package com.jrm.tm.cpe.web.udp.server.auth;

import com.jrm.network.udp.communication.protocal.Header;
import com.jrm.network.udp.communication.protocal.Request;
import com.jrm.network.udp.communication.protocal.RequestHeaderLine;
import com.jrm.network.udp.communication.protocal.Response;
import com.jrm.network.udp.communication.protocal.ResponseHeaderLine;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Queue;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentLinkedQueue;
import java.util.concurrent.ConcurrentMap;
import java.util.concurrent.atomic.AtomicInteger;
import org.eclipse.jetty.http.HttpTokens;
import org.eclipse.jetty.util.B64Code;
import org.eclipse.jetty.util.QuotedStringTokenizer;
import org.eclipse.jetty.util.TypeUtil;
import org.eclipse.jetty.util.log.Log;
import org.eclipse.jetty.util.log.Logger;
import org.eclipse.jetty.util.security.Credential;

/* loaded from: classes.dex */
public class DigestAuthenticator {
    private static final Logger LOG = Log.getLogger((Class<?>) DigestAuthenticator.class);
    private LoginService loginService;
    private long maxNonceAgeMs;
    SecureRandom random = new SecureRandom();
    private ConcurrentMap<String, Nonce> nonceCount = new ConcurrentHashMap();
    private Queue<Nonce> nonceQueue = new ConcurrentLinkedQueue();
    private final int nonceLength = 24;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class Digest extends org.eclipse.jetty.util.security.Credential {
        private static final long serialVersionUID = -2484639019549527724L;
        final String method;
        String username = "";
        String realm = "";
        String nonce = "";
        String nc = "";
        String cnonce = "";
        String qop = "";
        String uri = "";
        String response = "";

        Digest(String str) {
            this.method = str;
        }

        @Override // org.eclipse.jetty.util.security.Credential
        public boolean check(Object obj) {
            byte[] digest;
            if (obj instanceof char[]) {
                obj = new String((char[]) obj);
            }
            String obj2 = obj instanceof String ? (String) obj : obj.toString();
            try {
                MessageDigest messageDigest = MessageDigest.getInstance("MD5");
                if (obj instanceof Credential.MD5) {
                    digest = ((Credential.MD5) obj).getDigest();
                } else {
                    messageDigest.update(this.username.getBytes("ISO-8859-1"));
                    messageDigest.update(HttpTokens.COLON);
                    messageDigest.update(this.realm.getBytes("ISO-8859-1"));
                    messageDigest.update(HttpTokens.COLON);
                    messageDigest.update(obj2.getBytes("ISO-8859-1"));
                    digest = messageDigest.digest();
                }
                messageDigest.reset();
                DigestAuthenticator.LOG.info(String.valueOf(this.method) + ":" + this.uri, new Object[0]);
                messageDigest.update(this.method.getBytes("ISO-8859-1"));
                messageDigest.update(HttpTokens.COLON);
                messageDigest.update(this.uri.getBytes("ISO-8859-1"));
                byte[] digest2 = messageDigest.digest();
                DigestAuthenticator.LOG.info(String.valueOf(TypeUtil.toString(digest, 16)) + ":" + this.nonce + ":" + this.nc + ":" + this.cnonce + ":" + this.qop + ":" + TypeUtil.toString(digest2, 16), new Object[0]);
                messageDigest.update(TypeUtil.toString(digest, 16).getBytes("ISO-8859-1"));
                messageDigest.update(HttpTokens.COLON);
                messageDigest.update(this.nonce.getBytes("ISO-8859-1"));
                messageDigest.update(HttpTokens.COLON);
                messageDigest.update(this.nc.getBytes("ISO-8859-1"));
                messageDigest.update(HttpTokens.COLON);
                messageDigest.update(this.cnonce.getBytes("ISO-8859-1"));
                messageDigest.update(HttpTokens.COLON);
                messageDigest.update(this.qop.getBytes("ISO-8859-1"));
                messageDigest.update(HttpTokens.COLON);
                messageDigest.update(TypeUtil.toString(digest2, 16).getBytes("ISO-8859-1"));
                byte[] digest3 = messageDigest.digest();
                System.out.println("line:419: " + TypeUtil.toString(digest3, 16));
                return TypeUtil.toString(digest3, 16).equalsIgnoreCase(this.response);
            } catch (UnsupportedEncodingException e) {
                e.printStackTrace();
                DigestAuthenticator.LOG.warn(e);
                return false;
            } catch (NoSuchAlgorithmException e2) {
                e2.printStackTrace();
                return false;
            }
        }

        public String toString() {
            return String.valueOf(this.username) + "," + this.response;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class Nonce {
        AtomicInteger nc = new AtomicInteger();
        final String nonce;
        final long ts;

        public Nonce(String str, long j) {
            this.nonce = str;
            this.ts = j;
        }
    }

    private int checkNonce(Digest digest, Request request) {
        long createTime;
        synchronized (this) {
            createTime = request.getCreateTime() - this.maxNonceAgeMs;
        }
        Nonce peek = this.nonceQueue.peek();
        while (peek != null && peek.ts < createTime) {
            this.nonceQueue.remove();
            this.nonceCount.remove(peek.nonce);
            peek = this.nonceQueue.peek();
        }
        try {
            Nonce nonce = this.nonceCount.get(digest.nonce);
            if (nonce == null) {
                return 0;
            }
            long parseLong = Long.parseLong(digest.nc, 16);
            if (parseLong > 2147483647L) {
                return 0;
            }
            int i = nonce.nc.get();
            while (!nonce.nc.compareAndSet(i, (int) parseLong)) {
                i = nonce.nc.get();
            }
            return parseLong <= ((long) i) ? -1 : 1;
        } catch (Exception e) {
            LOG.ignore(e);
            return -1;
        }
    }

    public Response genResponse(int i, Header[] headerArr) {
        Response response = new Response();
        ResponseHeaderLine responseHeaderLine = new ResponseHeaderLine();
        responseHeaderLine.setStatusCode(i);
        response.setHeaderLine(responseHeaderLine);
        for (Header header : headerArr) {
            response.addHeader(header);
        }
        return response;
    }

    public String getAuthMethod() {
        return "DIGEST";
    }

    public String newNonce(Request request) {
        Nonce nonce;
        do {
            byte[] bArr = new byte[24];
            this.random.nextBytes(bArr);
            nonce = new Nonce(new String(B64Code.encode(bArr)), request.getCreateTime());
        } while (this.nonceCount.putIfAbsent(nonce.nonce, nonce) != null);
        this.nonceQueue.add(nonce);
        return nonce.nonce;
    }

    public void setLoginService(LoginService loginService) {
        this.loginService = loginService;
    }

    public synchronized void setMaxNonceAge(long j) {
        this.maxNonceAgeMs = j;
    }

    public Response validateRequest(Request request) {
        boolean z = false;
        Header header = request.getHeader("Authorization");
        if (header == null) {
            request.getContextPath();
            return genResponse(ResponseHeaderLine.UNAUTHORIZED_401, new Header[]{new Header("WWW-Authenticate", "Digest realm=\"" + this.loginService.getName() + "\", domain=\"/\", nonce=\"" + newNonce(request) + "\", algorithm=MD5, qop=\"auth\", stale=false")});
        }
        String value = header.getValue();
        if (value != null) {
            try {
                QuotedStringTokenizer quotedStringTokenizer = new QuotedStringTokenizer(value, "=, ", true, false);
                Digest digest = new Digest(request.getMethod());
                String str = null;
                String str2 = null;
                while (quotedStringTokenizer.hasMoreTokens()) {
                    String trim = quotedStringTokenizer.nextToken().trim();
                    switch (trim.length() == 1 ? trim.charAt(0) : (char) 0) {
                        case ' ':
                            break;
                        case ',':
                            str2 = null;
                            break;
                        case '=':
                            str2 = str;
                            str = trim;
                            break;
                        default:
                            str = trim;
                            if (str2 != null) {
                                if ("username".equalsIgnoreCase(str2)) {
                                    digest.username = trim;
                                } else if ("realm".equalsIgnoreCase(str2)) {
                                    digest.realm = trim;
                                } else if ("nonce".equalsIgnoreCase(str2)) {
                                    digest.nonce = trim;
                                } else if ("nc".equalsIgnoreCase(str2)) {
                                    digest.nc = trim;
                                } else if ("cnonce".equalsIgnoreCase(str2)) {
                                    digest.cnonce = trim;
                                } else if ("qop".equalsIgnoreCase(str2)) {
                                    digest.qop = trim;
                                } else if (RequestHeaderLine.URI.equalsIgnoreCase(str2)) {
                                    digest.uri = trim;
                                } else if ("response".equalsIgnoreCase(str2)) {
                                    digest.response = trim;
                                }
                                str2 = null;
                                break;
                            } else {
                                break;
                            }
                    }
                }
                int checkNonce = checkNonce(digest, request);
                if (checkNonce > 0) {
                    if (this.loginService.login(digest.username, digest) != null) {
                        return genResponse(ResponseHeaderLine.OK_200, new Header[0]);
                    }
                } else if (checkNonce == 0) {
                    z = true;
                }
            } catch (AuthException e) {
                request.getContextPath();
                Header header2 = new Header("WWW-Authenticate", "Digest realm=\"" + this.loginService.getName() + "\", domain=\"/\", nonce=\"" + newNonce(request) + "\", algorithm=MD5, qop=\"auth\", stale=false");
                new Response().addHeader(header2);
                return genResponse(ResponseHeaderLine.UNAUTHORIZED_401, new Header[]{header2});
            }
        }
        request.getContextPath();
        return genResponse(ResponseHeaderLine.UNAUTHORIZED_401, new Header[]{new Header("WWW-Authenticate", "Digest realm=\"" + this.loginService.getName() + "\", domain=\"/\", nonce=\"" + newNonce(request) + "\", algorithm=MD5, qop=\"auth\", stale=" + z)});
    }
}
