package org.w3c.jigsaw.acl;

import com.ctc.wstx.io.CharsetNames;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import org.w3c.jigsaw.http.Request;
import org.w3c.util.StringUtils;
import org.w3c.www.http.HttpCredential;
import org.w3c.www.webdav.xml.DAVNode;

/* loaded from: input_file:org/w3c/jigsaw/acl/DigestAuthPrincipal.class */
public class DigestAuthPrincipal extends HTTPPrincipal {
    protected String dac_user;
    String dac_realm;
    String dac_nonce;
    String dac_uri;
    String dac_response;
    String dac_algorithm;
    String dac_method;
    String nonce;
    String old_nonce;
    String algo;
    boolean stale;
    boolean no_user;

    public boolean isStale() {
        return this.stale;
    }

    private boolean checkDigest2069(String str, String str2, String str3, String str4) {
        StringBuffer stringBuffer = new StringBuffer(256);
        stringBuffer.append(str).append(':').append(str2);
        stringBuffer.append(':').append(str3);
        String stringBuffer2 = stringBuffer.toString();
        StringBuffer stringBuffer3 = new StringBuffer(256);
        stringBuffer3.append(this.dac_method).append(':').append(this.dac_uri);
        String stringBuffer4 = stringBuffer3.toString();
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(this.algo);
            try {
                messageDigest.update(stringBuffer2.getBytes(CharsetNames.CS_ISO_LATIN1));
                String hexString = StringUtils.toHexString(messageDigest.digest());
                messageDigest.reset();
                messageDigest.update(stringBuffer4.getBytes(CharsetNames.CS_ISO_LATIN1));
                String hexString2 = StringUtils.toHexString(messageDigest.digest());
                messageDigest.reset();
                StringBuffer stringBuffer5 = new StringBuffer(256);
                stringBuffer5.append(hexString).append(':').append(str4).append(':').append(hexString2);
                messageDigest.update(stringBuffer5.toString().getBytes(CharsetNames.CS_ISO_LATIN1));
                return StringUtils.toHexString(messageDigest.digest()).equals(this.dac_response);
            } catch (UnsupportedEncodingException e) {
                return false;
            }
        } catch (NoSuchAlgorithmException e2) {
            return false;
        }
    }

    @Override // org.w3c.jigsaw.acl.HTTPPrincipal, java.security.Principal
    public boolean equals(Object obj) {
        if (this.no_user) {
            return false;
        }
        if (!(obj instanceof AclPrincipal)) {
            return obj instanceof DigestAuthPrincipal ? false : false;
        }
        AclPrincipal aclPrincipal = (AclPrincipal) obj;
        String name = aclPrincipal.getName();
        String realm = aclPrincipal.getRealm();
        String password = aclPrincipal.getPassword();
        if (!this.dac_user.equals(name) || !this.dac_realm.equals(realm)) {
            return false;
        }
        if (this.dac_algorithm != null && !this.dac_algorithm.equals(this.algo)) {
            return false;
        }
        if (this.dac_nonce.equals(this.nonce)) {
            return checkDigest2069(name, realm, password, this.nonce);
        }
        if (this.dac_nonce.equals(this.old_nonce)) {
            if (!checkDigest2069(name, realm, password, this.old_nonce)) {
                return false;
            }
            this.stale = true;
            return true;
        }
        if (!checkDigest2069(name, realm, password, this.dac_nonce)) {
            return false;
        }
        this.stale = true;
        return false;
    }

    @Override // org.w3c.jigsaw.acl.HTTPPrincipal, java.security.Principal
    public String toString() {
        return this.dac_user != null ? this.dac_user : "Digest";
    }

    @Override // java.security.Principal
    public int hashCode() {
        if (this.dac_nonce != null) {
            return this.dac_nonce.hashCode();
        }
        return -1;
    }

    @Override // org.w3c.jigsaw.acl.HTTPPrincipal, java.security.Principal
    public String getName() {
        return this.dac_user;
    }

    public DigestAuthPrincipal(Request request, String str, String str2, String str3) throws InvalidAuthException {
        super(request);
        this.dac_user = null;
        this.dac_realm = null;
        this.dac_nonce = null;
        this.dac_uri = null;
        this.dac_response = null;
        this.dac_algorithm = null;
        this.dac_method = null;
        this.nonce = null;
        this.old_nonce = null;
        this.algo = null;
        this.stale = false;
        this.no_user = false;
        HttpCredential proxyAuthorization = request.isProxy() ? request.getProxyAuthorization() : request.getAuthorization();
        if (proxyAuthorization == null || !proxyAuthorization.getScheme().equalsIgnoreCase("Digest")) {
            this.no_user = true;
            return;
        }
        this.no_user = false;
        this.dac_user = proxyAuthorization.getAuthParameter("username");
        this.dac_uri = proxyAuthorization.getAuthParameter("uri");
        this.dac_response = proxyAuthorization.getAuthParameter(DAVNode.RESPONSE_NODE);
        this.dac_realm = proxyAuthorization.getAuthParameter("realm");
        this.dac_method = request.getMethod();
        this.dac_nonce = proxyAuthorization.getAuthParameter("nonce");
        this.nonce = str;
        this.old_nonce = str2;
        this.algo = str3;
        if (this.dac_user == null || this.dac_uri == null || this.dac_response == null || this.dac_realm == null) {
            throw new InvalidAuthException("Invalid authentication header");
        }
    }

    public DigestAuthPrincipal(Request request) throws InvalidAuthException {
        super(request);
        this.dac_user = null;
        this.dac_realm = null;
        this.dac_nonce = null;
        this.dac_uri = null;
        this.dac_response = null;
        this.dac_algorithm = null;
        this.dac_method = null;
        this.nonce = null;
        this.old_nonce = null;
        this.algo = null;
        this.stale = false;
        this.no_user = false;
        throw new InvalidAuthException("Bad call for authentification");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public DigestAuthPrincipal(Request request, String str) throws InvalidAuthException {
        super(request);
        this.dac_user = null;
        this.dac_realm = null;
        this.dac_nonce = null;
        this.dac_uri = null;
        this.dac_response = null;
        this.dac_algorithm = null;
        this.dac_method = null;
        this.nonce = null;
        this.old_nonce = null;
        this.algo = null;
        this.stale = false;
        this.no_user = false;
    }
}
