package com.motorola.httpserver.webserver.security;

import com.motorola.httpserver.utility.Base64Coder;
import com.motorola.httpserver.utility.Log;
import com.motorola.httpserver.webserver.HttpCode;
import com.motorola.httpserver.webserver.IResponseHandler;
import com.motorola.httpserver.webserver.ServerContext;
import com.motorola.httpserver.webserver.Transaction;
import java.io.IOException;
import java.util.Hashtable;
import java.util.UUID;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

/* loaded from: classes.dex */
public class DigestAuthentication implements SecurityAuthIntfc {
    static final Pattern mAuthorizationPat = Pattern.compile("(Digest)? ?((\\w+)=(\\\"([.[^\\\"]]+)\\\"|([.[^,]]+)),?)");
    private ServerContext mContext;
    String mRealm;
    Matcher mAuthMatcher = mAuthorizationPat.matcher("");
    private Hashtable<String, DigestEntry> mDigestTable = new Hashtable<>();
    private String mLoginName = null;
    private String mLoginPasswd = null;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public static class DigestEntry {
        String mNonce;
        String mOpaque;

        DigestEntry() {
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public DigestAuthentication(ServerContext serverContext, String str) {
        this.mRealm = null;
        this.mRealm = str;
    }

    private int handleCheckAuthorization(Transaction transaction) throws IOException {
        DigestEntry digestEntry;
        String MD5;
        String headerValue = transaction.getHeaders().getHeaderValue("AUTHORIZATION");
        if (headerValue == null) {
            return handleUnauthorized(transaction.getResponse(), false);
        }
        StringBuilder sb = new StringBuilder(1024);
        Hashtable<String, String> parseAuthorizationString = parseAuthorizationString(headerValue);
        String str = parseAuthorizationString.get("nonce");
        if (str != null && (digestEntry = this.mDigestTable.get(str)) != null) {
            try {
                sb.append(this.mLoginName).append(":").append(this.mRealm).append(":").append(this.mLoginPasswd);
                String MD52 = SecurityManager.MD5(sb.toString());
                sb.setLength(0);
                sb.append(transaction.getRequestType().type()).append(":");
                if (parseAuthorizationString.get("uri") != null) {
                    sb.append(parseAuthorizationString.get("uri"));
                } else {
                    sb.append(transaction.getUri().getPath());
                }
                MD5 = SecurityManager.MD5(sb.toString());
                sb.setLength(0);
                sb.append(MD52).append(":").append(digestEntry.mNonce).append(":").append(parseAuthorizationString.get("nc")).append(":").append(parseAuthorizationString.get("cnonce")).append(":").append(parseAuthorizationString.get("qop")).append(":").append(MD5);
            } catch (Exception e) {
                Log.e("DigestAuthentication", "handleCheckAuthorization: " + e.toString());
            }
            if (SecurityManager.MD5(sb.toString()).equals(parseAuthorizationString.get("response"))) {
                return 0;
            }
            String str2 = parseAuthorizationString.get("username");
            if (str2 == null || !str2.endsWith(this.mLoginName)) {
                return handleUnauthorized(transaction.getResponse(), false);
            }
            sb.setLength(0);
            sb.append(str2.replaceAll("\\\\\\\\", "\\\\")).append(":").append(this.mRealm).append(":").append(this.mLoginPasswd);
            String MD53 = SecurityManager.MD5(sb.toString());
            sb.setLength(0);
            sb.append(MD53).append(":").append(digestEntry.mNonce).append(":").append(parseAuthorizationString.get("nc")).append(":").append(parseAuthorizationString.get("cnonce")).append(":").append(parseAuthorizationString.get("qop")).append(":").append(MD5);
            if (SecurityManager.MD5(sb.toString()).equals(parseAuthorizationString.get("response"))) {
                return 0;
            }
            return handleUnauthorized(transaction.getResponse(), false);
        }
        return handleUnauthorized(transaction.getResponse(), false);
    }

    private int handleUnauthorized(Transaction transaction, boolean z) throws IOException {
        StringBuilder sb = new StringBuilder(512);
        DigestEntry digestEntry = new DigestEntry();
        String uuid = UUID.randomUUID().toString();
        String uuid2 = UUID.randomUUID().toString();
        digestEntry.mOpaque = new String(Base64Coder.encode(uuid.getBytes()));
        digestEntry.mNonce = new String(Base64Coder.encode(uuid2.getBytes()));
        this.mDigestTable.put(digestEntry.mNonce, digestEntry);
        sb.append("Digest").append(" ").append("realm").append("=\"").append(this.mRealm).append("\", ").append("qop").append("=\"auth\", ").append("nonce").append("=\"").append(digestEntry.mNonce).append("\", ").append("opaque").append("=\"").append(digestEntry.mOpaque).append("\", ").append("stale").append("= ").append(z ? "\"true\"" : "\"false\"");
        transaction.addHeader("WWW-AUTHENTICATE", sb.toString());
        IResponseHandler.sendError(this.mContext, transaction, HttpCode.UNAUTHORIZED);
        return 2;
    }

    private Hashtable<String, String> parseAuthorizationString(String str) {
        Hashtable<String, String> hashtable = new Hashtable<>();
        this.mAuthMatcher.reset(str);
        while (this.mAuthMatcher.find()) {
            String group = this.mAuthMatcher.group(3);
            String group2 = this.mAuthMatcher.group(5);
            if (group != null && group.length() > 0) {
                if (group2 == null || group2.length() == 0) {
                    String group3 = this.mAuthMatcher.group(6);
                    if (group3 != null && group3.length() != 0) {
                        hashtable.put(group, group3);
                    }
                } else {
                    hashtable.put(group, group2);
                }
            }
        }
        return hashtable;
    }

    @Override // com.motorola.httpserver.webserver.security.SecurityAuthIntfc
    public int processRequest(Transaction transaction) throws IOException {
        return handleCheckAuthorization(transaction);
    }
}
