package org.apache.mina.proxy.handlers.http.ntlm;

import java.io.IOException;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.apache.mina.core.filterchain.IoFilter;
import org.apache.mina.proxy.ProxyAuthException;
import org.apache.mina.proxy.handlers.http.AbstractAuthLogicHandler;
import org.apache.mina.proxy.handlers.http.HttpProxyConstants;
import org.apache.mina.proxy.handlers.http.HttpProxyRequest;
import org.apache.mina.proxy.handlers.http.HttpProxyResponse;
import org.apache.mina.proxy.session.ProxyIoSession;
import org.apache.mina.proxy.utils.StringUtilities;
import org.apache.mina.util.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:META-INF/repository/fuse-eap-distro-6.3.0.redhat-20161104.090424-27.zip:modules/system/layers/fuse/org/apache/mina/core/main/mina-core-2.0.13.jar:org/apache/mina/proxy/handlers/http/ntlm/HttpNTLMAuthLogicHandler.class */
public class HttpNTLMAuthLogicHandler extends AbstractAuthLogicHandler {
    private static final Logger LOGGER = LoggerFactory.getLogger(HttpNTLMAuthLogicHandler.class);
    private byte[] challengePacket;

    public HttpNTLMAuthLogicHandler(ProxyIoSession proxyIoSession) throws ProxyAuthException {
        super(proxyIoSession);
        this.challengePacket = null;
        ((HttpProxyRequest) this.request).checkRequiredProperties(HttpProxyConstants.USER_PROPERTY, HttpProxyConstants.PWD_PROPERTY, HttpProxyConstants.DOMAIN_PROPERTY, HttpProxyConstants.WORKSTATION_PROPERTY);
    }

    @Override // org.apache.mina.proxy.handlers.http.AbstractAuthLogicHandler
    public void doHandshake(IoFilter.NextFilter nextFilter) throws ProxyAuthException {
        LOGGER.debug(" doHandshake()");
        if (this.step > 0 && this.challengePacket == null) {
            throw new IllegalStateException("NTLM Challenge packet not received");
        }
        HttpProxyRequest httpProxyRequest = (HttpProxyRequest) this.request;
        Map<String, List<String>> headers = httpProxyRequest.getHeaders() != null ? httpProxyRequest.getHeaders() : new HashMap<>();
        String str = httpProxyRequest.getProperties().get(HttpProxyConstants.DOMAIN_PROPERTY);
        String str2 = httpProxyRequest.getProperties().get(HttpProxyConstants.WORKSTATION_PROPERTY);
        if (this.step > 0) {
            LOGGER.debug("  sending NTLM challenge response");
            StringUtilities.addValueToHeader(headers, "Proxy-Authorization", "NTLM " + new String(Base64.encodeBase64(NTLMUtilities.createType3Message(httpProxyRequest.getProperties().get(HttpProxyConstants.USER_PROPERTY), httpProxyRequest.getProperties().get(HttpProxyConstants.PWD_PROPERTY), NTLMUtilities.extractChallengeFromType2Message(this.challengePacket), str, str2, Integer.valueOf(NTLMUtilities.extractFlagsFromType2Message(this.challengePacket)), null))), true);
        } else {
            LOGGER.debug("  sending NTLM negotiation packet");
            StringUtilities.addValueToHeader(headers, "Proxy-Authorization", "NTLM " + new String(Base64.encodeBase64(NTLMUtilities.createType1Message(str2, str, null, null))), true);
        }
        addKeepAliveHeaders(headers);
        httpProxyRequest.setHeaders(headers);
        writeRequest(nextFilter, httpProxyRequest);
        this.step++;
    }

    private String getNTLMHeader(HttpProxyResponse httpProxyResponse) {
        for (String str : httpProxyResponse.getHeaders().get("Proxy-Authenticate")) {
            if (str.startsWith("NTLM")) {
                return str;
            }
        }
        return null;
    }

    @Override // org.apache.mina.proxy.handlers.http.AbstractAuthLogicHandler
    public void handleResponse(HttpProxyResponse httpProxyResponse) throws ProxyAuthException {
        if (this.step == 0) {
            String nTLMHeader = getNTLMHeader(httpProxyResponse);
            this.step = 1;
            if (nTLMHeader == null || nTLMHeader.length() < 5) {
                return;
            }
        }
        if (this.step != 1) {
            throw new ProxyAuthException("Received unexpected response code (" + httpProxyResponse.getStatusLine() + ").");
        }
        String nTLMHeader2 = getNTLMHeader(httpProxyResponse);
        if (nTLMHeader2 == null || nTLMHeader2.length() < 5) {
            throw new ProxyAuthException("Unexpected error while reading server challenge !");
        }
        try {
            this.challengePacket = Base64.decodeBase64(nTLMHeader2.substring(5).getBytes(this.proxyIoSession.getCharsetName()));
            this.step = 2;
        } catch (IOException e) {
            throw new ProxyAuthException("Unable to decode the base64 encoded NTLM challenge", e);
        }
    }
}
