package org.codehaus.plexus.redback.xwork.filter.authentication.digest;

import com.opensymphony.webwork.views.jsp.iterator.IteratorGeneratorTag;
import com.opensymphony.webwork.views.util.ContextUtil;
import java.util.Properties;
import org.apache.commons.configuration.tree.DefaultExpressionEngine;
import org.codehaus.plexus.logging.AbstractLogEnabled;
import org.codehaus.plexus.redback.xwork.HttpUtils;
import org.codehaus.plexus.redback.xwork.filter.authentication.HttpAuthenticationException;
import org.codehaus.plexus.util.Base64;
import org.codehaus.plexus.util.StringUtils;

/* loaded from: input_file:WEB-INF/lib/redback-xwork-integration-1.0-alpha-1.jar:org/codehaus/plexus/redback/xwork/filter/authentication/digest/HttpDigestHeader.class */
class HttpDigestHeader extends AbstractLogEnabled {
    public String username;
    public String realm;
    public String nonce;
    public String uri;
    public String response;
    public String qop;
    public String nc;
    public String cnonce;

    public void parseClientHeader(String str, String str2, String str3) throws HttpAuthenticationException {
        Properties complexHeaderToProperties = HttpUtils.complexHeaderToProperties(str, IteratorGeneratorTag.DEFAULT_SEPARATOR, "=");
        this.username = complexHeaderToProperties.getProperty("username");
        this.realm = complexHeaderToProperties.getProperty("realm");
        this.nonce = complexHeaderToProperties.getProperty("nonce");
        this.uri = complexHeaderToProperties.getProperty("uri");
        this.response = complexHeaderToProperties.getProperty(ContextUtil.RESPONSE2);
        this.qop = complexHeaderToProperties.getProperty("qop");
        this.nc = complexHeaderToProperties.getProperty("nc");
        this.cnonce = complexHeaderToProperties.getProperty("cnonce");
        if (StringUtils.isEmpty(this.username) || StringUtils.isEmpty(this.realm) || StringUtils.isEmpty(this.nonce) || StringUtils.isEmpty(this.uri) || StringUtils.isEmpty(this.response)) {
            getLogger().debug(new StringBuffer().append("Missing mandatory fields: Raw Digest Header : [").append(str).append(DefaultExpressionEngine.DEFAULT_ATTRIBUTE_END).toString());
            throw new HttpAuthenticationException("Missing mandatory digest fields per RFC2069.");
        }
        if (!StringUtils.equals(str2, this.realm)) {
            getLogger().debug(new StringBuffer().append("Realm name is invalid: expected [").append(str2).append("] but got [").append(this.realm).append(DefaultExpressionEngine.DEFAULT_ATTRIBUTE_END).toString());
            throw new HttpAuthenticationException("Response realm does not match expected realm.");
        }
        if (StringUtils.equals("auth", this.qop) && (StringUtils.isEmpty(this.nc) || StringUtils.isEmpty(this.cnonce))) {
            getLogger().debug(new StringBuffer().append("Missing mandatory qop fields: nc [").append(this.nc).append("] cnonce [").append(this.cnonce).append(DefaultExpressionEngine.DEFAULT_ATTRIBUTE_END).toString());
            throw new HttpAuthenticationException("Missing mandatory qop digest fields per RFC2617.");
        }
        if (!Base64.isArrayByteBase64(this.nonce.getBytes())) {
            getLogger().debug(new StringBuffer().append("Nonce is not encoded in Base64: nonce [").append(this.nonce).append(DefaultExpressionEngine.DEFAULT_ATTRIBUTE_END).toString());
            throw new HttpAuthenticationException("Response nonce is not encoded in Base64.");
        }
        String str4 = new String(Base64.decodeBase64(this.nonce.getBytes()));
        String[] split = StringUtils.split(str4, ":");
        if (split.length != 2) {
            getLogger().debug(new StringBuffer().append("Nonce format expected [2] elements, but got [").append(split.length).append("] instead.  Decoded nonce [").append(str4).append(DefaultExpressionEngine.DEFAULT_ATTRIBUTE_END).toString());
            throw new HttpAuthenticationException("Nonce format is invalid.  Received an unexpected number of sub elements.");
        }
        try {
            if (StringUtils.equals(Digest.md5Hex(new StringBuffer().append(Long.parseLong(split[0])).append(":").append(str3).toString()), split[1])) {
                return;
            }
            getLogger().error("Nonce parameter has been compromised.");
            throw new HttpAuthenticationException("Nonce parameter has been compromised.");
        } catch (NumberFormatException e) {
            throw new HttpAuthenticationException("Unexpected nonce timestamp.");
        }
    }
}
