package com.bradmcevoy.http.http11.auth;

import com.bradmcevoy.http.Auth;
import com.bradmcevoy.http.AuthenticationHandler;
import com.bradmcevoy.http.DigestResource;
import com.bradmcevoy.http.Request;
import com.bradmcevoy.http.Resource;
import com.bradmcevoy.http.http11.auth.NonceProvider;
import org.apache.commons.codec.binary.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/bradmcevoy/http/http11/auth/DigestAuthenticationHandler.class */
public class DigestAuthenticationHandler implements AuthenticationHandler {
    private static final Logger log = LoggerFactory.getLogger(DigestAuthenticationHandler.class);
    private final NonceProvider nonceProvider;

    public DigestAuthenticationHandler(NonceProvider nonceProvider) {
        this.nonceProvider = nonceProvider;
    }

    public DigestAuthenticationHandler() {
        this.nonceProvider = new SimpleMemoryNonceProvider(86400);
    }

    @Override // com.bradmcevoy.http.AuthenticationHandler
    public boolean supports(Resource resource, Request request) {
        boolean z;
        Auth authorization = request.getAuthorization();
        if (resource instanceof DigestResource) {
            z = Auth.Scheme.DIGEST.equals(authorization.getScheme());
        } else {
            log.debug("resource is not an instanceof " + DigestResource.class);
            z = false;
        }
        return z;
    }

    @Override // com.bradmcevoy.http.AuthenticationHandler
    public Object authenticate(Resource resource, Request request) {
        Long l;
        DigestResource digestResource = (DigestResource) resource;
        Auth authorization = request.getAuthorization();
        if (authorization.getUser() == null || authorization.getRealm() == null || authorization.getNonce() == null || authorization.getUri() == null) {
            log.warn("missing params");
            return null;
        }
        if (!"auth".equals(authorization.getQop())) {
            l = null;
        } else {
            if (authorization.getNc() == null || authorization.getCnonce() == null) {
                log.warn("missing params2");
                return null;
            }
            l = Long.valueOf(Long.parseLong(authorization.getNc(), 16));
        }
        if (resource.getRealm() == null) {
            throw new IllegalStateException("realm is null on resource of class: " + resource.getClass());
        }
        if (!resource.getRealm().equals(authorization.getRealm())) {
            log.warn("incorrect realm: resource: " + resource.getRealm() + " given: " + authorization.getRealm());
            return null;
        }
        if (!Base64.isArrayByteBase64(authorization.getNonce().getBytes())) {
            log.warn("nonce not base64 encoded");
            return null;
        }
        log.debug("nc: " + authorization.getNc());
        String str = new String(Base64.decodeBase64(authorization.getNonce().getBytes()));
        NonceProvider.NonceValidity nonceValidity = this.nonceProvider.getNonceValidity(str, l);
        if (NonceProvider.NonceValidity.INVALID.equals(nonceValidity)) {
            log.debug("invalid nonce: " + str);
            return null;
        }
        if (!NonceProvider.NonceValidity.EXPIRED.equals(nonceValidity)) {
            return digestResource.authenticate(toDigestResponse(authorization, request));
        }
        log.debug("expired nonce: " + str);
        authorization.setNonceStale(true);
        return null;
    }

    @Override // com.bradmcevoy.http.AuthenticationHandler
    public String getChallenge(Resource resource, Request request) {
        String str = "Digest realm=\"" + resource.getRealm() + "\", qop=\"auth\", nonce=\"" + new String(Base64.encodeBase64(this.nonceProvider.createNonce(resource, request).getBytes())) + "\"";
        if (request.getAuthorization() != null && request.getAuthorization().isNonceStale()) {
            str = str + ", stale=\"true\"";
        }
        return str;
    }

    @Override // com.bradmcevoy.http.AuthenticationHandler
    public boolean isCompatible(Resource resource) {
        return resource instanceof DigestResource;
    }

    private DigestResponse toDigestResponse(Auth auth, Request request) {
        return new DigestResponse(request.getMethod(), auth.getUser(), auth.getRealm(), auth.getNonce(), auth.getUri(), auth.getResponseDigest(), auth.getQop(), auth.getNc(), auth.getCnonce());
    }
}
