package com.azure.core.util;

import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.Base64;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Objects;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.atomic.AtomicInteger;
import java.util.concurrent.atomic.AtomicReference;
import java.util.function.Function;
import java.util.function.Supplier;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.apache.commons.codec.digest.MessageDigestAlgorithms;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:applicationinsights-agent-3.4.6.jar:inst/com/azure/core/util/AuthorizationChallengeHandler.classdata */
public class AuthorizationChallengeHandler {
    private static final String BASIC = "Basic ";
    private static final String DIGEST = "Digest ";
    private static final String ALGORITHM = "algorithm";
    private static final String REALM = "realm";
    private static final String NONCE = "nonce";
    private static final String QOP = "qop";
    private static final String AUTH = "auth";
    private static final String AUTH_INT = "auth-int";
    private static final String USERHASH = "userhash";
    private static final String OPAQUE = "opaque";
    private static final String NEXT_NONCE = "nextnonce";
    private static final String SESS = "-SESS";
    private static final String SHA_256 = "SHA-256";
    private static final String MD5 = "MD5";
    public static final String WWW_AUTHENTICATE = "WWW-Authenticate";
    public static final String PROXY_AUTHENTICATE = "Proxy-Authenticate";
    public static final String AUTHORIZATION = "Authorization";
    public static final String PROXY_AUTHORIZATION = "Proxy-Authorization";
    public static final String AUTHENTICATION_INFO = "Authentication-Info";
    public static final String PROXY_AUTHENTICATION_INFO = "Proxy-Authentication-Info";
    private final String username;
    private final String password;
    private final Map<String, AtomicInteger> nonceTracker = new ConcurrentHashMap();
    private final AtomicReference<String> authorizationPipeliningType = new AtomicReference<>();
    private final AtomicReference<ConcurrentHashMap<String, String>> lastChallenge = new AtomicReference<>();
    private static final char[] HEX_CHARACTERS = "0123456789abcdef".toCharArray();
    private static final String SHA_512_256 = "SHA-512-256";
    private static final String SHA_512_256_SESS = "SHA-512-256-SESS";
    private static final String SHA_256_SESS = "SHA-256-SESS";
    private static final String MD5_SESS = "MD5-SESS";
    private static final String[] ALGORITHM_PREFERENCE_ORDER = {SHA_512_256, SHA_512_256_SESS, "SHA-256", SHA_256_SESS, "MD5", MD5_SESS};

    public AuthorizationChallengeHandler(String str, String str2) {
        this.username = (String) Objects.requireNonNull(str, "'username' cannot be null.");
        this.password = (String) Objects.requireNonNull(str2, "'password' cannot be null.");
    }

    public final String handleBasic() {
        this.authorizationPipeliningType.set(BASIC);
        return BASIC + Base64.getEncoder().encodeToString((this.username + ":" + this.password).getBytes(StandardCharsets.UTF_8));
    }

    public final String handleDigest(String str, String str2, List<Map<String, String>> list, Supplier<byte[]> supplier) {
        Function<byte[], byte[]> digestFunction;
        this.authorizationPipeliningType.set(DIGEST);
        Map<String, List<Map<String, String>>> partitionByChallengeType = partitionByChallengeType(list);
        for (String str3 : ALGORITHM_PREFERENCE_ORDER) {
            if (partitionByChallengeType.containsKey(str3) && (digestFunction = getDigestFunction(str3)) != null) {
                ConcurrentHashMap<String, String> concurrentHashMap = new ConcurrentHashMap<>(partitionByChallengeType.get(str3).get(0));
                this.lastChallenge.set(concurrentHashMap);
                return createDigestAuthorizationHeader(str, str2, concurrentHashMap, str3, supplier, digestFunction);
            }
        }
        return null;
    }

    public final String attemptToPipelineAuthorization(String str, String str2, Supplier<byte[]> supplier) {
        String str3 = this.authorizationPipeliningType.get();
        if (!DIGEST.equals(str3)) {
            if (BASIC.equals(str3)) {
                return handleBasic();
            }
            return null;
        }
        HashMap hashMap = new HashMap(this.lastChallenge.get());
        String str4 = hashMap.get(ALGORITHM);
        if (str4 == null) {
            str4 = "MD5";
        }
        return createDigestAuthorizationHeader(str, str2, hashMap, str4, supplier, getDigestFunction(str4));
    }

    public final void consumeAuthenticationInfoHeader(Map<String, String> map) {
        if (!CoreUtils.isNullOrEmpty(map) && map.containsKey(NEXT_NONCE)) {
            this.lastChallenge.get().put("nonce", map.get(NEXT_NONCE));
        }
    }

    public static Map<String, String> parseAuthenticationOrAuthorizationHeader(String str) {
        if (CoreUtils.isNullOrEmpty(str)) {
            return Collections.emptyMap();
        }
        if (str.startsWith(BASIC) || str.startsWith(DIGEST)) {
            str = str.split(StringUtils.SPACE, 2)[1];
        }
        return (Map) Stream.of((Object[]) str.split(",")).map((v0) -> {
            return v0.trim();
        }).map(str2 -> {
            return str2.split("=", 2);
        }).collect(Collectors.toMap(strArr -> {
            return strArr[0].toLowerCase(Locale.ROOT);
        }, strArr2 -> {
            return strArr2[1].replace("\"", "");
        }));
    }

    private String createDigestAuthorizationHeader(String str, String str2, Map<String, String> map, String str3, Supplier<byte[]> supplier, Function<byte[], byte[]> function) {
        String str4 = map.get(REALM);
        String str5 = map.get("nonce");
        String qop = getQop(map.get(QOP));
        String str6 = map.get(OPAQUE);
        boolean parseBoolean = Boolean.parseBoolean(map.get(USERHASH));
        int i = 0;
        String str7 = null;
        if (AUTH.equals(qop) || AUTH_INT.equals(qop)) {
            str7 = generateNonce();
            i = getNc(map);
        } else if (str3.endsWith(SESS)) {
            str7 = generateNonce();
        }
        String calculateHa1Sess = str3.endsWith(SESS) ? calculateHa1Sess(function, str4, str5, str7) : calculateHa1NoSess(function, str4);
        String calculateHa2AuthIntQop = AUTH_INT.equals(qop) ? calculateHa2AuthIntQop(function, str, str2, supplier.get()) : calculateHa2AuthQopOrEmpty(function, str, str2);
        return buildAuthorizationHeader(parseBoolean ? calculateUserhash(function, str4) : this.username, str4, str2, str3, str5, i, str7, qop, (AUTH.equals(qop) || AUTH_INT.equals(qop)) ? calculateResponseKnownQop(function, calculateHa1Sess, str5, i, str7, qop, calculateHa2AuthIntQop) : calculateResponseUnknownQop(function, calculateHa1Sess, str5, calculateHa2AuthIntQop), str6, parseBoolean);
    }

    private int getNc(Map<String, String> map) {
        return this.nonceTracker.compute(map.get("nonce"), (str, atomicInteger) -> {
            if (atomicInteger == null) {
                return new AtomicInteger(1);
            }
            atomicInteger.incrementAndGet();
            return atomicInteger;
        }).get();
    }

    private String getQop(String str) {
        if (CoreUtils.isNullOrEmpty(str)) {
            return null;
        }
        if (str.equalsIgnoreCase(AUTH)) {
            return AUTH;
        }
        if (str.equalsIgnoreCase(AUTH_INT)) {
            return AUTH_INT;
        }
        return null;
    }

    private String calculateHa1NoSess(Function<byte[], byte[]> function, String str) {
        return hexStringOf(function.apply(String.format("%s:%s:%s", this.username, str, this.password).getBytes(StandardCharsets.UTF_8)));
    }

    private String calculateHa1Sess(Function<byte[], byte[]> function, String str, String str2, String str3) {
        return hexStringOf(function.apply(String.format("%s:%s:%s", calculateHa1NoSess(function, str), str2, str3).getBytes(StandardCharsets.UTF_8)));
    }

    private String calculateHa2AuthQopOrEmpty(Function<byte[], byte[]> function, String str, String str2) {
        return hexStringOf(function.apply(String.format("%s:%s", str, str2).getBytes(StandardCharsets.UTF_8)));
    }

    private String calculateHa2AuthIntQop(Function<byte[], byte[]> function, String str, String str2, byte[] bArr) {
        return hexStringOf(function.apply(String.format("%s:%s:%s", str, str2, hexStringOf(function.apply(bArr))).getBytes(StandardCharsets.UTF_8)));
    }

    private String calculateResponseUnknownQop(Function<byte[], byte[]> function, String str, String str2, String str3) {
        return hexStringOf(function.apply(String.format("%s:%s:%s", str, str2, str3).getBytes(StandardCharsets.UTF_8)));
    }

    private String calculateResponseKnownQop(Function<byte[], byte[]> function, String str, String str2, int i, String str3, String str4, String str5) {
        return hexStringOf(function.apply(String.format("%s:%s:%08X:%s:%s:%s", str, str2, Integer.valueOf(i), str3, str4, str5).getBytes(StandardCharsets.UTF_8)));
    }

    private String calculateUserhash(Function<byte[], byte[]> function, String str) {
        return hexStringOf(function.apply(String.format("%s:%s", this.username, str).getBytes(StandardCharsets.UTF_8)));
    }

    private static Function<byte[], byte[]> getDigestFunction(String str) {
        if (str.endsWith(SESS)) {
            str = str.substring(0, str.length() - SESS.length());
        }
        try {
            if (SHA_512_256.equals(str)) {
                MessageDigest messageDigest = MessageDigest.getInstance(MessageDigestAlgorithms.SHA_512);
                return bArr -> {
                    return Arrays.copyOf(messageDigest.digest(bArr), 32);
                };
            }
            MessageDigest messageDigest2 = MessageDigest.getInstance(str);
            Objects.requireNonNull(messageDigest2);
            return messageDigest2::digest;
        } catch (NoSuchAlgorithmException e) {
            return null;
        }
    }

    private static Map<String, List<Map<String, String>>> partitionByChallengeType(List<Map<String, String>> list) {
        return (Map) list.stream().collect(Collectors.groupingBy(map -> {
            String str = (String) map.get(ALGORITHM);
            return str == null ? "MD5" : str.toUpperCase(Locale.ROOT);
        }));
    }

    String generateNonce() {
        byte[] bArr = new byte[16];
        new SecureRandom().nextBytes(bArr);
        return hexStringOf(bArr);
    }

    private static String buildAuthorizationHeader(String str, String str2, String str3, String str4, String str5, int i, String str6, String str7, String str8, String str9, boolean z) {
        StringBuilder sb = new StringBuilder(512);
        sb.append(DIGEST).append("username=\"").append(str).append("\", ").append("realm=\"").append(str2).append("\", ").append("nonce=\"").append(str5).append("\", ").append("uri=\"").append(str3).append("\", ").append("response=\"").append(str8).append("\"");
        if (!CoreUtils.isNullOrEmpty(str4)) {
            sb.append(", ").append("algorithm=").append(str4);
        }
        if (!CoreUtils.isNullOrEmpty(str6)) {
            sb.append(", ").append("cnonce=\"").append(str6).append("\"");
        }
        if (!CoreUtils.isNullOrEmpty(str9)) {
            sb.append(", ").append("opaque=\"").append(str9).append("\"");
        }
        if (!CoreUtils.isNullOrEmpty(str7)) {
            sb.append(", ").append("qop=").append(str7);
            sb.append(", ").append("nc=").append(String.format("%08X", Integer.valueOf(i)));
        }
        if (z) {
            sb.append(", ").append("userhash=").append(true);
        }
        return sb.toString();
    }

    private static String hexStringOf(byte[] bArr) {
        char[] cArr = new char[bArr.length * 2];
        for (int i = 0; i < bArr.length; i++) {
            int i2 = bArr[i] & 255;
            cArr[i * 2] = HEX_CHARACTERS[i2 >>> 4];
            cArr[(i * 2) + 1] = HEX_CHARACTERS[i2 & 15];
        }
        return new String(cArr);
    }
}
