package org.restlet.ext.crypto.internal;

import java.io.IOException;
import java.util.Iterator;
import java.util.logging.Level;
import org.restlet.Context;
import org.restlet.Request;
import org.restlet.Response;
import org.restlet.data.ChallengeRequest;
import org.restlet.data.ChallengeResponse;
import org.restlet.data.ChallengeScheme;
import org.restlet.data.Parameter;
import org.restlet.data.Reference;
import org.restlet.engine.http.header.HeaderBuilder;
import org.restlet.engine.http.header.HeaderReader;
import org.restlet.engine.http.header.HeaderUtils;
import org.restlet.engine.security.AuthenticatorHelper;
import org.restlet.engine.security.AuthenticatorUtils;
import org.restlet.engine.util.Base64;
import org.restlet.ext.crypto.DigestUtils;
import org.restlet.security.Guard;
import org.restlet.util.Series;

/* loaded from: input_file:org/restlet/ext/crypto/internal/HttpDigestHelper.class */
public class HttpDigestHelper extends AuthenticatorHelper {
    @Deprecated
    private static String getHashedSecret(String str, Guard guard) {
        char[] cArr = (char[]) guard.getSecretResolver().resolve(str);
        if (cArr != null) {
            return DigestUtils.toHttpDigest(str, cArr, guard.getRealm());
        }
        return null;
    }

    public static boolean isNonceValid(String str, String str2, long j) throws Exception {
        try {
            String str3 = new String(Base64.decode(str));
            long parseLong = Long.parseLong(str3.substring(0, str3.indexOf(58)));
            if (str3.equals(parseLong + ":" + DigestUtils.toMd5(parseLong + ":" + str2))) {
                return j > System.currentTimeMillis() - parseLong;
            }
            throw new Exception("The nonce does not match secretKey");
        } catch (Exception e) {
            throw new Exception("Error detected parsing nonce: " + e);
        }
    }

    public HttpDigestHelper() {
        super(ChallengeScheme.HTTP_DIGEST, true, true);
    }

    @Deprecated
    public int authenticate(ChallengeResponse challengeResponse, Request request, Guard guard) {
        String hashedSecret;
        Series parameters = challengeResponse.getParameters();
        String identifier = challengeResponse.getIdentifier();
        String str = new String(challengeResponse.getSecret());
        String firstValue = parameters.getFirstValue("nonce");
        String firstValue2 = parameters.getFirstValue("uri");
        String firstValue3 = parameters.getFirstValue("qop");
        String firstValue4 = parameters.getFirstValue("nc");
        String firstValue5 = parameters.getFirstValue("cnonce");
        try {
            if (!isNonceValid(firstValue, guard.getServerKey(), guard.getNonceLifespan())) {
                return 2;
            }
            if (AuthenticatorUtils.anyNull(new Object[]{identifier, firstValue, str, firstValue2})) {
                return 0;
            }
            Reference resourceRef = request.getResourceRef();
            String path = resourceRef.getPath();
            if (resourceRef.getQuery() != null && firstValue2.indexOf(63) > -1) {
                path = path + "?" + resourceRef.getQuery();
            }
            if (!firstValue2.equals(path) || (hashedSecret = getHashedSecret(identifier, guard)) == null) {
                return -1;
            }
            String md5 = DigestUtils.toMd5(request.getMethod() + ":" + path);
            StringBuffer append = new StringBuffer(hashedSecret).append(':').append(firstValue);
            if (!AuthenticatorUtils.anyNull(new Object[]{firstValue3, firstValue5, firstValue4})) {
                append.append(':').append(firstValue4).append(':').append(firstValue5).append(':').append(firstValue3);
            }
            append.append(':').append(md5);
            return str.equals(DigestUtils.toMd5(append.toString())) ? 1 : -1;
        } catch (Exception e) {
            return -1;
        }
    }

    @Deprecated
    public void challenge(Response response, boolean z, Guard guard) {
        super.challenge(response, z, guard);
        ChallengeRequest challengeRequest = null;
        Iterator it = response.getChallengeRequests().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            ChallengeRequest challengeRequest2 = (ChallengeRequest) it.next();
            if (challengeRequest2.getScheme().equals(guard.getScheme())) {
                challengeRequest = challengeRequest2;
                break;
            }
        }
        if (challengeRequest != null) {
            challengeRequest.setDomainUris(guard.getDomainUris());
            challengeRequest.setStale(z);
            challengeRequest.setServerNonce(CryptoUtils.makeNonce(guard.getServerKey()));
        }
    }

    public void formatRawRequest(HeaderBuilder headerBuilder, ChallengeRequest challengeRequest, Response response, Series<Parameter> series) throws IOException {
        if (challengeRequest.getRealm() != null) {
            headerBuilder.appendQuotedParameter("realm", challengeRequest.getRealm());
        }
        if (!challengeRequest.getDomainRefs().isEmpty()) {
            headerBuilder.append(", domain=\"");
            for (int i = 0; i < challengeRequest.getDomainRefs().size(); i++) {
                if (i > 0) {
                    headerBuilder.append(' ');
                }
                headerBuilder.append(((Reference) challengeRequest.getDomainRefs().get(i)).toString());
            }
            headerBuilder.append('\"');
        }
        if (challengeRequest.getServerNonce() != null) {
            headerBuilder.appendQuotedParameter("nonce", challengeRequest.getServerNonce());
        }
        if (challengeRequest.getOpaque() != null) {
            headerBuilder.appendQuotedParameter("opaque", challengeRequest.getOpaque());
        }
        if (challengeRequest.isStale()) {
            headerBuilder.appendParameter("stale", "true");
        }
        if (challengeRequest.getDigestAlgorithm() != null) {
            headerBuilder.appendParameter("algorithm", challengeRequest.getDigestAlgorithm());
        }
        if (!challengeRequest.getQualityOptions().isEmpty()) {
            headerBuilder.append(", qop=\"");
            for (int i2 = 0; i2 < challengeRequest.getQualityOptions().size(); i2++) {
                if (i2 > 0) {
                    headerBuilder.append(',');
                }
                headerBuilder.appendToken(((String) challengeRequest.getQualityOptions().get(i2)).toString());
            }
            headerBuilder.append('\"');
        }
        Iterator it = challengeRequest.getParameters().iterator();
        while (it.hasNext()) {
            Parameter parameter = (Parameter) it.next();
            if (HeaderUtils.isToken(parameter.getValue())) {
                headerBuilder.appendParameter(parameter);
            } else {
                headerBuilder.appendQuotedParameter(parameter);
            }
        }
    }

    public void formatRawResponse(HeaderBuilder headerBuilder, ChallengeResponse challengeResponse, Request request, Series<Parameter> series) throws IOException {
        if (challengeResponse.getIdentifier() != null) {
            headerBuilder.appendQuotedParameter("username", challengeResponse.getIdentifier());
        }
        if (challengeResponse.getRealm() != null) {
            headerBuilder.appendQuotedParameter("realm", challengeResponse.getRealm());
        }
        if (challengeResponse.getServerNonce() != null) {
            headerBuilder.appendQuotedParameter("nonce", challengeResponse.getServerNonce());
        }
        if (challengeResponse.getDigestRef() != null) {
            headerBuilder.appendQuotedParameter("uri", challengeResponse.getDigestRef().toString());
        }
        if (challengeResponse.getSecret() != null) {
            headerBuilder.appendQuotedParameter("response", new String(challengeResponse.getSecret()));
        }
        if (challengeResponse.getDigestAlgorithm() != null && !"MD5".equals(challengeResponse.getDigestAlgorithm())) {
            headerBuilder.appendParameter("algorithm", challengeResponse.getDigestAlgorithm());
        }
        if (challengeResponse.getClientNonce() != null) {
            headerBuilder.appendQuotedParameter("cnonce", challengeResponse.getClientNonce());
        }
        if (challengeResponse.getOpaque() != null) {
            headerBuilder.appendQuotedParameter("opaque", challengeResponse.getOpaque());
        }
        if (challengeResponse.getQuality() != null) {
            headerBuilder.appendParameter("qop", challengeResponse.getQuality());
        }
        if (challengeResponse.getQuality() != null && challengeResponse.getServerNounceCount() > 0) {
            headerBuilder.appendParameter("nc", challengeResponse.getServerNounceCountAsHex());
        }
        Iterator it = challengeResponse.getParameters().iterator();
        while (it.hasNext()) {
            Parameter parameter = (Parameter) it.next();
            if (HeaderUtils.isToken(parameter.getValue())) {
                headerBuilder.appendParameter(parameter);
            } else {
                headerBuilder.appendQuotedParameter(parameter);
            }
        }
    }

    public char[] formatSecret(ChallengeResponse challengeResponse, Request request, Response response, String str, char[] cArr, String str2) {
        String str3 = null;
        if ("HTTP-DIGEST-A1".equals(str2)) {
            new String(cArr);
        } else if (!AuthenticatorUtils.anyNull(new Object[]{challengeResponse.getIdentifier(), cArr, challengeResponse.getRealm()})) {
            str3 = DigestUtils.toHttpDigest(str, cArr, challengeResponse.getRealm());
        }
        if (str3 == null) {
            return null;
        }
        String md5 = DigestUtils.toMd5(request.getMethod() + ":" + challengeResponse.getDigestRef().toString());
        StringBuilder append = new StringBuilder().append(str3).append(':').append(challengeResponse.getServerNonce());
        if (!AuthenticatorUtils.anyNull(new Object[]{challengeResponse.getQuality(), challengeResponse.getClientNonce(), Integer.valueOf(challengeResponse.getServerNounceCount())})) {
            append.append(':').append(AuthenticatorUtils.formatNonceCount(challengeResponse.getServerNounceCount())).append(':').append(challengeResponse.getClientNonce()).append(':').append(challengeResponse.getQuality());
        }
        append.append(':').append(md5);
        return DigestUtils.toMd5(append.toString()).toCharArray();
    }

    public void parseRequest(ChallengeRequest challengeRequest, Response response, Series<Parameter> series) {
        if (challengeRequest.getRawValue() != null) {
            HeaderReader headerReader = new HeaderReader(challengeRequest.getRawValue());
            try {
                Parameter readParameter = headerReader.readParameter();
                while (readParameter != null) {
                    try {
                        if ("realm".equals(readParameter.getName())) {
                            challengeRequest.setRealm(readParameter.getValue());
                        } else if ("domain".equals(readParameter.getName())) {
                            challengeRequest.getDomainRefs().add(new Reference(readParameter.getValue()));
                        } else if ("nonce".equals(readParameter.getName())) {
                            challengeRequest.setServerNonce(readParameter.getValue());
                        } else if ("opaque".equals(readParameter.getName())) {
                            challengeRequest.setOpaque(readParameter.getValue());
                        } else if ("stale".equals(readParameter.getName())) {
                            challengeRequest.setStale(Boolean.valueOf(readParameter.getValue()).booleanValue());
                        } else if ("algorithm".equals(readParameter.getName())) {
                            challengeRequest.setDigestAlgorithm(readParameter.getValue());
                        } else if (!"qop".equals(readParameter.getName())) {
                            challengeRequest.getParameters().add(readParameter);
                        }
                        readParameter = headerReader.readParameter();
                    } catch (Exception e) {
                        Context.getCurrentLogger().log(Level.WARNING, "Unable to parse the challenge request header parameter", (Throwable) e);
                    }
                }
            } catch (Exception e2) {
                Context.getCurrentLogger().log(Level.WARNING, "Unable to parse the challenge request header parameter", (Throwable) e2);
            }
        }
    }

    public void parseResponse(ChallengeResponse challengeResponse, Request request, Series<Parameter> series) {
        if (challengeResponse.getCredentials() != null) {
            HeaderReader headerReader = new HeaderReader(challengeResponse.getCredentials());
            try {
                Parameter readParameter = headerReader.readParameter();
                while (readParameter != null) {
                    try {
                        if ("username".equals(readParameter.getName())) {
                            challengeResponse.setIdentifier(readParameter.getValue());
                        } else if ("realm".equals(readParameter.getName())) {
                            challengeResponse.setRealm(readParameter.getValue());
                        } else if ("nonce".equals(readParameter.getName())) {
                            challengeResponse.setServerNonce(readParameter.getValue());
                        } else if ("uri".equals(readParameter.getName())) {
                            challengeResponse.setDigestRef(new Reference(readParameter.getValue()));
                        } else if ("response".equals(readParameter.getName())) {
                            challengeResponse.setSecret(readParameter.getValue());
                        } else if ("algorithm".equals(readParameter.getName())) {
                            challengeResponse.setDigestAlgorithm(readParameter.getValue());
                        } else if ("cnonce".equals(readParameter.getName())) {
                            challengeResponse.setClientNonce(readParameter.getValue());
                        } else if ("opaque".equals(readParameter.getName())) {
                            challengeResponse.setOpaque(readParameter.getValue());
                        } else if ("qop".equals(readParameter.getName())) {
                            challengeResponse.setQuality(readParameter.getValue());
                        } else if ("nc".equals(readParameter.getName())) {
                            challengeResponse.setServerNounceCount(Integer.valueOf(readParameter.getValue()).intValue());
                        } else {
                            challengeResponse.getParameters().add(readParameter);
                        }
                        readParameter = headerReader.readParameter();
                    } catch (Exception e) {
                        Context.getCurrentLogger().log(Level.WARNING, "Unable to parse the challenge request header parameter", (Throwable) e);
                    }
                }
            } catch (Exception e2) {
                Context.getCurrentLogger().log(Level.WARNING, "Unable to parse the challenge request header parameter", (Throwable) e2);
            }
        }
    }
}
