3Var) throws qb3 {
        na3 na3Var;
        mz2.S(qa3Var, "HTTP request");
        int ordinal = this.T.ordinal();
        if (ordinal == 0) {
            throw new qb3(g() + " authentication has not been initiated");
        }
        if (ordinal == 1) {
            try {
                ve3 ve3Var = (ve3) sm3Var.getAttribute("http.route");
                if (ve3Var == null) {
                    throw new qb3("Connection route is not available");
                }
                if (h()) {
                    na3Var = ve3Var.d();
                    if (na3Var == null) {
                        na3Var = ve3Var.O;
                    }
                } else {
                    na3Var = ve3Var.O;
                }
                String str = na3Var.O;
                if (this.S) {
                    try {
                        InetAddress byName = InetAddress.getByName(str);
                        String canonicalHostName = byName.getCanonicalHostName();
                        if (!byName.getHostAddress().contentEquals(canonicalHostName)) {
                            str = canonicalHostName;
                        }
                    } catch (UnknownHostException unused) {
                    }
                }
                if (!this.R) {
                    str = str + ":" + na3Var.Q;
                }
                if (this.P.d()) {
                    this.P.a("init " + str);
                }
                this.U = l(this.U, str, ub3Var);
                this.T = a.TOKEN_GENERATED;
            } catch (GSSException e) {
                this.T = a.FAILED;
                if (e.getMajor() == 9 || e.getMajor() == 8) {
                    throw new vb3(e.getMessage(), e);
                }
                if (e.getMajor() == 13) {
                    throw new vb3(e.getMessage(), e);
                }
                if (e.getMajor() == 10 || e.getMajor() == 19 || e.getMajor() == 20) {
                    throw new qb3(e.getMessage(), e);
                }
                throw new qb3(e.getMessage());
            }
        } else if (ordinal != 2) {
            if (ordinal != 3) {
                StringBuilder D = y9.D("Illegal state: ");
                D.append(this.T);
                throw new IllegalStateException(D.toString());
            }
            throw new qb3(g() + " authentication has failed");
        }
        d83 d83Var = this.Q;
        byte[] bArr = this.U;
        Objects.requireNonNull(d83Var);
        String str2 = new String(d83.b(bArr, false));
        if (this.P.d()) {
            this.P.a("Sending response '" + str2 + "' back to the auth server");
        }
        cn3 cn3Var = new cn3(32);
        if (h()) {
            cn3Var.b("Proxy-Authorization");
        } else {
            cn3Var.b("Authorization");
        }
        cn3Var.b(": Negotiate ");
        cn3Var.b(str2);
        return new dm3(cn3Var);
    }

    @Override // c.jb3
    @Deprecated
    public fa3 b(ub3 ub3Var, qa3 qa3Var) throws qb3 {
        return a(ub3Var, qa3Var, null);
    }

    @Override // c.jb3
    public boolean f() {
        a aVar = this.T;
        return aVar == a.TOKEN_GENERATED || aVar == a.FAILED;
    }

    @Override // c.tg3
    public void i(cn3 cn3Var, int i, int i2) throws xb3 {
        String i3 = cn3Var.i(i, i2);
        if (this.P.d()) {
            this.P.a("Received challenge '" + i3 + "' from the auth server");
        }
        if (this.T == a.UNINITIATED) {
            this.U = d83.a(i3.getBytes());
            this.T = a.CHALLENGE_RECEIVED;
        } else {
            this.P.a("Authentication already attempted");
            this.T = a.FAILED;
        }
    }

    public GSSContext j(GSSManager gSSManager, Oid oid, GSSName gSSName, GSSCredential gSSCredential) throws GSSException {
        GSSContext createContext = gSSManager.createContext(gSSName.canonicalize(oid), oid, (GSSCredential) null, 0);
        createContext.requestMutualAuth(true);
        return createContext;
    }

    public byte[] k(byte[] bArr, Oid oid, String str, ub3 ub3Var) throws GSSException {
        GSSManager m = m();
        GSSName createName = m.createName(y9.r("HTTP@", str), GSSName.NT_HOSTBASED_SERVICE);
        if (ub3Var instanceof wb3) {
            Objects.requireNonNull((wb3) ub3Var);
        }
        GSSContext j = j(m, oid, createName, null);
        return bArr != null ? j.initSecContext(bArr, 0, bArr.length) : j.initSecContext(new byte[0], 0, 0);
    }

    public abstract byte[] l(byte[] bArr, String str, ub3 ub3Var) throws GSSException;

    public GSSManager m() {
        return GSSManager.getInstance();
    }
}
