package io.vertx.ext.web.handler.impl;

import androidx.constraintlayout.core.motion.utils.TypedValues;
import io.vertx.core.AsyncResult;
import io.vertx.core.Future;
import io.vertx.core.Handler;
import io.vertx.core.Vertx;
import io.vertx.core.impl.logging.Logger;
import io.vertx.core.impl.logging.LoggerFactory;
import io.vertx.core.shareddata.LocalMap;
import io.vertx.core.shareddata.Shareable;
import io.vertx.ext.auth.User;
import io.vertx.ext.auth.VertxContextPRNG;
import io.vertx.ext.auth.htdigest.HtdigestAuth;
import io.vertx.ext.auth.htdigest.HtdigestCredentials;
import io.vertx.ext.auth.impl.Codec;
import io.vertx.ext.web.RoutingContext;
import io.vertx.ext.web.Session;
import io.vertx.ext.web.handler.DigestAuthHandler;
import io.vertx.ext.web.handler.FormLoginHandler;
import io.vertx.ext.web.handler.HttpException;
import io.vertx.ext.web.handler.impl.DigestAuthHandlerImpl;
import io.vertx.ext.web.handler.impl.HTTPAuthorizationHandler;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import java.util.function.BiConsumer;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

/* loaded from: classes2.dex */
public class DigestAuthHandlerImpl extends HTTPAuthorizationHandler<HtdigestAuth> implements DigestAuthHandler {
    private static final String DEFAULT_NONCE_MAP_NAME = "htdigest.nonces";
    private static final MessageDigest MD5;
    private long lastExpireRun;
    private final long nonceExpireTimeout;
    private final LocalMap<String, Nonce> nonces;
    private final VertxContextPRNG random;
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) HTTPAuthorizationHandler.class);
    private static final Pattern PARSER = Pattern.compile("(\\w+)=[\"]?([^\"]*)[\"]?$");
    private static final Pattern SPLITTER = Pattern.compile(",(?=(?:[^\"]|\"[^\"]*\")*$)");

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public static class Nonce implements Shareable {
        private final int count;
        private final long createdAt;

        Nonce(int i) {
            this(System.currentTimeMillis(), i);
        }

        Nonce(long j, int i) {
            this.createdAt = j;
            this.count = i;
        }
    }

    static {
        try {
            MD5 = MessageDigest.getInstance("MD5");
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    }

    public DigestAuthHandlerImpl(Vertx vertx, HtdigestAuth htdigestAuth, long j) {
        super(htdigestAuth, HTTPAuthorizationHandler.Type.DIGEST, htdigestAuth.realm());
        this.random = VertxContextPRNG.current(vertx);
        this.nonces = vertx.sharedData().getLocalMap(DEFAULT_NONCE_MAP_NAME);
        this.nonceExpireTimeout = j;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ void lambda$null$1(Handler handler, AsyncResult asyncResult) {
        if (asyncResult.failed()) {
            handler.handle(Future.failedFuture(new HttpException(TypedValues.CycleType.TYPE_CURVE_FIT, asyncResult.cause())));
        } else {
            handler.handle(asyncResult);
        }
    }

    private static synchronized String md5(byte[] bArr) {
        String base16Encode;
        synchronized (DigestAuthHandlerImpl.class) {
            MessageDigest messageDigest = MD5;
            messageDigest.reset();
            base16Encode = Codec.base16Encode(messageDigest.digest(bArr));
        }
        return base16Encode;
    }

    @Override // io.vertx.ext.web.handler.impl.AuthenticationHandlerInternal
    public void authenticate(final RoutingContext routingContext, final Handler<AsyncResult<User>> handler) {
        final long currentTimeMillis = System.currentTimeMillis();
        if (currentTimeMillis - this.lastExpireRun > this.nonceExpireTimeout / 2) {
            final HashSet hashSet = new HashSet();
            this.nonces.forEach(new BiConsumer() { // from class: io.vertx.ext.web.handler.impl.DigestAuthHandlerImpl$$ExternalSyntheticLambda0
                @Override // java.util.function.BiConsumer
                public final void accept(Object obj, Object obj2) {
                    DigestAuthHandlerImpl.this.m465xfea29ee0(currentTimeMillis, hashSet, (String) obj, (DigestAuthHandlerImpl.Nonce) obj2);
                }
            });
            Iterator it2 = hashSet.iterator();
            while (it2.hasNext()) {
                this.nonces.remove((String) it2.next());
            }
            this.lastExpireRun = currentTimeMillis;
        }
        parseAuthorization(routingContext, new Handler() { // from class: io.vertx.ext.web.handler.impl.DigestAuthHandlerImpl$$ExternalSyntheticLambda1
            @Override // io.vertx.core.Handler
            public final void handle(Object obj) {
                DigestAuthHandlerImpl.this.m466x191801e2(handler, routingContext, (AsyncResult) obj);
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: lambda$authenticate$0$io-vertx-ext-web-handler-impl-DigestAuthHandlerImpl, reason: not valid java name */
    public /* synthetic */ void m465xfea29ee0(long j, Set set, String str, Nonce nonce) {
        if (nonce == null || nonce.createdAt + this.nonceExpireTimeout >= j) {
            return;
        }
        set.add(str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: lambda$authenticate$2$io-vertx-ext-web-handler-impl-DigestAuthHandlerImpl, reason: not valid java name */
    public /* synthetic */ void m466x191801e2(final Handler handler, RoutingContext routingContext, AsyncResult asyncResult) {
        String str;
        char c;
        if (asyncResult.failed()) {
            handler.handle(Future.failedFuture(asyncResult.cause()));
            return;
        }
        HtdigestCredentials htdigestCredentials = new HtdigestCredentials();
        try {
            for (String str2 : SPLITTER.split((CharSequence) asyncResult.result())) {
                Matcher matcher = PARSER.matcher(str2);
                if (matcher.find()) {
                    String group = matcher.group(1);
                    switch (group.hashCode()) {
                        case -1355678356:
                            if (group.equals("cnonce")) {
                                c = 1;
                                break;
                            }
                            break;
                        case -1077554975:
                            if (group.equals("method")) {
                                c = 2;
                                break;
                            }
                            break;
                        case -1010695135:
                            if (group.equals("opaque")) {
                                c = 5;
                                break;
                            }
                            break;
                        case -340323263:
                            if (group.equals("response")) {
                                c = '\b';
                                break;
                            }
                            break;
                        case -265713450:
                            if (group.equals(FormLoginHandler.DEFAULT_USERNAME_PARAM)) {
                                c = '\n';
                                break;
                            }
                            break;
                        case 3509:
                            if (group.equals("nc")) {
                                c = 3;
                                break;
                            }
                            break;
                        case 112146:
                            if (group.equals("qop")) {
                                c = 6;
                                break;
                            }
                            break;
                        case 116076:
                            if (group.equals("uri")) {
                                c = '\t';
                                break;
                            }
                            break;
                        case 105002991:
                            if (group.equals("nonce")) {
                                c = 4;
                                break;
                            }
                            break;
                        case 108386959:
                            if (group.equals("realm")) {
                                c = 7;
                                break;
                            }
                            break;
                        case 225490031:
                            if (group.equals("algorithm")) {
                                c = 0;
                                break;
                            }
                            break;
                    }
                    c = 65535;
                    switch (c) {
                        case 0:
                            htdigestCredentials.setAlgorithm(matcher.group(2));
                            break;
                        case 1:
                            htdigestCredentials.setCnonce(matcher.group(2));
                            break;
                        case 2:
                            htdigestCredentials.setMethod(matcher.group(2));
                            break;
                        case 3:
                            htdigestCredentials.setNc(matcher.group(2));
                            break;
                        case 4:
                            htdigestCredentials.setNonce(matcher.group(2));
                            break;
                        case 5:
                            htdigestCredentials.setOpaque(matcher.group(2));
                            break;
                        case 6:
                            htdigestCredentials.setQop(matcher.group(2));
                            break;
                        case 7:
                            htdigestCredentials.setRealm(matcher.group(2));
                            break;
                        case '\b':
                            htdigestCredentials.setResponse(matcher.group(2));
                            break;
                        case '\t':
                            htdigestCredentials.setUri(matcher.group(2));
                            break;
                        case '\n':
                            htdigestCredentials.setUsername(matcher.group(2));
                            break;
                        default:
                            LOG.info("Uknown parameter: " + matcher.group(1));
                            break;
                    }
                }
            }
            String nonce = htdigestCredentials.getNonce();
            if (!this.nonces.containsKey(nonce)) {
                handler.handle(Future.failedFuture(UNAUTHORIZED));
                return;
            }
            if (htdigestCredentials.getQop() != null) {
                int parseInt = Integer.parseInt(htdigestCredentials.getNc(), 16);
                Nonce nonce2 = this.nonces.get(nonce);
                if (parseInt <= nonce2.count) {
                    handler.handle(Future.failedFuture(UNAUTHORIZED));
                    return;
                }
                this.nonces.put(nonce, new Nonce(nonce2.createdAt, parseInt));
            }
            Session session = routingContext.session();
            if (session == null || (str = (String) session.data().get("opaque")) == null || str.equals(htdigestCredentials.getOpaque())) {
                htdigestCredentials.setMethod(routingContext.request().method().name());
                this.authProvider.authenticate(htdigestCredentials, new Handler() { // from class: io.vertx.ext.web.handler.impl.DigestAuthHandlerImpl$$ExternalSyntheticLambda2
                    @Override // io.vertx.core.Handler
                    public final void handle(Object obj) {
                        DigestAuthHandlerImpl.lambda$null$1(Handler.this, (AsyncResult) obj);
                    }
                });
            } else {
                handler.handle(Future.failedFuture(UNAUTHORIZED));
            }
        } catch (RuntimeException e) {
            handler.handle(Future.failedFuture(e));
        }
    }

    @Override // io.vertx.ext.web.handler.impl.HTTPAuthorizationHandler, io.vertx.ext.web.handler.impl.AuthenticationHandlerInternal
    public boolean setAuthenticateHeader(RoutingContext routingContext) {
        byte[] bArr = new byte[32];
        this.random.nextBytes(bArr);
        String md5 = md5(bArr);
        this.nonces.put(md5, new Nonce(0));
        Session session = routingContext.session();
        String str = session != null ? (String) session.data().get("opaque") : null;
        if (str == null) {
            this.random.nextBytes(bArr);
            str = md5(bArr);
        }
        routingContext.response().headers().add("WWW-Authenticate", "Digest realm=\"" + this.realm + "\", qop=\"auth\", nonce=\"" + md5 + "\", opaque=\"" + str + "\"");
        return true;
    }
}
