package org.apache.catalina.authenticator;

import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.util.StringTokenizer;
import org.alfresco.web.bean.wcm.DeploymentServerConfig;
import org.apache.axiom.om.util.DigestGenerator;
import org.apache.batik.util.XMLConstants;
import org.apache.catalina.Realm;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
import org.apache.catalina.deploy.LoginConfig;
import org.apache.catalina.util.MD5Encoder;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.jbpm.svc.Services;

/* loaded from: input_file:WEB-INF/lib/catalina.jar:org/apache/catalina/authenticator/DigestAuthenticator.class */
public class DigestAuthenticator extends AuthenticatorBase {
    private static Log log;
    protected static final MD5Encoder md5Encoder;

    /* renamed from: info, reason: collision with root package name */
    protected static final String f14info = "org.apache.catalina.authenticator.DigestAuthenticator/1.0";
    protected static MessageDigest md5Helper;
    protected String key = "Catalina";
    static Class class$org$apache$catalina$authenticator$DigestAuthenticator;

    public DigestAuthenticator() {
        try {
            if (md5Helper == null) {
                md5Helper = MessageDigest.getInstance(DigestGenerator.md5DigestAlgorithm);
            }
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
            throw new IllegalStateException();
        }
    }

    @Override // org.apache.catalina.authenticator.AuthenticatorBase, org.apache.catalina.valves.ValveBase, org.apache.catalina.Valve
    public String getInfo() {
        return f14info;
    }

    @Override // org.apache.catalina.authenticator.AuthenticatorBase
    public boolean authenticate(Request request, Response response, LoginConfig loginConfig) throws IOException {
        Principal findPrincipal;
        Principal userPrincipal = request.getUserPrincipal();
        if (userPrincipal != null) {
            if (log.isDebugEnabled()) {
                log.debug(new StringBuffer().append("Already authenticated '").append(userPrincipal.getName()).append("'").toString());
            }
            String str = (String) request.getNote(Constants.REQ_SSOID_NOTE);
            if (str == null) {
                return true;
            }
            associate(str, request.getSessionInternal(true));
            return true;
        }
        String header = request.getHeader(Services.SERVICENAME_AUTHORIZATION);
        if (header != null && (findPrincipal = findPrincipal(request, header, this.context.getRealm())) != null) {
            register(request, response, findPrincipal, "DIGEST", parseUsername(header), null);
            return true;
        }
        setAuthenticateHeader(request, response, loginConfig, generateNOnce(request));
        response.setStatus(401);
        return false;
    }

    protected static Principal findPrincipal(Request request, String str, Realm realm) {
        byte[] digest;
        if (str == null || !str.startsWith("Digest ")) {
            return null;
        }
        String[] split = str.substring(7).trim().split(",(?=(?:[^\"]*\"[^\"]*\")+$)");
        String str2 = null;
        String str3 = null;
        String str4 = null;
        String str5 = null;
        String str6 = null;
        String str7 = null;
        String str8 = null;
        String str9 = null;
        String method = request.getMethod();
        for (String str10 : split) {
            if (str10.length() != 0) {
                int indexOf = str10.indexOf(61);
                if (indexOf < 0) {
                    return null;
                }
                String trim = str10.substring(0, indexOf).trim();
                String trim2 = str10.substring(indexOf + 1).trim();
                if (DeploymentServerConfig.PROP_USER.equals(trim)) {
                    str2 = removeQuotes(trim2);
                }
                if ("realm".equals(trim)) {
                    str3 = removeQuotes(trim2, true);
                }
                if ("nonce".equals(trim)) {
                    str4 = removeQuotes(trim2);
                }
                if ("nc".equals(trim)) {
                    str5 = removeQuotes(trim2);
                }
                if ("cnonce".equals(trim)) {
                    str6 = removeQuotes(trim2);
                }
                if ("qop".equals(trim)) {
                    str7 = removeQuotes(trim2);
                }
                if ("uri".equals(trim)) {
                    str8 = removeQuotes(trim2);
                }
                if ("response".equals(trim)) {
                    str9 = removeQuotes(trim2);
                }
            }
        }
        if (str2 == null || str3 == null || str4 == null || str8 == null || str9 == null) {
            return null;
        }
        String stringBuffer = new StringBuffer().append(method).append(":").append(str8).toString();
        synchronized (md5Helper) {
            digest = md5Helper.digest(stringBuffer.getBytes());
        }
        return realm.authenticate(str2, str9, str4, str5, str6, str7, str3, md5Encoder.encode(digest));
    }

    protected String parseUsername(String str) {
        String nextToken;
        int indexOf;
        if (str == null || !str.startsWith("Digest ")) {
            return null;
        }
        StringTokenizer stringTokenizer = new StringTokenizer(str.substring(7).trim(), ",");
        while (stringTokenizer.hasMoreTokens() && (indexOf = (nextToken = stringTokenizer.nextToken()).indexOf(61)) >= 0) {
            String trim = nextToken.substring(0, indexOf).trim();
            String trim2 = nextToken.substring(indexOf + 1).trim();
            if (DeploymentServerConfig.PROP_USER.equals(trim)) {
                return removeQuotes(trim2);
            }
        }
        return null;
    }

    protected static String removeQuotes(String str, boolean z) {
        return (str.length() <= 0 || str.charAt(0) == '\"' || z) ? str.length() > 2 ? str.substring(1, str.length() - 1) : new String() : str;
    }

    protected static String removeQuotes(String str) {
        return removeQuotes(str, false);
    }

    protected String generateNOnce(Request request) {
        byte[] digest;
        String stringBuffer = new StringBuffer().append(request.getRemoteAddr()).append(":").append(System.currentTimeMillis()).append(":").append(this.key).toString();
        synchronized (md5Helper) {
            digest = md5Helper.digest(stringBuffer.getBytes());
        }
        return md5Encoder.encode(digest);
    }

    protected void setAuthenticateHeader(Request request, Response response, LoginConfig loginConfig, String str) {
        byte[] digest;
        String realmName = loginConfig.getRealmName();
        if (realmName == null) {
            realmName = new StringBuffer().append(request.getServerName()).append(":").append(request.getServerPort()).toString();
        }
        synchronized (md5Helper) {
            digest = md5Helper.digest(str.getBytes());
        }
        response.setHeader("WWW-Authenticate", new StringBuffer().append("Digest realm=\"").append(realmName).append("\", ").append("qop=\"auth\", nonce=\"").append(str).append("\", ").append("opaque=\"").append(md5Encoder.encode(digest)).append(XMLConstants.XML_DOUBLE_QUOTE).toString());
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$apache$catalina$authenticator$DigestAuthenticator == null) {
            cls = class$("org.apache.catalina.authenticator.DigestAuthenticator");
            class$org$apache$catalina$authenticator$DigestAuthenticator = cls;
        } else {
            cls = class$org$apache$catalina$authenticator$DigestAuthenticator;
        }
        log = LogFactory.getLog(cls);
        md5Encoder = new MD5Encoder();
    }
}
