package org.apache.cxf.transport.http.auth;

import com.evolveum.midpoint.web.page.admin.certification.dto.CertWorkItemDto;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import org.apache.cxf.configuration.security.AuthorizationPolicy;
import org.apache.cxf.message.Message;
import org.apache.naming.ResourceRef;
import ro.isdc.wro.model.resource.locator.UrlUriLocator;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/cxf-rt-transports-http-3.3.1.jar:org/apache/cxf/transport/http/auth/DigestAuthSupplier.class
 */
/* loaded from: input_file:WEB-INF/lib/connector-ldap-2.4.1.jar:lib/cxf-rt-transports-http-3.1.12.e1.jar:org/apache/cxf/transport/http/auth/DigestAuthSupplier.class */
public class DigestAuthSupplier implements HttpAuthSupplier {
    private static final char[] HEXADECIMAL = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'};
    final MessageDigest md5Helper;
    Map<URI, DigestInfo> authInfo = new ConcurrentHashMap();

    /* JADX WARN: Classes with same name are omitted:
      input_file:WEB-INF/lib/cxf-rt-transports-http-3.3.1.jar:org/apache/cxf/transport/http/auth/DigestAuthSupplier$DigestInfo.class
     */
    /* loaded from: input_file:WEB-INF/lib/connector-ldap-2.4.1.jar:lib/cxf-rt-transports-http-3.1.12.e1.jar:org/apache/cxf/transport/http/auth/DigestAuthSupplier$DigestInfo.class */
    class DigestInfo {
        String qop;
        String realm;
        String nonce;
        String opaque;
        int nc;
        String algorithm = "MD5";
        String charset = "ISO-8859-1";
        String method = "POST";

        DigestInfo() {
        }

        synchronized String generateAuth(String str, String str2, String str3) {
            try {
                this.nc++;
                String format = String.format("%08d", Integer.valueOf(this.nc));
                String createCnonce = DigestAuthSupplier.this.createCnonce();
                String str4 = this.algorithm;
                if (str4.equalsIgnoreCase("MD5-sess")) {
                    str4 = "MD5";
                }
                MessageDigest messageDigest = MessageDigest.getInstance(str4);
                String str5 = str2 + ":" + this.realm + ":" + str3;
                if ("MD5-sess".equalsIgnoreCase(this.algorithm)) {
                    str5 = DigestAuthSupplier.encode(messageDigest.digest(str5.getBytes(this.charset))) + ':' + this.nonce + ':' + createCnonce;
                }
                String encode = DigestAuthSupplier.encode(messageDigest.digest(str5.getBytes(this.charset)));
                String encode2 = DigestAuthSupplier.encode(messageDigest.digest((this.method + ":" + str).getBytes("US-ASCII")));
                String encode3 = DigestAuthSupplier.encode(messageDigest.digest((this.qop == null ? encode + ":" + this.nonce + ":" + encode2 : encode + ":" + this.nonce + ":" + format + ":" + createCnonce + ":" + this.qop + ":" + encode2).getBytes("US-ASCII")));
                HashMap hashMap = new HashMap();
                if (this.qop != null) {
                    hashMap.put("qop", ResourceRef.AUTH);
                }
                hashMap.put("realm", this.realm);
                hashMap.put("opaque", this.opaque);
                hashMap.put("nonce", this.nonce);
                hashMap.put(UrlUriLocator.ALIAS, str);
                hashMap.put("username", str2);
                hashMap.put("nc", format);
                hashMap.put("cnonce", createCnonce);
                hashMap.put(CertWorkItemDto.F_RESPONSE, encode3);
                hashMap.put("algorithm", this.algorithm);
                return new HttpAuthHeader("Digest", hashMap).getFullHeader();
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }
    }

    public DigestAuthSupplier() {
        MessageDigest messageDigest = null;
        try {
            messageDigest = MessageDigest.getInstance("MD5");
        } catch (NoSuchAlgorithmException e) {
        }
        this.md5Helper = messageDigest;
    }

    @Override // org.apache.cxf.transport.http.auth.HttpAuthSupplier
    public boolean requiresRequestCaching() {
        return true;
    }

    @Override // org.apache.cxf.transport.http.auth.HttpAuthSupplier
    public String getAuthorization(AuthorizationPolicy authorizationPolicy, URI uri, Message message, String str) {
        if (authorizationPolicy == null) {
            return null;
        }
        if (authorizationPolicy.getUserName() == null && authorizationPolicy.getPassword() == null) {
            return null;
        }
        if (str == null) {
            DigestInfo digestInfo = this.authInfo.get(uri);
            if (digestInfo != null) {
                return digestInfo.generateAuth(getAuthURI(uri), authorizationPolicy.getUserName(), authorizationPolicy.getPassword());
            }
            return null;
        }
        HttpAuthHeader httpAuthHeader = new HttpAuthHeader(str);
        if (!httpAuthHeader.authTypeIsDigest()) {
            return null;
        }
        Map<String, String> params = httpAuthHeader.getParams();
        if (!ResourceRef.AUTH.equals(params.get("qop")) && params.containsKey("qop")) {
            return null;
        }
        DigestInfo digestInfo2 = new DigestInfo();
        digestInfo2.qop = params.get("qop");
        digestInfo2.realm = params.get("realm");
        digestInfo2.nonce = params.get("nonce");
        digestInfo2.opaque = params.get("opaque");
        if (params.containsKey("algorithm")) {
            digestInfo2.algorithm = params.get("algorithm");
        }
        if (params.containsKey("charset")) {
            digestInfo2.charset = params.get("charset");
        }
        digestInfo2.method = (String) message.get(Message.HTTP_REQUEST_METHOD);
        if (digestInfo2.method == null) {
            digestInfo2.method = "POST";
        }
        this.authInfo.put(uri, digestInfo2);
        return digestInfo2.generateAuth(getAuthURI(uri), authorizationPolicy.getUserName(), authorizationPolicy.getPassword());
    }

    private static String getAuthURI(URI uri) {
        String path = uri.getPath();
        if (uri.getQuery() != null) {
            path = path + '?' + uri.getQuery();
        }
        return path;
    }

    public String createCnonce() throws UnsupportedEncodingException {
        byte[] digest;
        byte[] bytes = Long.toString(System.currentTimeMillis()).getBytes("US-ASCII");
        synchronized (this.md5Helper) {
            digest = this.md5Helper.digest(bytes);
        }
        return encode(digest);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static String encode(byte[] bArr) {
        int length = bArr.length;
        char[] cArr = new char[length * 2];
        for (int i = 0; i < length; i++) {
            int i2 = bArr[i] & 15;
            cArr[i * 2] = HEXADECIMAL[(bArr[i] & 240) >> 4];
            cArr[(i * 2) + 1] = HEXADECIMAL[i2];
        }
        return new String(cArr);
    }
}
