package org.mobicents.servlet.sip.security.authentication;

import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.text.ParseException;
import java.util.StringTokenizer;
import javax.sip.header.AuthorizationHeader;
import javax.sip.header.Header;
import javax.sip.header.HeaderFactory;
import javax.sip.header.ProxyAuthenticateHeader;
import javax.sip.header.ProxyAuthorizationHeader;
import javax.sip.header.WWWAuthenticateHeader;
import org.apache.catalina.Realm;
import org.apache.catalina.util.MD5Encoder;
import org.apache.log4j.Logger;
import org.mobicents.servlet.sip.SipFactories;
import org.mobicents.servlet.sip.core.session.SessionManagerUtil;
import org.mobicents.servlet.sip.message.SipServletRequestImpl;
import org.mobicents.servlet.sip.message.SipServletResponseImpl;
import org.mobicents.servlet.sip.startup.loading.SipLoginConfig;

/* loaded from: input_file:org/mobicents/servlet/sip/security/authentication/DigestAuthenticator.class */
public class DigestAuthenticator extends AuthenticatorBase {
    private static final Logger log = Logger.getLogger(DigestAuthenticator.class);
    static final MD5Encoder MD5_ECNODER = new MD5Encoder();
    protected static final String INFO = "org.apache.catalina.authenticator.DigestAuthenticator/1.0";
    protected static volatile MessageDigest md5Helper;
    protected String key = "Catalina";
    private Principal principal;

    @Override // org.mobicents.servlet.sip.security.authentication.AuthenticatorBase
    public String getInfo() {
        return INFO;
    }

    @Override // org.mobicents.servlet.sip.security.authentication.AuthenticatorBase
    public boolean authenticate(SipServletRequestImpl sipServletRequestImpl, SipServletResponseImpl sipServletResponseImpl, SipLoginConfig sipLoginConfig) throws IOException {
        this.principal = null;
        this.principal = sipServletRequestImpl.getUserPrincipal();
        if (this.principal != null) {
            if (!log.isDebugEnabled()) {
                return true;
            }
            log.debug("Already authenticated '" + this.principal.getName() + "'");
            return true;
        }
        String header = sipServletRequestImpl.getHeader("authorization");
        if (header != null) {
            this.principal = findPrincipal(sipServletRequestImpl, header, this.context.getRealm());
            if (this.principal != null) {
                register(sipServletRequestImpl, sipServletResponseImpl, this.principal, "DIGEST", parseUsername(header), null);
                return true;
            }
        }
        setAuthenticateHeader(sipServletRequestImpl, sipServletResponseImpl, sipLoginConfig, generateNOnce(sipServletRequestImpl));
        sipServletResponseImpl.send();
        return false;
    }

    protected static Principal findPrincipal(SipServletRequestImpl sipServletRequestImpl, String str, Realm realm) {
        byte[] digest;
        if (str == null || !str.startsWith("Digest ")) {
            return null;
        }
        String[] split = str.substring(7).trim().split(",");
        String str2 = null;
        String str3 = null;
        String str4 = null;
        String str5 = null;
        String str6 = null;
        String str7 = null;
        String str8 = null;
        String str9 = null;
        String method = sipServletRequestImpl.getMethod();
        for (String str10 : split) {
            if (str10.length() != 0) {
                int indexOf = str10.indexOf(61);
                if (indexOf < 0) {
                    return null;
                }
                String trim = str10.substring(0, indexOf).trim();
                String trim2 = str10.substring(indexOf + 1).trim();
                if ("username".equals(trim)) {
                    str2 = removeQuotes(trim2);
                }
                if ("realm".equals(trim)) {
                    str3 = removeQuotes(trim2, true);
                }
                if ("nonce".equals(trim)) {
                    str4 = removeQuotes(trim2);
                }
                if ("nc".equals(trim)) {
                    str5 = removeQuotes(trim2);
                }
                if ("cnonce".equals(trim)) {
                    str6 = removeQuotes(trim2);
                }
                if ("qop".equals(trim)) {
                    str7 = removeQuotes(trim2);
                }
                if ("uri".equals(trim)) {
                    str8 = removeQuotes(trim2);
                }
                if ("response".equals(trim)) {
                    str9 = removeQuotes(trim2);
                }
            }
        }
        if (str2 == null || str3 == null || str4 == null || str8 == null || str9 == null) {
            return null;
        }
        String str11 = method + SessionManagerUtil.SESSION_KEY_SEPARATOR + str8;
        synchronized (md5Helper) {
            digest = md5Helper.digest(str11.getBytes());
        }
        return realm.authenticate(str2, str9, str4, str5, str6, str7, str3, MD5_ECNODER.encode(digest));
    }

    protected String parseUsername(String str) {
        String nextToken;
        int indexOf;
        if (str == null || !str.startsWith("Digest ")) {
            return null;
        }
        StringTokenizer stringTokenizer = new StringTokenizer(str.substring(7).trim(), ",");
        while (stringTokenizer.hasMoreTokens() && (indexOf = (nextToken = stringTokenizer.nextToken()).indexOf(61)) >= 0) {
            String trim = nextToken.substring(0, indexOf).trim();
            String trim2 = nextToken.substring(indexOf + 1).trim();
            if ("username".equals(trim)) {
                return removeQuotes(trim2);
            }
        }
        return null;
    }

    protected static String removeQuotes(String str, boolean z) {
        return (str.length() <= 0 || str.charAt(0) == '\"' || z) ? str.length() > 2 ? str.substring(1, str.length() - 1) : "" : str;
    }

    protected static String removeQuotes(String str) {
        return removeQuotes(str, false);
    }

    protected String generateNOnce(SipServletRequestImpl sipServletRequestImpl) {
        byte[] digest;
        String str = sipServletRequestImpl.getRemoteAddr() + SessionManagerUtil.SESSION_KEY_SEPARATOR + System.currentTimeMillis() + SessionManagerUtil.SESSION_KEY_SEPARATOR + this.key;
        synchronized (md5Helper) {
            digest = md5Helper.digest(str.getBytes());
        }
        return MD5_ECNODER.encode(digest);
    }

    protected void setAuthenticateHeader(SipServletRequestImpl sipServletRequestImpl, SipServletResponseImpl sipServletResponseImpl, SipLoginConfig sipLoginConfig, String str) {
        byte[] digest;
        String realmName = sipLoginConfig.getRealmName();
        if (realmName == null) {
            realmName = sipServletRequestImpl.getServerName() + SessionManagerUtil.SESSION_KEY_SEPARATOR + sipServletRequestImpl.getServerPort();
        }
        synchronized (md5Helper) {
            digest = md5Helper.digest(str.getBytes());
        }
        String str2 = "Digest realm=\"" + realmName + "\", qop=\"auth\", nonce=\"" + str + "\", opaque=\"" + MD5_ECNODER.encode(digest) + "\"";
        if (sipServletResponseImpl.getStatus() == 407) {
            sipServletResponseImpl.setHeader("Proxy-Authenticate", str2);
        } else {
            sipServletResponseImpl.setHeader("WWW-Authenticate", str2);
        }
    }

    public static AuthorizationHeader getAuthorizationHeader(String str, String str2, String str3, Header header, String str4, String str5, String str6) {
        HeaderFactory headerFactory = SipFactories.headerFactory;
        boolean z = true;
        WWWAuthenticateHeader wWWAuthenticateHeader = null;
        if (header instanceof WWWAuthenticateHeader) {
            wWWAuthenticateHeader = (WWWAuthenticateHeader) header;
        }
        AuthorizationHeader authorizationHeader = null;
        if (header instanceof AuthorizationHeader) {
            authorizationHeader = (AuthorizationHeader) header;
            z = false;
        }
        String qop = z ? wWWAuthenticateHeader.getQop() : authorizationHeader.getQop();
        String algorithm = z ? wWWAuthenticateHeader.getAlgorithm() : authorizationHeader.getAlgorithm();
        String realm = z ? wWWAuthenticateHeader.getRealm() : authorizationHeader.getRealm();
        String scheme = z ? wWWAuthenticateHeader.getScheme() : authorizationHeader.getScheme();
        String opaque = z ? wWWAuthenticateHeader.getOpaque() : authorizationHeader.getOpaque();
        String str7 = qop != null ? "auth" : null;
        try {
            String calculateResponse = MessageDigestResponseAlgorithm.calculateResponse(algorithm, str4, realm, str5, str6, "00000001", "xyz", str, str2, str3, str7);
            try {
                AuthorizationHeader createProxyAuthorizationHeader = ((header instanceof ProxyAuthenticateHeader) || (header instanceof ProxyAuthorizationHeader)) ? headerFactory.createProxyAuthorizationHeader(scheme) : headerFactory.createAuthorizationHeader(scheme);
                createProxyAuthorizationHeader.setUsername(str4);
                createProxyAuthorizationHeader.setRealm(realm);
                createProxyAuthorizationHeader.setNonce(str6);
                createProxyAuthorizationHeader.setParameter("uri", str2);
                createProxyAuthorizationHeader.setResponse(calculateResponse);
                if (algorithm != null) {
                    createProxyAuthorizationHeader.setAlgorithm(algorithm);
                }
                if (opaque != null && opaque.length() > 0) {
                    createProxyAuthorizationHeader.setOpaque(opaque);
                }
                if (str7 != null) {
                    createProxyAuthorizationHeader.setQop(str7);
                    createProxyAuthorizationHeader.setCNonce("xyz");
                    createProxyAuthorizationHeader.setNonceCount(Integer.parseInt("00000001"));
                }
                createProxyAuthorizationHeader.setResponse(calculateResponse);
                return createProxyAuthorizationHeader;
            } catch (ParseException e) {
                throw new SecurityException("Failed to create an authorization header!", e);
            }
        } catch (NullPointerException e2) {
            throw new IllegalStateException("The authenticate header was malformatted", e2);
        }
    }

    public Principal getPrincipal() {
        return this.principal;
    }

    static {
        try {
            md5Helper = MessageDigest.getInstance("MD5");
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalStateException(e);
        }
    }
}
