package org.eclipse.jetty.security.authentication;

import androidx.autofill.HintConstants;
import defpackage.aj2;
import defpackage.bj2;
import io.ktor.http.auth.HttpAuthHeader;
import j$.util.Objects;
import j$.util.concurrent.ConcurrentHashMap;
import java.io.IOException;
import java.security.SecureRandom;
import java.util.concurrent.ConcurrentLinkedQueue;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.eclipse.jetty.http.HttpHeader;
import org.eclipse.jetty.security.Authenticator;
import org.eclipse.jetty.security.ServerAuthException;
import org.eclipse.jetty.security.UserAuthentication;
import org.eclipse.jetty.server.Authentication;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.UserIdentity;
import org.eclipse.jetty.util.B64Code;
import org.eclipse.jetty.util.QuotedStringTokenizer;
import org.eclipse.jetty.util.log.Log;
import org.eclipse.jetty.util.log.Logger;

/* loaded from: classes6.dex */
public class DigestAuthenticator extends LoginAuthenticator {
    public static final Logger h = Log.getLogger((Class<?>) DigestAuthenticator.class);
    public final SecureRandom c = new SecureRandom();
    public long d = 60000;
    public int e = 1024;
    public final ConcurrentHashMap f = new ConcurrentHashMap();
    public final ConcurrentLinkedQueue g = new ConcurrentLinkedQueue();

    public final int a(aj2 aj2Var, Request request) {
        boolean z;
        long timeStamp = request.getTimeStamp() - getMaxNonceAge();
        bj2 bj2Var = (bj2) this.g.peek();
        while (bj2Var != null && bj2Var.b < timeStamp) {
            this.g.remove(bj2Var);
            this.f.remove(bj2Var.a);
            bj2Var = (bj2) this.g.peek();
        }
        try {
            bj2 bj2Var2 = (bj2) this.f.get(aj2Var.f);
            if (bj2Var2 == null) {
                return 0;
            }
            long parseLong = Long.parseLong(aj2Var.g, 16);
            if (parseLong >= this.e) {
                return 0;
            }
            int i = (int) parseLong;
            synchronized (bj2Var2) {
                try {
                    if (i >= bj2Var2.c.size()) {
                        z = true;
                    } else {
                        z = bj2Var2.c.get(i);
                        bj2Var2.c.set(i);
                    }
                } finally {
                }
            }
            return z ? -1 : 1;
        } catch (Exception e) {
            h.ignore(e);
            return -1;
        }
    }

    @Override // org.eclipse.jetty.security.Authenticator
    public String getAuthMethod() {
        return "DIGEST";
    }

    public long getMaxNonceAge() {
        return this.d;
    }

    public int getMaxNonceCount() {
        return this.e;
    }

    @Override // org.eclipse.jetty.security.authentication.LoginAuthenticator
    public UserIdentity login(String str, Object obj, ServletRequest servletRequest) {
        if (Objects.equals(((aj2) obj).e, this._loginService.getName())) {
            return super.login(str, obj, servletRequest);
        }
        return null;
    }

    public String newNonce(Request request) {
        bj2 bj2Var;
        String str;
        do {
            byte[] bArr = new byte[24];
            this.c.nextBytes(bArr);
            str = new String(B64Code.encode(bArr));
            bj2Var = new bj2(str, request.getTimeStamp(), getMaxNonceCount());
        } while (this.f.putIfAbsent(str, bj2Var) != null);
        this.g.add(bj2Var);
        return str;
    }

    @Override // org.eclipse.jetty.security.Authenticator
    public boolean secureResponse(ServletRequest servletRequest, ServletResponse servletResponse, boolean z, Authentication.User user) throws ServerAuthException {
        return true;
    }

    @Override // org.eclipse.jetty.security.authentication.LoginAuthenticator, org.eclipse.jetty.security.Authenticator
    public void setConfiguration(Authenticator.AuthConfiguration authConfiguration) {
        super.setConfiguration(authConfiguration);
        String initParameter = authConfiguration.getInitParameter("maxNonceAge");
        if (initParameter != null) {
            setMaxNonceAge(Long.parseLong(initParameter));
        }
        String initParameter2 = authConfiguration.getInitParameter("maxNonceCount");
        if (initParameter2 != null) {
            setMaxNonceCount(Integer.parseInt(initParameter2));
        }
    }

    public void setMaxNonceAge(long j) {
        this.d = j;
    }

    public void setMaxNonceCount(int i) {
        this.e = i;
    }

    @Override // org.eclipse.jetty.security.Authenticator
    public Authentication validateRequest(ServletRequest servletRequest, ServletResponse servletResponse, boolean z) throws ServerAuthException {
        if (!z) {
            return new DeferredAuthentication(this);
        }
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String header = httpServletRequest.getHeader(HttpHeader.AUTHORIZATION.asString());
        boolean z2 = false;
        if (header != null) {
            try {
                Logger logger = h;
                if (logger.isDebugEnabled()) {
                    logger.debug("Credentials: ".concat(header), new Object[0]);
                }
                QuotedStringTokenizer quotedStringTokenizer = new QuotedStringTokenizer(header, "=, ", true, false);
                aj2 aj2Var = new aj2(httpServletRequest.getMethod());
                String str = null;
                String str2 = null;
                while (quotedStringTokenizer.hasMoreTokens()) {
                    String nextToken = quotedStringTokenizer.nextToken();
                    char charAt = nextToken.length() == 1 ? nextToken.charAt(0) : (char) 0;
                    if (charAt != ' ') {
                        if (charAt != ',') {
                            if (charAt == '=') {
                                str2 = str;
                            } else if (str2 != null) {
                                if (HintConstants.AUTOFILL_HINT_USERNAME.equalsIgnoreCase(str2)) {
                                    aj2Var.d = nextToken;
                                } else if (HttpAuthHeader.Parameters.Realm.equalsIgnoreCase(str2)) {
                                    aj2Var.e = nextToken;
                                } else if ("nonce".equalsIgnoreCase(str2)) {
                                    aj2Var.f = nextToken;
                                } else if ("nc".equalsIgnoreCase(str2)) {
                                    aj2Var.g = nextToken;
                                } else if ("cnonce".equalsIgnoreCase(str2)) {
                                    aj2Var.h = nextToken;
                                } else if ("qop".equalsIgnoreCase(str2)) {
                                    aj2Var.i = nextToken;
                                } else if ("uri".equalsIgnoreCase(str2)) {
                                    aj2Var.j = nextToken;
                                } else if ("response".equalsIgnoreCase(str2)) {
                                    aj2Var.t = nextToken;
                                }
                                str2 = null;
                            }
                            str = nextToken;
                        } else {
                            str2 = null;
                        }
                    }
                }
                int a = a(aj2Var, (Request) httpServletRequest);
                if (a > 0) {
                    UserIdentity login = login(aj2Var.d, aj2Var, servletRequest);
                    if (login != null) {
                        return new UserAuthentication(getAuthMethod(), login);
                    }
                } else if (a == 0) {
                    z2 = true;
                }
            } catch (IOException e) {
                throw new ServerAuthException(e);
            }
        }
        if (DeferredAuthentication.isDeferred(httpServletResponse)) {
            return Authentication.UNAUTHENTICATED;
        }
        String contextPath = httpServletRequest.getContextPath();
        if (contextPath == null) {
            contextPath = "/";
        }
        httpServletResponse.setHeader(HttpHeader.WWW_AUTHENTICATE.asString(), "Digest realm=\"" + this._loginService.getName() + "\", domain=\"" + contextPath + "\", nonce=\"" + newNonce((Request) httpServletRequest) + "\", algorithm=MD5, qop=\"auth\", stale=" + z2);
        httpServletResponse.sendError(401);
        return Authentication.SEND_CONTINUE;
    }
}
