package org.eclipse.jetty.security.authentication;

import com.tencent.connect.common.Constants;
import java.io.IOException;
import java.security.MessageDigest;
import java.security.SecureRandom;
import java.util.BitSet;
import java.util.Properties;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentLinkedQueue;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.eclipse.jetty.security.ServerAuthException;
import org.eclipse.jetty.util.l;
import org.eclipse.jetty.util.o;
import org.eclipse.jetty.util.security.Constraint;
import org.eclipse.jetty.util.security.Credential;
import ud.a;
import ud.h;

/* compiled from: DigestAuthenticator.java */
/* loaded from: classes7.dex */
public final class d extends f {
    public static final ce.c h;
    public final SecureRandom c = new SecureRandom();
    public long d = 60000;
    public final int e = 1024;
    public final ConcurrentHashMap f = new ConcurrentHashMap();

    /* renamed from: g, reason: collision with root package name */
    public final ConcurrentLinkedQueue f29518g = new ConcurrentLinkedQueue();

    /* compiled from: DigestAuthenticator.java */
    /* loaded from: classes7.dex */
    public static class a extends Credential {
        private static final long serialVersionUID = -2484639019549527724L;
        final String method;
        String username = "";
        String realm = "";
        String nonce = "";

        /* renamed from: nc, reason: collision with root package name */
        String f29519nc = "";
        String cnonce = "";
        String qop = "";
        String uri = "";
        String response = "";

        public a(String str) {
            this.method = str;
        }

        @Override // org.eclipse.jetty.util.security.Credential
        public final boolean check(Object obj) {
            byte[] digest;
            if (obj instanceof char[]) {
                obj = new String((char[]) obj);
            }
            String obj2 = obj instanceof String ? (String) obj : obj.toString();
            try {
                MessageDigest messageDigest = MessageDigest.getInstance("MD5");
                if (obj instanceof Credential.MD5) {
                    digest = ((Credential.MD5) obj).getDigest();
                } else {
                    messageDigest.update(this.username.getBytes("ISO-8859-1"));
                    messageDigest.update((byte) 58);
                    messageDigest.update(this.realm.getBytes("ISO-8859-1"));
                    messageDigest.update((byte) 58);
                    messageDigest.update(obj2.getBytes("ISO-8859-1"));
                    digest = messageDigest.digest();
                }
                messageDigest.reset();
                messageDigest.update(this.method.getBytes("ISO-8859-1"));
                messageDigest.update((byte) 58);
                messageDigest.update(this.uri.getBytes("ISO-8859-1"));
                byte[] digest2 = messageDigest.digest();
                messageDigest.update(o.g(digest).getBytes("ISO-8859-1"));
                messageDigest.update((byte) 58);
                messageDigest.update(this.nonce.getBytes("ISO-8859-1"));
                messageDigest.update((byte) 58);
                messageDigest.update(this.f29519nc.getBytes("ISO-8859-1"));
                messageDigest.update((byte) 58);
                messageDigest.update(this.cnonce.getBytes("ISO-8859-1"));
                messageDigest.update((byte) 58);
                messageDigest.update(this.qop.getBytes("ISO-8859-1"));
                messageDigest.update((byte) 58);
                messageDigest.update(o.g(digest2).getBytes("ISO-8859-1"));
                return o.g(messageDigest.digest()).equalsIgnoreCase(this.response);
            } catch (Exception e) {
                d.h.k(e);
                return false;
            }
        }

        public final String toString() {
            return this.username + "," + this.response;
        }
    }

    /* compiled from: DigestAuthenticator.java */
    /* loaded from: classes7.dex */
    public static class b {

        /* renamed from: a, reason: collision with root package name */
        public final String f29520a;
        public final long b;
        public final BitSet c;

        public b(String str, long j10, int i10) {
            this.f29520a = str;
            this.b = j10;
            this.c = new BitSet(i10);
        }
    }

    static {
        Properties properties = ce.b.f1559a;
        h = ce.b.b(d.class.getName());
    }

    @Override // ud.a
    public final vd.d a(ServletRequest servletRequest, ServletResponse servletResponse, boolean z6) {
        if (!z6) {
            return new c(this);
        }
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String header = httpServletRequest.getHeader("Authorization");
        boolean z10 = false;
        if (header != null) {
            try {
                ce.c cVar = h;
                if (cVar.c()) {
                    cVar.a("Credentials: ".concat(header), new Object[0]);
                }
                l lVar = new l(header, "=, ", true, false);
                a aVar = new a(httpServletRequest.getMethod());
                String str = null;
                String str2 = null;
                while (lVar.hasMoreTokens()) {
                    String nextToken = lVar.nextToken();
                    char charAt = nextToken.length() == 1 ? nextToken.charAt(0) : (char) 0;
                    if (charAt != ' ') {
                        if (charAt != ',') {
                            if (charAt == '=') {
                                str2 = str;
                            } else if (str2 != null) {
                                if ("username".equalsIgnoreCase(str2)) {
                                    aVar.username = nextToken;
                                } else if ("realm".equalsIgnoreCase(str2)) {
                                    aVar.realm = nextToken;
                                } else if (Constants.NONCE.equalsIgnoreCase(str2)) {
                                    aVar.nonce = nextToken;
                                } else if ("nc".equalsIgnoreCase(str2)) {
                                    aVar.f29519nc = nextToken;
                                } else if ("cnonce".equalsIgnoreCase(str2)) {
                                    aVar.cnonce = nextToken;
                                } else if ("qop".equalsIgnoreCase(str2)) {
                                    aVar.qop = nextToken;
                                } else if ("uri".equalsIgnoreCase(str2)) {
                                    aVar.uri = nextToken;
                                } else if ("response".equalsIgnoreCase(str2)) {
                                    aVar.response = nextToken;
                                }
                                str2 = null;
                            }
                            str = nextToken;
                        } else {
                            str2 = null;
                        }
                    }
                }
                int e = e(aVar, (vd.l) httpServletRequest);
                if (e > 0) {
                    d(aVar.username, aVar);
                } else if (e == 0) {
                    z10 = true;
                }
            } catch (IOException e10) {
                throw new ServerAuthException(e10);
            }
        }
        if (c.b(httpServletResponse)) {
            return vd.d.f31215d0;
        }
        String contextPath = httpServletRequest.getContextPath();
        if (contextPath == null) {
            contextPath = "/";
        }
        httpServletResponse.setHeader("WWW-Authenticate", "Digest realm=\"" + this.f29522a.getName() + "\", domain=\"" + contextPath + "\", nonce=\"" + f((vd.l) httpServletRequest) + "\", algorithm=MD5, qop=\"auth\", stale=" + z10);
        httpServletResponse.sendError(401);
        return vd.d.f31217f0;
    }

    @Override // org.eclipse.jetty.security.authentication.f, ud.a
    public final void b(a.InterfaceC0973a interfaceC0973a) {
        super.b(interfaceC0973a);
        String W = ((h) interfaceC0973a).W("maxNonceAge");
        if (W != null) {
            this.d = Long.valueOf(W).longValue();
        }
    }

    @Override // ud.a
    public final void c() {
    }

    public final int e(a aVar, vd.l lVar) {
        boolean z6;
        long j10 = lVar.B - this.d;
        b bVar = (b) this.f29518g.peek();
        while (bVar != null && bVar.b < j10) {
            this.f29518g.remove(bVar);
            this.f.remove(bVar.f29520a);
            bVar = (b) this.f29518g.peek();
        }
        try {
            b bVar2 = (b) this.f.get(aVar.nonce);
            if (bVar2 == null) {
                return 0;
            }
            long parseLong = Long.parseLong(aVar.f29519nc, 16);
            if (parseLong >= this.e) {
                return 0;
            }
            int i10 = (int) parseLong;
            synchronized (bVar2) {
                if (i10 >= bVar2.c.size()) {
                    z6 = true;
                } else {
                    z6 = bVar2.c.get(i10);
                    bVar2.c.set(i10);
                }
            }
            return z6 ? -1 : 1;
        } catch (Exception e) {
            h.g(e);
            return -1;
        }
    }

    public final String f(vd.l lVar) {
        b bVar;
        String str;
        do {
            byte[] bArr = new byte[24];
            this.c.nextBytes(bArr);
            str = new String(org.eclipse.jetty.util.c.c(bArr));
            bVar = new b(str, lVar.B, this.e);
        } while (this.f.putIfAbsent(str, bVar) != null);
        this.f29518g.add(bVar);
        return str;
    }

    @Override // ud.a
    public final String getAuthMethod() {
        return Constraint.__DIGEST_AUTH;
    }
}
