package com.helger.http.digestauth;

import com.helger.commons.ValueEnforcer;
import com.helger.commons.annotation.Nonempty;
import com.helger.commons.collection.impl.CommonsLinkedHashMap;
import com.helger.commons.collection.impl.ICommonsOrderedMap;
import com.helger.commons.http.EHttpMethod;
import com.helger.commons.string.StringHelper;
import com.helger.http.HttpStringHelper;
import com.helger.schematron.CSchematronXML;
import com.helger.security.messagedigest.EMessageDigestAlgorithm;
import com.helger.security.messagedigest.MessageDigestValue;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import javax.annotation.CheckForSigned;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.annotation.concurrent.Immutable;
import org.apache.wss4j.common.WSS4JConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Immutable
/* loaded from: input_file:WEB-INF/lib/ph-http-9.7.2.jar:com/helger/http/digestauth/HttpDigestAuth.class */
public final class HttpDigestAuth {
    public static final String HEADER_VALUE_PREFIX_DIGEST = "Digest";
    public static final String ALGORITHM_MD5 = "MD5";
    public static final String ALGORITHM_MD5_SESS = "MD5-sess";
    public static final String DEFAULT_ALGORITHM = "MD5";
    public static final String QOP_AUTH = "auth";
    public static final String QOP_AUTH_INT = "auth-int";
    public static final String DEFAULT_QOP = "auth";
    private static final char SEPARATOR = ':';
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) HttpDigestAuth.class);
    private static final Charset CHARSET = StandardCharsets.ISO_8859_1;
    private static final HttpDigestAuth INSTANCE = new HttpDigestAuth();

    private HttpDigestAuth() {
    }

    @Nullable
    public static ICommonsOrderedMap<String, String> getDigestAuthParams(@Nullable String str) {
        String substring;
        String substring2;
        String trim = StringHelper.trim(str);
        if (StringHelper.hasNoText(trim)) {
            return null;
        }
        if (!trim.startsWith("Digest")) {
            if (!LOGGER.isErrorEnabled()) {
                return null;
            }
            LOGGER.error("String does not start with 'Digest'");
            return null;
        }
        char[] charArray = trim.toCharArray();
        int length = "Digest".length();
        if (length >= charArray.length || !HttpStringHelper.isLinearWhitespaceChar(charArray[length])) {
            if (!LOGGER.isErrorEnabled()) {
                return null;
            }
            LOGGER.error("No whitespace after 'Digest'");
            return null;
        }
        int i = length + 1;
        CommonsLinkedHashMap commonsLinkedHashMap = new CommonsLinkedHashMap();
        while (true) {
            if (i >= charArray.length || !HttpStringHelper.isLinearWhitespaceChar(charArray[i])) {
                int i2 = i;
                while (i < charArray.length && HttpStringHelper.isTokenChar(charArray[i])) {
                    i++;
                }
                if (i2 == i) {
                    if (!LOGGER.isErrorEnabled()) {
                        return null;
                    }
                    LOGGER.error("No token and no whitespace found for auth-param name: '" + charArray[i] + "'");
                    return null;
                }
                substring = trim.substring(i2, i);
                while (i < charArray.length && HttpStringHelper.isLinearWhitespaceChar(charArray[i])) {
                    i++;
                }
                if (i >= charArray.length || charArray[i] != '=') {
                    break;
                }
                do {
                    i++;
                    if (i >= charArray.length) {
                        break;
                    }
                } while (HttpStringHelper.isLinearWhitespaceChar(charArray[i]));
                if (i >= charArray.length) {
                    if (!LOGGER.isErrorEnabled()) {
                        return null;
                    }
                    LOGGER.error("Found nothing after '=' of '" + substring + "'");
                    return null;
                }
                if (charArray[i] == '\"') {
                    int i3 = i + 1;
                    while (i3 < charArray.length && HttpStringHelper.isQuotedTextChar(charArray[i3])) {
                        i3++;
                    }
                    if (i3 >= charArray.length) {
                        if (!LOGGER.isErrorEnabled()) {
                            return null;
                        }
                        LOGGER.error("Unexpected EOF in quoted text for '" + substring + "'");
                        return null;
                    }
                    if (charArray[i3] != '\"') {
                        if (!LOGGER.isErrorEnabled()) {
                            return null;
                        }
                        LOGGER.error("Quoted string of token '" + substring + "' is not terminated correctly: '" + charArray[i3] + "'");
                        return null;
                    }
                    substring2 = trim.substring(i3, i3);
                    i = i3 + 1;
                } else {
                    while (i < charArray.length && HttpStringHelper.isTokenChar(charArray[i])) {
                        i++;
                    }
                    if (i == i) {
                        if (!LOGGER.isErrorEnabled()) {
                            return null;
                        }
                        LOGGER.error("No token and no whitespace found for auth-param value of '" + substring + "': '" + charArray[i] + "'");
                        return null;
                    }
                    substring2 = trim.substring(i, i);
                }
                commonsLinkedHashMap.put(substring, substring2);
                while (i < charArray.length && HttpStringHelper.isLinearWhitespaceChar(charArray[i])) {
                    i++;
                }
                if (i >= charArray.length) {
                    return commonsLinkedHashMap;
                }
                if (charArray[i] != ',') {
                    if (!LOGGER.isErrorEnabled()) {
                        return null;
                    }
                    LOGGER.error("Illegal character after auth-param '" + substring + "': '" + charArray[i] + "'");
                    return null;
                }
                i++;
                if (i >= charArray.length) {
                    if (!LOGGER.isErrorEnabled()) {
                        return null;
                    }
                    LOGGER.error("Found nothing after continuation of auth-param '" + substring + "'");
                    return null;
                }
            } else {
                i++;
            }
        }
        if (!LOGGER.isErrorEnabled()) {
            return null;
        }
        LOGGER.error("No separator char '=' found after '" + substring + "'");
        return null;
    }

    @Nullable
    public static DigestAuthClientCredentials getDigestAuthClientCredentials(@Nullable String str) {
        ICommonsOrderedMap<String, String> digestAuthParams = getDigestAuthParams(str);
        if (digestAuthParams == null) {
            return null;
        }
        String str2 = (String) digestAuthParams.remove("username");
        if (str2 == null) {
            LOGGER.error("Digest Auth does not container 'username'");
            return null;
        }
        String str3 = (String) digestAuthParams.remove("realm");
        if (str3 == null) {
            LOGGER.error("Digest Auth does not container 'realm'");
            return null;
        }
        String str4 = (String) digestAuthParams.remove("nonce");
        if (str4 == null) {
            LOGGER.error("Digest Auth does not container 'nonce'");
            return null;
        }
        String str5 = (String) digestAuthParams.remove(CSchematronXML.ATTR_URI);
        if (str5 == null) {
            LOGGER.error("Digest Auth does not container 'uri'");
            return null;
        }
        String str6 = (String) digestAuthParams.remove("response");
        if (str6 == null) {
            LOGGER.error("Digest Auth does not container 'response'");
            return null;
        }
        String str7 = (String) digestAuthParams.remove("algorithm");
        String str8 = (String) digestAuthParams.remove("cnonce");
        String str9 = (String) digestAuthParams.remove("opaque");
        String str10 = (String) digestAuthParams.remove("qop");
        String str11 = (String) digestAuthParams.remove("nc");
        if (digestAuthParams.isNotEmpty() && LOGGER.isWarnEnabled()) {
            LOGGER.warn("Digest Auth contains unhandled parameters: " + digestAuthParams.toString());
        }
        return new DigestAuthClientCredentials(str2, str3, str4, str5, str6, str7, str8, str9, str10, str11);
    }

    @Nullable
    public static String getNonceCountString(@CheckForSigned int i) {
        if (i <= 0) {
            return null;
        }
        return StringHelper.getLeadingZero(StringHelper.getHexString(i), 8);
    }

    @Nonnull
    private static String _md5(@Nonnull String str) {
        return MessageDigestValue.create(str.getBytes(CHARSET), EMessageDigestAlgorithm.MD5).getHexEncodedDigestString();
    }

    @Nonnull
    public static DigestAuthClientCredentials createDigestAuthClientCredentials(@Nonnull EHttpMethod eHttpMethod, @Nonnull @Nonempty String str, @Nonnull @Nonempty String str2, @Nonnull String str3, @Nonnull @Nonempty String str4, @Nonnull @Nonempty String str5, @Nullable String str6, @Nullable String str7, @Nullable String str8, @Nullable String str9, @CheckForSigned int i) {
        ValueEnforcer.notNull(eHttpMethod, "Method");
        ValueEnforcer.notEmpty(str, "DigestURI");
        ValueEnforcer.notEmpty(str2, "UserName");
        ValueEnforcer.notNull(str3, WSS4JConstants.PASSWORD_LN);
        ValueEnforcer.notEmpty(str4, "Realm");
        ValueEnforcer.notEmpty(str5, "ServerNonce");
        if (str9 != null && StringHelper.hasNoText(str7)) {
            throw new IllegalArgumentException("If a QOP is defined, client nonce must be set!");
        }
        if (str9 != null && i <= 0) {
            throw new IllegalArgumentException("If a QOP is defined, nonce count must be positive!");
        }
        String str10 = str6 == null ? "MD5" : str6;
        if (!str10.equals("MD5") && !str10.equals(ALGORITHM_MD5_SESS)) {
            throw new IllegalArgumentException("Currently only 'MD5' and 'MD5-sess' algorithms are supported!");
        }
        if (str9 != null && !str9.equals("auth")) {
            throw new IllegalArgumentException("Currently only 'auth' QOP is supported!");
        }
        String nonceCountString = getNonceCountString(i);
        String _md5 = _md5(str2 + ':' + str4 + ':' + str3);
        if (str10.equals(ALGORITHM_MD5_SESS)) {
            if (StringHelper.hasNoText(str7)) {
                throw new IllegalArgumentException("Algorithm requires client nonce!");
            }
            _md5 = _md5(_md5 + ':' + str5 + ':' + str7);
        }
        String _md52 = _md5(eHttpMethod.getName() + ':' + str);
        return new DigestAuthClientCredentials(str2, str4, str5, str, str9 == null ? _md5(_md5 + ':' + str5 + ':' + _md52) : _md5(_md5 + ':' + str5 + ':' + nonceCountString + ':' + str7 + ':' + str9 + ':' + _md52), str6, str7, str8, str9, nonceCountString);
    }
}
