package org.eclipse.jetty.client.util;

import defpackage.lw6;
import defpackage.mw6;
import defpackage.nw6;
import j$.util.Base64;
import java.net.URI;
import java.nio.file.Path;
import java.security.PrivilegedAction;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.apache.commons.lang3.StringUtils;
import org.eclipse.jetty.client.api.Authentication;
import org.eclipse.jetty.client.api.ContentResponse;
import org.eclipse.jetty.client.api.Request;
import org.eclipse.jetty.client.util.SPNEGOAuthentication;
import org.eclipse.jetty.http.HttpHeader;
import org.eclipse.jetty.util.Attributes;
import org.eclipse.jetty.util.log.Log;
import org.eclipse.jetty.util.log.Logger;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.Oid;

/* loaded from: classes6.dex */
public class SPNEGOAuthentication extends AbstractAuthentication {
    public static final Logger k = Log.getLogger((Class<?>) SPNEGOAuthentication.class);
    public static final String l = HttpHeader.NEGOTIATE.asString();
    public final GSSManager c;
    public String d;
    public String e;
    public Path f;
    public String g;
    public boolean h;
    public Path i;
    public boolean j;

    /* loaded from: classes6.dex */
    public static class SPNEGOResult implements Authentication.Result {
        public final URI a;
        public final HttpHeader b;
        public final String c;

        public SPNEGOResult(URI uri, String str) {
            this(uri, HttpHeader.AUTHORIZATION, str);
        }

        public SPNEGOResult(URI uri, HttpHeader httpHeader, String str) {
            this.a = uri;
            this.b = httpHeader;
            StringBuilder sb = new StringBuilder();
            sb.append(SPNEGOAuthentication.l);
            sb.append(str == null ? "" : StringUtils.SPACE.concat(str));
            this.c = sb.toString();
        }

        @Override // org.eclipse.jetty.client.api.Authentication.Result
        public void apply(Request request) {
            request.header(this.b, this.c);
        }

        @Override // org.eclipse.jetty.client.api.Authentication.Result
        public URI getURI() {
            return this.a;
        }
    }

    public SPNEGOAuthentication(URI uri) {
        super(uri, Authentication.ANY_REALM);
        this.c = GSSManager.getInstance();
    }

    public final /* synthetic */ byte[] a(nw6 nw6Var, String str, byte[] bArr) {
        GSSContext gSSContext;
        try {
            gSSContext = nw6Var.b;
            if (gSSContext == null) {
                gSSContext = this.c.createContext(this.c.createName(getServiceName() + "@" + str, GSSName.NT_HOSTBASED_SERVICE), new Oid("1.3.6.1.5.5.2"), (GSSCredential) null, Integer.MAX_VALUE);
                nw6Var.b = gSSContext;
                gSSContext.requestMutualAuth(true);
            }
            byte[] initSecContext = gSSContext.initSecContext(bArr, 0, bArr.length);
            Logger logger = k;
            if (logger.isDebugEnabled()) {
                logger.debug("{} {}", gSSContext.isEstablished() ? "Initialized" : "Initializing", gSSContext);
            }
            return initSecContext;
        } catch (GSSException e) {
            throw new RuntimeException((Throwable) e);
        }
    }

    @Override // org.eclipse.jetty.client.api.Authentication
    public Authentication.Result authenticate(Request request, ContentResponse contentResponse, Authentication.HeaderInfo headerInfo, Attributes attributes) {
        final nw6 nw6Var = (nw6) attributes.getAttribute("nw6");
        Logger logger = k;
        if (logger.isDebugEnabled()) {
            logger.debug("Authenticate with context {}", nw6Var);
        }
        if (nw6Var == null) {
            nw6Var = b();
            attributes.setAttribute("nw6", nw6Var);
        }
        String base64 = headerInfo.getBase64();
        final byte[] decode = base64 == null ? new byte[0] : Base64.getDecoder().decode(base64);
        Subject subject = nw6Var.a;
        final String host = request.getHost();
        byte[] bArr = (byte[]) Subject.doAs(subject, new PrivilegedAction() { // from class: kw6
            @Override // java.security.PrivilegedAction
            public final Object run() {
                Logger logger2 = SPNEGOAuthentication.k;
                return SPNEGOAuthentication.this.a(nw6Var, host, decode);
            }
        });
        return new SPNEGOResult(null, bArr == null ? null : new String(Base64.getEncoder().encode(bArr)));
    }

    public final nw6 b() {
        try {
            String userName = getUserName();
            Logger logger = k;
            if (logger.isDebugEnabled()) {
                logger.debug("Logging in user {}", userName);
            }
            LoginContext loginContext = new LoginContext("", (Subject) null, new lw6(this), new mw6(0));
            loginContext.login();
            Subject subject = loginContext.getSubject();
            nw6 nw6Var = new nw6();
            nw6Var.a = subject;
            if (logger.isDebugEnabled()) {
                logger.debug("Initialized {}", nw6Var);
            }
            return nw6Var;
        } catch (LoginException e) {
            throw new RuntimeException(e);
        }
    }

    public String getServiceName() {
        return this.g;
    }

    public Path getTicketCachePath() {
        return this.i;
    }

    @Override // org.eclipse.jetty.client.util.AbstractAuthentication
    public String getType() {
        return l;
    }

    public Path getUserKeyTabPath() {
        return this.f;
    }

    public String getUserName() {
        return this.d;
    }

    public String getUserPassword() {
        return this.e;
    }

    public boolean isRenewTGT() {
        return this.j;
    }

    public boolean isUseTicketCache() {
        return this.h;
    }

    public void setRenewTGT(boolean z) {
        this.j = z;
    }

    public void setServiceName(String str) {
        this.g = str;
    }

    public void setTicketCachePath(Path path) {
        this.i = path;
    }

    public void setUseTicketCache(boolean z) {
        this.h = z;
    }

    public void setUserKeyTabPath(Path path) {
        this.f = path;
    }

    public void setUserName(String str) {
        this.d = str;
    }

    public void setUserPassword(String str) {
        this.e = str;
    }
}
