package org.eclipse.jetty.security.authentication;

import com.xiaomi.mipush.sdk.Constants;
import java.io.IOException;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.SecureRandom;
import java.util.BitSet;
import java.util.Queue;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentLinkedQueue;
import java.util.concurrent.ConcurrentMap;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import nl.a0;
import nl.w;
import org.eclipse.jetty.http.HttpHeader;
import org.eclipse.jetty.http.HttpTokens;
import org.eclipse.jetty.security.AbstractUserAuthentication;
import org.eclipse.jetty.security.ServerAuthException;
import org.eclipse.jetty.security.a;
import org.eclipse.jetty.server.Authentication;
import org.eclipse.jetty.server.a1;
import org.eclipse.jetty.server.n0;
import org.eclipse.jetty.util.h;
import org.eclipse.jetty.util.m0;
import org.eclipse.jetty.util.security.Credential;
import org.eclipse.jetty.util.t0;

/* loaded from: classes3.dex */
public class DigestAuthenticator extends d {

    /* renamed from: j, reason: collision with root package name */
    public static final xm.e f49005j = xm.d.c(DigestAuthenticator.class);

    /* renamed from: e, reason: collision with root package name */
    public SecureRandom f49006e = new SecureRandom();

    /* renamed from: f, reason: collision with root package name */
    public long f49007f = 60000;

    /* renamed from: g, reason: collision with root package name */
    public int f49008g = 1024;

    /* renamed from: h, reason: collision with root package name */
    public ConcurrentMap<String, a> f49009h = new ConcurrentHashMap();

    /* renamed from: i, reason: collision with root package name */
    public Queue<a> f49010i = new ConcurrentLinkedQueue();

    /* loaded from: classes3.dex */
    public static class Digest extends Credential {
        private static final long serialVersionUID = -2484639019549527724L;
        final String method;
        String username = "";
        String realm = "";
        String nonce = "";

        /* renamed from: nc, reason: collision with root package name */
        String f49011nc = "";
        String cnonce = "";
        String qop = "";
        String uri = "";
        String response = "";

        public Digest(String str) {
            this.method = str;
        }

        @Override // org.eclipse.jetty.util.security.Credential
        public boolean c(Object obj) {
            byte[] digest;
            if (obj instanceof char[]) {
                obj = new String((char[]) obj);
            }
            String obj2 = obj instanceof String ? (String) obj : obj.toString();
            try {
                MessageDigest messageDigest = MessageDigest.getInstance("MD5");
                if (obj instanceof Credential.MD5) {
                    digest = ((Credential.MD5) obj).g();
                } else {
                    String str = this.username;
                    Charset charset = StandardCharsets.ISO_8859_1;
                    messageDigest.update(str.getBytes(charset));
                    messageDigest.update(HttpTokens.f48710a);
                    messageDigest.update(this.realm.getBytes(charset));
                    messageDigest.update(HttpTokens.f48710a);
                    messageDigest.update(obj2.getBytes(charset));
                    digest = messageDigest.digest();
                }
                messageDigest.reset();
                String str2 = this.method;
                Charset charset2 = StandardCharsets.ISO_8859_1;
                messageDigest.update(str2.getBytes(charset2));
                messageDigest.update(HttpTokens.f48710a);
                messageDigest.update(this.uri.getBytes(charset2));
                byte[] digest2 = messageDigest.digest();
                messageDigest.update(t0.w(digest, 16).getBytes(charset2));
                messageDigest.update(HttpTokens.f48710a);
                messageDigest.update(this.nonce.getBytes(charset2));
                messageDigest.update(HttpTokens.f48710a);
                messageDigest.update(this.f49011nc.getBytes(charset2));
                messageDigest.update(HttpTokens.f48710a);
                messageDigest.update(this.cnonce.getBytes(charset2));
                messageDigest.update(HttpTokens.f48710a);
                messageDigest.update(this.qop.getBytes(charset2));
                messageDigest.update(HttpTokens.f48710a);
                messageDigest.update(t0.w(digest2, 16).getBytes(charset2));
                String lowerCase = t0.w(messageDigest.digest(), 16).toLowerCase();
                String str3 = this.response;
                return Credential.e(lowerCase, str3 == null ? null : str3.toLowerCase());
            } catch (Exception e10) {
                DigestAuthenticator.f49005j.n(e10);
                return false;
            }
        }

        public String toString() {
            return this.username + Constants.ACCEPT_TIME_SEPARATOR_SP + this.response;
        }
    }

    /* loaded from: classes3.dex */
    public static class a {

        /* renamed from: a, reason: collision with root package name */
        public final String f49012a;

        /* renamed from: b, reason: collision with root package name */
        public final long f49013b;

        /* renamed from: c, reason: collision with root package name */
        public final BitSet f49014c;

        public a(String str, long j10, int i10) {
            this.f49012a = str;
            this.f49013b = j10;
            this.f49014c = new BitSet(i10);
        }

        public boolean a(int i10) {
            synchronized (this) {
                try {
                    if (i10 >= this.f49014c.size()) {
                        return true;
                    }
                    boolean z10 = this.f49014c.get(i10);
                    this.f49014c.set(i10);
                    return z10;
                } catch (Throwable th2) {
                    throw th2;
                }
            }
        }
    }

    @Override // org.eclipse.jetty.security.a
    public Authentication b(w wVar, a0 a0Var, boolean z10) throws ServerAuthException {
        if (!z10) {
            return new c(this);
        }
        HttpServletRequest httpServletRequest = (HttpServletRequest) wVar;
        HttpServletResponse httpServletResponse = (HttpServletResponse) a0Var;
        String n10 = httpServletRequest.n(HttpHeader.AUTHORIZATION.a());
        boolean z11 = false;
        if (n10 != null) {
            try {
                xm.e eVar = f49005j;
                if (eVar.b()) {
                    eVar.d("Credentials: ".concat(n10), new Object[0]);
                }
                m0 m0Var = new m0(n10, "=, ", true, false);
                Digest digest = new Digest(httpServletRequest.l());
                String str = null;
                String str2 = null;
                while (m0Var.hasMoreTokens()) {
                    String nextToken = m0Var.nextToken();
                    char charAt = nextToken.length() == 1 ? nextToken.charAt(0) : (char) 0;
                    if (charAt != ' ') {
                        if (charAt != ',') {
                            if (charAt == '=') {
                                str2 = str;
                            } else if (str2 != null) {
                                if ("username".equalsIgnoreCase(str2)) {
                                    digest.username = nextToken;
                                } else if ("realm".equalsIgnoreCase(str2)) {
                                    digest.realm = nextToken;
                                } else if ("nonce".equalsIgnoreCase(str2)) {
                                    digest.nonce = nextToken;
                                } else if ("nc".equalsIgnoreCase(str2)) {
                                    digest.f49011nc = nextToken;
                                } else if ("cnonce".equalsIgnoreCase(str2)) {
                                    digest.cnonce = nextToken;
                                } else if ("qop".equalsIgnoreCase(str2)) {
                                    digest.qop = nextToken;
                                } else if ("uri".equalsIgnoreCase(str2)) {
                                    digest.uri = nextToken;
                                } else if ("response".equalsIgnoreCase(str2)) {
                                    digest.response = nextToken;
                                }
                                str2 = null;
                            }
                            str = nextToken;
                        } else {
                            str2 = null;
                        }
                    }
                }
                int i10 = i(digest, (n0) httpServletRequest);
                if (i10 > 0) {
                    a1 f10 = f(digest.username, digest, wVar);
                    if (f10 != null) {
                        return new AbstractUserAuthentication(j(), f10);
                    }
                } else if (i10 == 0) {
                    z11 = true;
                }
            } catch (IOException e10) {
                throw new GeneralSecurityException(e10);
            }
        }
        if (c.e(httpServletResponse)) {
            return Authentication.f49122p1;
        }
        String m10 = httpServletRequest.m();
        if (m10 == null) {
            m10 = "/";
        }
        httpServletResponse.F(HttpHeader.WWW_AUTHENTICATE.a(), "Digest realm=\"" + this.f49051a.getName() + "\", domain=\"" + m10 + "\", nonce=\"" + m((n0) httpServletRequest) + "\", algorithm=MD5, qop=\"auth\", stale=" + z11);
        httpServletResponse.C(401);
        return Authentication.f49124r1;
    }

    @Override // org.eclipse.jetty.security.a
    public boolean c(w wVar, a0 a0Var, boolean z10, Authentication.k kVar) throws ServerAuthException {
        return true;
    }

    @Override // org.eclipse.jetty.security.authentication.d, org.eclipse.jetty.security.a
    public void d(a.InterfaceC0591a interfaceC0591a) {
        super.d(interfaceC0591a);
        String a10 = interfaceC0591a.a("maxNonceAge");
        if (a10 != null) {
            this.f49007f = Long.valueOf(a10).longValue();
        }
        String a11 = interfaceC0591a.a("maxNonceCount");
        if (a11 != null) {
            this.f49008g = Integer.valueOf(a11).intValue();
        }
    }

    public final int i(Digest digest, n0 n0Var) {
        long M0 = n0Var.M0() - this.f49007f;
        a peek = this.f49010i.peek();
        while (peek != null && peek.f49013b < M0) {
            this.f49010i.remove(peek);
            this.f49009h.remove(peek.f49012a);
            peek = this.f49010i.peek();
        }
        try {
            a aVar = this.f49009h.get(digest.nonce);
            if (aVar == null) {
                return 0;
            }
            long parseLong = Long.parseLong(digest.f49011nc, 16);
            if (parseLong >= this.f49008g) {
                return 0;
            }
            return aVar.a((int) parseLong) ? -1 : 1;
        } catch (Exception e10) {
            f49005j.l(e10);
            return -1;
        }
    }

    @Override // org.eclipse.jetty.security.a
    public String j() {
        return "DIGEST";
    }

    public long k() {
        return this.f49007f;
    }

    public int l() {
        return this.f49008g;
    }

    public String m(n0 n0Var) {
        a aVar;
        do {
            byte[] bArr = new byte[24];
            this.f49006e.nextBytes(bArr);
            aVar = new a(new String(h.k(bArr)), n0Var.M0(), this.f49008g);
        } while (this.f49009h.putIfAbsent(aVar.f49012a, aVar) != null);
        this.f49010i.add(aVar);
        return aVar.f49012a;
    }

    public synchronized void n(long j10) {
        this.f49007f = j10;
    }

    public void o(int i10) {
        this.f49008g = i10;
    }
}
