package io.vertx.ext.auth.htdigest.impl;

import io.vertx.core.Future;
import io.vertx.core.Vertx;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.auth.User;
import io.vertx.ext.auth.authentication.CredentialValidationException;
import io.vertx.ext.auth.authentication.Credentials;
import io.vertx.ext.auth.htdigest.HtdigestAuth;
import io.vertx.ext.auth.htdigest.HtdigestCredentials;
import io.vertx.ext.auth.impl.Codec;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;

/* loaded from: input_file:io/vertx/ext/auth/htdigest/impl/HtdigestAuthImpl.class */
public class HtdigestAuthImpl implements HtdigestAuth {
    private static final MessageDigest MD5;
    private final Map<String, Digest> htdigest = new HashMap();
    private final String realm;

    /* loaded from: input_file:io/vertx/ext/auth/htdigest/impl/HtdigestAuthImpl$Digest.class */
    private static class Digest {
        final String username;
        final String realm;
        final String password;

        Digest(String str, String str2, String str3) {
            this.username = str;
            this.realm = str2;
            this.password = str3;
        }
    }

    public HtdigestAuthImpl(Vertx vertx, String str) {
        String str2 = null;
        for (String str3 : vertx.fileSystem().readFileBlocking(str).toString().split("\\r?\\n")) {
            String[] split = str3.split(":");
            if (str2 == null) {
                str2 = split[1];
            } else if (!str2.equals(split[1])) {
                throw new RuntimeException("multiple realms in htdigest file not allowed.");
            }
            this.htdigest.put(split[0], new Digest(split[0], split[1], split[2]));
        }
        this.realm = str2;
    }

    @Override // io.vertx.ext.auth.htdigest.HtdigestAuth
    public String realm() {
        return this.realm;
    }

    public Future<User> authenticate(Credentials credentials) {
        try {
            try {
                HtdigestCredentials htdigestCredentials = (HtdigestCredentials) credentials;
                htdigestCredentials.checkValid(null);
                if (!this.htdigest.containsKey(htdigestCredentials.getUsername())) {
                    return Future.failedFuture("Unknown username.");
                }
                Digest digest = this.htdigest.get(htdigestCredentials.getUsername());
                if (!digest.realm.equals(htdigestCredentials.getRealm())) {
                    return Future.failedFuture("Invalid realm.");
                }
                String md5 = "MD5-sess".equals(htdigestCredentials.getAlgorithm()) ? md5(digest.password + ":" + htdigestCredentials.getNonce() + ":" + htdigestCredentials.getCnonce()) : digest.password;
                if (htdigestCredentials.getQop() != null && !"auth".equals(htdigestCredentials.getQop())) {
                    return "auth-int".equals(htdigestCredentials.getQop()) ? Future.failedFuture("qop: auth-int not supported.") : Future.failedFuture("Invalid qop.");
                }
                String md52 = md5(htdigestCredentials.getMethod() + ":" + htdigestCredentials.getUri());
                if (!isEqual(htdigestCredentials.getQop() == null ? md5(md5 + ":" + htdigestCredentials.getNonce() + ":" + md52) : md5(md5 + ":" + htdigestCredentials.getNonce() + ":" + htdigestCredentials.getNc() + ":" + htdigestCredentials.getCnonce() + ":" + htdigestCredentials.getQop() + ":" + md52), htdigestCredentials.getResponse())) {
                    return Future.failedFuture("Bad response");
                }
                User create = User.create(new JsonObject().put("username", digest.username).put("realm", digest.realm));
                create.principal().put("amr", Collections.singletonList("pwd"));
                return Future.succeededFuture(create);
            } catch (ClassCastException e) {
                throw new CredentialValidationException("Invalid credentials type", e);
            }
        } catch (RuntimeException e2) {
            return Future.failedFuture(e2);
        }
    }

    private static synchronized String md5(String str) {
        MD5.reset();
        return Codec.base16Encode(MD5.digest(str.getBytes(StandardCharsets.UTF_8)));
    }

    private static boolean isEqual(String str, String str2) {
        if (str == null || str2 == null) {
            return false;
        }
        int length = str.length();
        int length2 = str2.length();
        if (length2 == 0) {
            return length == 0;
        }
        int i = 0 | (length - length2);
        for (int i2 = 0; i2 < length; i2++) {
            i |= str.charAt(i2) ^ str2.charAt(((i2 - length2) >>> 31) * i2);
        }
        return i == 0;
    }

    static {
        try {
            MD5 = MessageDigest.getInstance("MD5");
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    }
}
