package org.eclipse.jetty.client.util;

import java.io.IOException;
import java.net.URI;
import java.nio.file.Path;
import java.security.PrivilegedAction;
import java.util.Arrays;
import java.util.Base64;
import java.util.Optional;
import java.util.function.Function;
import java.util.function.Predicate;
import java.util.function.Supplier;
import java.util.stream.Stream;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.login.Configuration;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.apache.commons.lang3.StringUtils;
import org.eclipse.jetty.client.api.Authentication;
import org.eclipse.jetty.client.api.ContentResponse;
import org.eclipse.jetty.client.api.Request;
import org.eclipse.jetty.client.util.SPNEGOAuthentication;
import org.eclipse.jetty.http.HttpHeader;
import org.eclipse.jetty.util.Attributes;
import org.eclipse.jetty.util.log.Log;
import org.eclipse.jetty.util.log.Logger;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.Oid;

/* loaded from: classes4.dex */
public class SPNEGOAuthentication extends AbstractAuthentication {
    public static final Logger k = Log.getLogger((Class<?>) SPNEGOAuthentication.class);
    public static final String l = HttpHeader.NEGOTIATE.asString();
    public final GSSManager c;
    public String d;
    public String e;
    public Path f;
    public String g;
    public boolean h;
    public Path i;
    public boolean j;

    /* loaded from: classes4.dex */
    public static class SPNEGOResult implements Authentication.Result {
        public final URI a;
        public final HttpHeader b;
        public final String c;

        public SPNEGOResult(URI uri, String str) {
            this(uri, HttpHeader.AUTHORIZATION, str);
        }

        public SPNEGOResult(URI uri, HttpHeader httpHeader, String str) {
            String str2;
            this.a = uri;
            this.b = httpHeader;
            StringBuilder sb = new StringBuilder();
            sb.append(SPNEGOAuthentication.l);
            if (str == null) {
                str2 = "";
            } else {
                str2 = StringUtils.SPACE + str;
            }
            sb.append(str2);
            this.c = sb.toString();
        }

        @Override // org.eclipse.jetty.client.api.Authentication.Result
        public void apply(Request request) {
            request.header(this.b, this.c);
        }

        @Override // org.eclipse.jetty.client.api.Authentication.Result
        public URI getURI() {
            return this.a;
        }
    }

    /* loaded from: classes4.dex */
    public class b implements CallbackHandler {
        public b() {
        }

        public final /* synthetic */ boolean b(PasswordCallback passwordCallback) {
            return passwordCallback.getPrompt().contains(SPNEGOAuthentication.this.getUserName());
        }

        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) {
            Stream stream;
            Stream filter;
            Stream map;
            Optional findAny;
            Optional filter2;
            Object orElseThrow;
            stream = Arrays.stream(callbackArr);
            final Class<PasswordCallback> cls = PasswordCallback.class;
            filter = stream.filter(new Predicate() { // from class: kl3
                @Override // java.util.function.Predicate
                public final boolean test(Object obj) {
                    return cls.isInstance((Callback) obj);
                }
            });
            map = filter.map(new Function() { // from class: ll3
                @Override // java.util.function.Function
                public final Object apply(Object obj) {
                    return (PasswordCallback) cls.cast((Callback) obj);
                }
            });
            findAny = map.findAny();
            filter2 = findAny.filter(new Predicate() { // from class: ml3
                @Override // java.util.function.Predicate
                public final boolean test(Object obj) {
                    boolean b;
                    b = SPNEGOAuthentication.b.this.b((PasswordCallback) obj);
                    return b;
                }
            });
            orElseThrow = filter2.orElseThrow(new Supplier() { // from class: nl3
                @Override // java.util.function.Supplier
                public final Object get() {
                    return new IOException();
                }
            });
            ((PasswordCallback) orElseThrow).setPassword(SPNEGOAuthentication.this.getUserPassword().toCharArray());
        }
    }

    /* loaded from: classes4.dex */
    public class c extends Configuration {
        public c() {
        }
    }

    /* loaded from: classes4.dex */
    public static class d {
        public static final String c = "org.eclipse.jetty.client.util.SPNEGOAuthentication$d";
        public Subject a;
        public GSSContext b;

        public d() {
        }

        public String toString() {
            return String.format("%s@%x[context=%s]", getClass().getSimpleName(), Integer.valueOf(hashCode()), this.b);
        }
    }

    public SPNEGOAuthentication(URI uri) {
        super(uri, Authentication.ANY_REALM);
        this.c = GSSManager.getInstance();
    }

    @Override // org.eclipse.jetty.client.api.Authentication
    public Authentication.Result authenticate(Request request, ContentResponse contentResponse, Authentication.HeaderInfo headerInfo, Attributes attributes) {
        Base64.Decoder decoder;
        byte[] decode;
        byte[] bArr;
        String str;
        Base64.Encoder encoder;
        byte[] encode;
        d dVar = (d) attributes.getAttribute(d.c);
        Logger logger = k;
        if (logger.isDebugEnabled()) {
            logger.debug("Authenticate with context {}", dVar);
        }
        if (dVar == null) {
            dVar = e();
            attributes.setAttribute(d.c, dVar);
        }
        String base64 = headerInfo.getBase64();
        if (base64 == null) {
            bArr = new byte[0];
        } else {
            decoder = Base64.getDecoder();
            decode = decoder.decode(base64);
            bArr = decode;
        }
        byte[] bArr2 = (byte[]) Subject.doAs(dVar.a, c(dVar, request.getHost(), bArr));
        if (bArr2 == null) {
            str = null;
        } else {
            encoder = Base64.getEncoder();
            encode = encoder.encode(bArr2);
            str = new String(encode);
        }
        return new SPNEGOResult(null, str);
    }

    public final PrivilegedAction c(final d dVar, final String str, final byte[] bArr) {
        return new PrivilegedAction() { // from class: il3
            @Override // java.security.PrivilegedAction
            public final Object run() {
                byte[] d2;
                d2 = SPNEGOAuthentication.this.d(dVar, str, bArr);
                return d2;
            }
        };
    }

    public final /* synthetic */ byte[] d(d dVar, String str, byte[] bArr) {
        try {
            GSSContext gSSContext = dVar.b;
            if (gSSContext == null) {
                gSSContext = this.c.createContext(this.c.createName(getServiceName() + "@" + str, GSSName.NT_HOSTBASED_SERVICE), new Oid("1.3.6.1.5.5.2"), (GSSCredential) null, Integer.MAX_VALUE);
                dVar.b = gSSContext;
                gSSContext.requestMutualAuth(true);
            }
            byte[] initSecContext = gSSContext.initSecContext(bArr, 0, bArr.length);
            Logger logger = k;
            if (logger.isDebugEnabled()) {
                Object[] objArr = new Object[2];
                objArr[0] = gSSContext.isEstablished() ? "Initialized" : "Initializing";
                objArr[1] = gSSContext;
                logger.debug("{} {}", objArr);
            }
            return initSecContext;
        } catch (GSSException e) {
            throw new RuntimeException((Throwable) e);
        }
    }

    public final d e() {
        try {
            String userName = getUserName();
            Logger logger = k;
            if (logger.isDebugEnabled()) {
                logger.debug("Logging in user {}", userName);
            }
            LoginContext loginContext = new LoginContext("", (Subject) null, new b(), new c());
            loginContext.login();
            Subject subject = loginContext.getSubject();
            d dVar = new d();
            dVar.a = subject;
            if (logger.isDebugEnabled()) {
                logger.debug("Initialized {}", dVar);
            }
            return dVar;
        } catch (LoginException e) {
            throw new RuntimeException(e);
        }
    }

    public String getServiceName() {
        return this.g;
    }

    public Path getTicketCachePath() {
        return this.i;
    }

    @Override // org.eclipse.jetty.client.util.AbstractAuthentication
    public String getType() {
        return l;
    }

    public Path getUserKeyTabPath() {
        return this.f;
    }

    public String getUserName() {
        return this.d;
    }

    public String getUserPassword() {
        return this.e;
    }

    public boolean isRenewTGT() {
        return this.j;
    }

    public boolean isUseTicketCache() {
        return this.h;
    }

    public void setRenewTGT(boolean z) {
        this.j = z;
    }

    public void setServiceName(String str) {
        this.g = str;
    }

    public void setTicketCachePath(Path path) {
        this.i = path;
    }

    public void setUseTicketCache(boolean z) {
        this.h = z;
    }

    public void setUserKeyTabPath(Path path) {
        this.f = path;
    }

    public void setUserName(String str) {
        this.d = str;
    }

    public void setUserPassword(String str) {
        this.e = str;
    }
}
