package org.kamranzafar.kws.auth;

import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import org.kamranzafar.esl4j.LogManager;
import org.kamranzafar.esl4j.Logger;
import org.kamranzafar.kws.DirConfig;
import org.kamranzafar.kws.HostConfig;
import org.kamranzafar.kws.HttpResponse;
import org.kamranzafar.kws.HttpStatus;
import org.kamranzafar.kws.MimeType;
import org.kamranzafar.kws.utils.Crypto;
import org.kamranzafar.kws.utils.StringUtils;

/* loaded from: classes.dex */
public class HttpAuthDigest implements HttpAuth {
    private static final Map<String, Nonce> nonces = new HashMap();
    private DirConfig dirConfig;
    private final String OPAQUE = "00000000000000000000000000000000";
    private final String QOP = "auth";
    private final int NONCE_EXPIRY = 300;
    private final Logger logger = LogManager.getLogger(HttpAuthDigest.class);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public class Nonce {
        public int counter;
        public Date createDate;
        public String value;

        private Nonce() {
        }
    }

    private HttpResponse challenge(String str, boolean z) {
        HttpResponse httpResponse = new HttpResponse(HttpStatus.HTTP_ACCESS_DENIED, MimeType.MIME_PLAINTEXT, "Access Denied.");
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(",nonce=\"" + str + "\"");
        stringBuffer.append(",opaque=\"00000000000000000000000000000000\"");
        stringBuffer.append(",qop=auth");
        stringBuffer.append(",stale=" + z);
        httpResponse.addHeader("WWW-Authenticate", "Digest realm=\"" + this.dirConfig.get(HostConfig.Key.AUTH_REALM) + "\"" + ((Object) stringBuffer));
        return httpResponse;
    }

    private boolean isExpired(String str) {
        if (!nonces.containsKey(str)) {
            return true;
        }
        if ((new Date().getTime() - nonces.get(str).createDate.getTime()) / 1000 <= 300) {
            return false;
        }
        nonces.remove(str);
        return true;
    }

    private boolean isValid(Map<String, String> map) {
        return (StringUtils.isEmpty(map.get("nonce")) || StringUtils.isEmpty(map.get("nc")) || StringUtils.isEmpty(map.get("uri")) || StringUtils.isEmpty(map.get("cnonce")) || StringUtils.isEmpty(map.get("response"))) ? false : true;
    }

    private Nonce newNonce() {
        String digest = Crypto.digest(Crypto.MD5, "kws:kamran:" + System.currentTimeMillis());
        Nonce nonce = new Nonce();
        nonce.value = digest;
        nonce.createDate = new Date();
        nonces.put(digest, nonce);
        return nonce;
    }

    @Override // org.kamranzafar.kws.auth.HttpAuth
    public HttpResponse authenticate(DirConfig dirConfig, String str, String str2) {
        this.dirConfig = dirConfig;
        if (str2 != null && str2.startsWith("Digest ")) {
            String[] split = str2.substring(6).split(",");
            HashMap hashMap = new HashMap();
            for (String str3 : split) {
                String[] split2 = str3.trim().split("=");
                String str4 = "";
                if (split2.length > 1) {
                    str4 = split2[1].startsWith("\"") ? split2[1].substring(1, split2[1].length() - 1) : split2[1];
                }
                hashMap.put(split2[0], str4);
            }
            if (!isValid(hashMap)) {
                return new HttpResponse(HttpStatus.HTTP_BADREQUEST, MimeType.MIME_PLAINTEXT, "Bad Request");
            }
            String str5 = hashMap.get("nonce");
            if (isExpired(str5)) {
                return challenge(newNonce().value, true);
            }
            nonces.get(str5).counter++;
            this.logger.trace("NC: " + nonces.get(str5).counter + " - REC: " + Integer.parseInt(hashMap.get("nc"), 16));
            if (Integer.parseInt(hashMap.get("nc"), 16) < nonces.get(str5).counter) {
                return new HttpResponse(HttpStatus.HTTP_BADREQUEST, MimeType.MIME_PLAINTEXT, "Bad Request");
            }
            if (Integer.parseInt(hashMap.get("nc"), 16) > nonces.get(str5).counter) {
                this.logger.debug("Correcting nonce; required by kWS to support directory level digest-auth");
                nonces.get(str5).counter = Integer.parseInt(hashMap.get("nc"), 16);
            }
            String[] split3 = dirConfig.get(HostConfig.Key.AUTH_USERS).split(",");
            for (int i = 0; i < split3.length; i++) {
                String trim = split3[i].trim();
                String digest = Crypto.digest(Crypto.MD5, Crypto.digest(Crypto.MD5, trim + ":" + dirConfig.get(HostConfig.Key.AUTH_REALM) + ":" + dirConfig.get(HostConfig.Key.AUTH_PASSWORD.value() + "." + trim)) + ":" + str5 + ":" + hashMap.get("nc") + ":" + hashMap.get("cnonce") + ":auth:" + Crypto.digest(Crypto.MD5, str + ":" + hashMap.get("uri")));
                this.logger.trace(hashMap.toString());
                this.logger.trace("generated: " + digest);
                this.logger.trace("recieved: " + hashMap.get("response"));
                if (digest.equals(hashMap.get("response"))) {
                    break;
                }
                if (i >= split3.length - 1) {
                    nonces.get(str5).counter = 0;
                    return challenge(str5, false);
                }
            }
            return null;
        }
        return challenge(newNonce().value, false);
    }
}
