package org.apache.catalina.authenticator;

import com.iplanet.ias.admin.server.gui.bean.AdminConstants;
import com.sun.enterprise.deployment.xml.RuntimeTagNames;
import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.util.Hashtable;
import java.util.StringTokenizer;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.catalina.HttpRequest;
import org.apache.catalina.HttpResponse;
import org.apache.catalina.Realm;
import org.apache.catalina.deploy.LoginConfig;
import org.apache.catalina.util.MD5Encoder;

/* loaded from: input_file:116287-20/SUNWascmo/reloc/$ASINSTDIR/lib/appserv-rt.jar:org/apache/catalina/authenticator/DigestAuthenticator.class */
public class DigestAuthenticator extends AuthenticatorBase {
    private static final int USE_ONCE = 1;
    private static final int USE_NEVER_EXPIRES = Integer.MAX_VALUE;
    private static final int TIMEOUT_INFINITE = Integer.MAX_VALUE;
    private static final MD5Encoder md5Encoder = new MD5Encoder();
    private static final String info = "org.apache.catalina.authenticator.DigestAuthenticator/1.0";
    private static MessageDigest md5Helper;
    private Hashtable nOnceTokens = new Hashtable();
    private long nOnceTimeout = 2147483647L;
    private int nOnceUses = 1;
    private String key = "Catalina";

    public DigestAuthenticator() {
        try {
            if (md5Helper == null) {
                md5Helper = MessageDigest.getInstance("MD5");
            }
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
            throw new IllegalStateException();
        }
    }

    @Override // org.apache.catalina.authenticator.AuthenticatorBase, org.apache.catalina.valves.ValveBase, org.apache.catalina.Valve
    public String getInfo() {
        return info;
    }

    @Override // org.apache.catalina.authenticator.AuthenticatorBase
    public boolean authenticate(HttpRequest httpRequest, HttpResponse httpResponse, LoginConfig loginConfig) throws IOException {
        Principal findPrincipal;
        if (((HttpServletRequest) httpRequest.getRequest()).getUserPrincipal() != null) {
            return true;
        }
        HttpServletRequest httpServletRequest = (HttpServletRequest) httpRequest.getRequest();
        HttpServletResponse httpServletResponse = (HttpServletResponse) httpResponse.getResponse();
        String authorization = httpRequest.getAuthorization();
        if (authorization != null && (findPrincipal = findPrincipal(httpServletRequest, authorization, this.context.getRealm())) != null) {
            register(httpRequest, httpResponse, findPrincipal, "DIGEST", parseUsername(authorization), null);
            return true;
        }
        setAuthenticateHeader(httpServletRequest, httpServletResponse, loginConfig, generateNOnce(httpServletRequest));
        httpServletResponse.setStatus(401);
        return false;
    }

    private static Principal findPrincipal(HttpServletRequest httpServletRequest, String str, Realm realm) {
        if (str == null || !str.startsWith("Digest ")) {
            return null;
        }
        StringTokenizer stringTokenizer = new StringTokenizer(str.substring(7).trim(), ",");
        String str2 = null;
        String str3 = null;
        String str4 = null;
        String str5 = null;
        String str6 = null;
        String str7 = null;
        String str8 = null;
        String str9 = null;
        String method = httpServletRequest.getMethod();
        while (stringTokenizer.hasMoreTokens()) {
            String nextToken = stringTokenizer.nextToken();
            int indexOf = nextToken.indexOf(61);
            if (indexOf < 0) {
                return null;
            }
            String trim = nextToken.substring(0, indexOf).trim();
            String trim2 = nextToken.substring(indexOf + 1).trim();
            if (AdminConstants.JDBC_USERNAME.equals(trim)) {
                str2 = removeQuotes(trim2);
            }
            if (RuntimeTagNames.REALM.equals(trim)) {
                str3 = removeQuotes(trim2);
            }
            if ("nonce".equals(trim)) {
                str4 = removeQuotes(trim2);
            }
            if ("nc".equals(trim)) {
                str5 = trim2;
            }
            if ("cnonce".equals(trim)) {
                str6 = removeQuotes(trim2);
            }
            if ("qop".equals(trim)) {
                str7 = removeQuotes(trim2);
            }
            if ("uri".equals(trim)) {
                str8 = removeQuotes(trim2);
            }
            if ("response".equals(trim)) {
                str9 = removeQuotes(trim2);
            }
        }
        if (str2 == null || str3 == null || str4 == null || str8 == null || str9 == null) {
            return null;
        }
        return realm.authenticate(str2, str9, str4, str5, str6, str7, str3, md5Encoder.encode(md5Helper.digest(new StringBuffer().append(method).append(com.iplanet.ias.web.Constants.NAME_SEPARATOR).append(str8).toString().getBytes())));
    }

    private String parseUsername(String str) {
        String nextToken;
        int indexOf;
        if (str == null || !str.startsWith("Digest ")) {
            return null;
        }
        StringTokenizer stringTokenizer = new StringTokenizer(str.substring(7).trim(), ",");
        while (stringTokenizer.hasMoreTokens() && (indexOf = (nextToken = stringTokenizer.nextToken()).indexOf(61)) >= 0) {
            String trim = nextToken.substring(0, indexOf).trim();
            String trim2 = nextToken.substring(indexOf + 1).trim();
            if (AdminConstants.JDBC_USERNAME.equals(trim)) {
                return removeQuotes(trim2);
            }
        }
        return null;
    }

    private static String removeQuotes(String str) {
        return str.length() > 2 ? str.substring(1, str.length() - 1) : new String();
    }

    private String generateNOnce(HttpServletRequest httpServletRequest) {
        long currentTimeMillis = System.currentTimeMillis();
        String encode = md5Encoder.encode(md5Helper.digest(new StringBuffer().append(httpServletRequest.getRemoteAddr()).append(com.iplanet.ias.web.Constants.NAME_SEPARATOR).append(currentTimeMillis).append(com.iplanet.ias.web.Constants.NAME_SEPARATOR).append(this.key).toString().getBytes()));
        this.nOnceTokens.put(encode, new Long(currentTimeMillis + this.nOnceTimeout));
        return encode;
    }

    private void setAuthenticateHeader(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, LoginConfig loginConfig, String str) {
        String realmName = loginConfig.getRealmName();
        if (realmName == null) {
            realmName = new StringBuffer().append(httpServletRequest.getServerName()).append(com.iplanet.ias.web.Constants.NAME_SEPARATOR).append(httpServletRequest.getServerPort()).toString();
        }
        httpServletResponse.setHeader("WWW-Authenticate", new StringBuffer().append("Digest realm=\"").append(realmName).append("\", ").append("qop=\"auth\", nonce=\"").append(str).append("\", ").append("opaque=\"").append(md5Encoder.encode(md5Helper.digest(str.getBytes()))).append("\"").toString());
    }
}
