package org.kaazing.gateway.client.impl.http;

import java.nio.charset.Charset;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.kaazing.gateway.client.impl.Channel;
import org.kaazing.gateway.client.impl.auth.AuthenticationUtil;
import org.kaazing.gateway.client.impl.ws.WebSocketCompositeChannel;
import org.kaazing.gateway.client.impl.wseb.WebSocketEmulatedChannel;
import org.kaazing.gateway.client.util.HttpURI;
import org.kaazing.gateway.client.util.StringUtils;
import org.kaazing.gateway.client.util.WrappedByteBuffer;
import org.kaazing.net.auth.ChallengeHandler;
import org.kaazing.net.auth.ChallengeRequest;
import org.kaazing.net.auth.ChallengeResponse;
import org.kaazing.net.impl.util.ResumableTimer;

/* loaded from: input_file:org/kaazing/gateway/client/impl/http/HttpRequestAuthenticationHandler.class */
public class HttpRequestAuthenticationHandler extends HttpRequestHandlerAdapter {
    private static final String HEADER_AUTHORIZATION = "Authorization";
    private static final String HEADER_WWW_AUTHENTICATE = "WWW-Authenticate";
    private static final String WWW_AUTHENTICATE = "WWW-Authenticate: ";
    private static final String APPLICATION_PREFIX = "Application ";
    private static final String CLASS_NAME = HttpRequestAuthenticationHandler.class.getName();
    private static final Logger LOG = Logger.getLogger(CLASS_NAME);
    private static final Charset UTF_8 = Charset.forName("UTF-8");
    private static final String HTTP_1_1_START = "HTTP/1.1";
    private static final int HTTP_1_1_START_LEN = HTTP_1_1_START.length();
    private static final byte[] HTTP_1_1_START_BYTES = StringUtils.getUtf8Bytes(HTTP_1_1_START);

    private void handleClearAuthenticationData(HttpRequest httpRequest) {
        Channel webSocketChannel = getWebSocketChannel(httpRequest);
        if (webSocketChannel == null) {
            return;
        }
        ChallengeHandler challengeHandler = null;
        if (webSocketChannel.challengeResponse != null) {
            challengeHandler = webSocketChannel.challengeResponse.getNextChallengeHandler();
            webSocketChannel.challengeResponse.clearCredentials();
            webSocketChannel.challengeResponse = null;
        }
        webSocketChannel.challengeResponse = new ChallengeResponse((char[]) null, challengeHandler);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void handleRemoveAuthenticationData(HttpRequest httpRequest) {
        handleClearAuthenticationData(httpRequest);
    }

    protected static String[] getLines(WrappedByteBuffer wrappedByteBuffer) {
        ArrayList arrayList = new ArrayList();
        while (wrappedByteBuffer.hasRemaining()) {
            byte b = wrappedByteBuffer.get();
            ArrayList arrayList2 = new ArrayList();
            while (b != 13) {
                arrayList2.add(Byte.valueOf(b));
                if (!wrappedByteBuffer.hasRemaining()) {
                    break;
                }
                b = wrappedByteBuffer.get();
            }
            if (wrappedByteBuffer.hasRemaining()) {
                wrappedByteBuffer.get();
            }
            byte[] bArr = new byte[arrayList2.size()];
            int i = 0;
            Iterator it = arrayList2.iterator();
            while (it.hasNext()) {
                bArr[i] = ((Byte) it.next()).byteValue();
                i++;
            }
            arrayList.add(new String(bArr, UTF_8));
        }
        String[] strArr = new String[arrayList.size()];
        arrayList.toArray(strArr);
        return strArr;
    }

    public static boolean isHTTPResponse(WrappedByteBuffer wrappedByteBuffer) {
        if (wrappedByteBuffer.remaining() < HTTP_1_1_START_LEN) {
            return false;
        }
        for (int i = 0; i < HTTP_1_1_START_LEN; i++) {
            if (wrappedByteBuffer.getAt(i) != HTTP_1_1_START_BYTES[i]) {
                return false;
            }
        }
        return true;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void onLoadWrappedHTTPResponse(HttpRequest httpRequest, HttpResponse httpResponse) throws Exception {
        LOG.entering(CLASS_NAME, "onLoadWrappedHTTPResponse");
        String[] lines = getLines(httpResponse.getBody());
        int parseInt = Integer.parseInt(lines[0].split(" ")[1]);
        if (parseInt != 401) {
            throw new IllegalStateException("Unsupported wrapped response with HTTP status code " + parseInt);
        }
        String str = null;
        int i = 1;
        while (true) {
            if (i >= lines.length) {
                break;
            }
            if (lines[i].startsWith(WWW_AUTHENTICATE)) {
                str = lines[i].substring(WWW_AUTHENTICATE.length());
                break;
            }
            i++;
        }
        if (LOG.isLoggable(Level.FINEST)) {
            LOG.finest("connectToWebSocket.onLoadWrappedHTTPResponse: WWW-Authenticate: " + StringUtils.stripControlCharacters(str));
        }
        if (str == null || "".equals(str)) {
            throw new IllegalStateException("Missing authentication challenge in wrapped HTTP 401 response");
        }
        if (!str.startsWith(APPLICATION_PREFIX)) {
            throw new IllegalStateException("Only Application challenges are supported by the client");
        }
        handle401(httpRequest, str.substring(APPLICATION_PREFIX.length()));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void handle401(HttpRequest httpRequest, String str) throws Exception {
        LOG.entering(CLASS_NAME, "handle401");
        HttpURI uri = httpRequest.getUri();
        WebSocketEmulatedChannel webSocketEmulatedChannel = (WebSocketEmulatedChannel) getWebSocketChannel(httpRequest);
        if (webSocketEmulatedChannel == null) {
            throw new IllegalStateException("There is no WebSocketChannel associated with this request");
        }
        if (isWebSocketClosing(httpRequest)) {
            return;
        }
        ResumableTimer resumableTimer = null;
        if (((WebSocketCompositeChannel) webSocketEmulatedChannel.getParent()) != null) {
            resumableTimer = ((WebSocketCompositeChannel) webSocketEmulatedChannel.getParent()).getConnectTimer();
            if (resumableTimer != null) {
                resumableTimer.pause();
            }
        }
        webSocketEmulatedChannel.authenticationReceived = true;
        String wsuri = webSocketEmulatedChannel.getLocation().toString();
        if (webSocketEmulatedChannel.redirectUri != null) {
            String path = webSocketEmulatedChannel.redirectUri.getPath();
            if (path != null && path.contains("/;e/")) {
                path = path.substring(0, path.indexOf("/;e/"));
            }
            wsuri = webSocketEmulatedChannel.redirectUri.getScheme() + "://" + webSocketEmulatedChannel.redirectUri.getURI().getAuthority() + path;
        }
        try {
            webSocketEmulatedChannel.challengeResponse = AuthenticationUtil.getChallengeResponse(webSocketEmulatedChannel, new ChallengeRequest(wsuri, str), webSocketEmulatedChannel.challengeResponse);
            if (webSocketEmulatedChannel.challengeResponse == null || webSocketEmulatedChannel.challengeResponse.getCredentials() == null) {
                throw new IllegalStateException("No response possible for challenge " + str);
            }
            if (LOG.isLoggable(Level.FINEST)) {
                LOG.finest("response from challenge handler = " + StringUtils.stripControlCharacters(String.valueOf(webSocketEmulatedChannel.challengeResponse.getCredentials())));
            }
            try {
                HttpRequest httpRequest2 = new HttpRequest(httpRequest.getMethod(), uri, httpRequest.isAsync());
                httpRequest2.parent = httpRequest.parent;
                for (Map.Entry<String, String> entry : httpRequest.getHeaders().entrySet()) {
                    httpRequest2.setHeader(entry.getKey(), entry.getValue());
                }
                if (resumableTimer != null) {
                    resumableTimer.resume();
                }
                processOpen(httpRequest2);
            } catch (Exception e) {
                LOG.log(Level.FINE, e.getMessage(), (Throwable) e);
                throw new Exception("Unable to authenticate user", e);
            }
        } catch (Exception e2) {
            LOG.log(Level.FINE, e2.getMessage());
            handleClearAuthenticationData(httpRequest);
            throw new IllegalStateException("Unexpected error processing challenge " + str, e2);
        }
    }

    @Override // org.kaazing.gateway.client.impl.http.HttpRequestHandlerAdapter, org.kaazing.gateway.client.impl.http.HttpRequestHandler
    public void processOpen(HttpRequest httpRequest) {
        WebSocketEmulatedChannel webSocketEmulatedChannel = (WebSocketEmulatedChannel) getWebSocketChannel(httpRequest);
        if (webSocketEmulatedChannel != null) {
            if (isWebSocketClosing(httpRequest)) {
                return;
            }
            if (webSocketEmulatedChannel.challengeResponse.getCredentials() != null) {
                String str = new String(webSocketEmulatedChannel.challengeResponse.getCredentials());
                LOG.finest("requestOpened: Authorization: " + StringUtils.stripControlCharacters(str));
                httpRequest.setHeader(HEADER_AUTHORIZATION, str);
                handleClearAuthenticationData(httpRequest);
            }
        }
        this.nextHandler.processOpen(httpRequest);
    }

    @Override // org.kaazing.gateway.client.impl.http.HttpRequestHandlerAdapter
    public void setNextHandler(HttpRequestHandler httpRequestHandler) {
        super.setNextHandler(httpRequestHandler);
        httpRequestHandler.setListener(new HttpRequestListener() { // from class: org.kaazing.gateway.client.impl.http.HttpRequestAuthenticationHandler.1
            @Override // org.kaazing.gateway.client.impl.http.HttpRequestListener
            public void requestReady(HttpRequest httpRequest) {
                HttpRequestAuthenticationHandler.this.listener.requestReady(httpRequest);
            }

            @Override // org.kaazing.gateway.client.impl.http.HttpRequestListener
            public void requestOpened(HttpRequest httpRequest) {
                HttpRequestAuthenticationHandler.this.listener.requestOpened(httpRequest);
            }

            @Override // org.kaazing.gateway.client.impl.http.HttpRequestListener
            public void requestProgressed(HttpRequest httpRequest, WrappedByteBuffer wrappedByteBuffer) {
                HttpRequestAuthenticationHandler.this.listener.requestProgressed(httpRequest, wrappedByteBuffer);
            }

            @Override // org.kaazing.gateway.client.impl.http.HttpRequestListener
            public void requestLoaded(HttpRequest httpRequest, HttpResponse httpResponse) {
                switch (httpResponse.getStatusCode()) {
                    case 200:
                        if (!HttpRequestAuthenticationHandler.isHTTPResponse(httpResponse.getBody())) {
                            HttpRequestAuthenticationHandler.this.handleRemoveAuthenticationData(httpRequest);
                            HttpRequestAuthenticationHandler.this.listener.requestLoaded(httpRequest, httpResponse);
                            return;
                        }
                        try {
                            HttpRequestAuthenticationHandler.this.onLoadWrappedHTTPResponse(httpRequest, httpResponse);
                            return;
                        } catch (Exception e) {
                            HttpRequestAuthenticationHandler.LOG.log(Level.FINE, e.getMessage(), (Throwable) e);
                            HttpRequestAuthenticationHandler.this.listener.errorOccurred(httpRequest, e);
                            return;
                        }
                    case 401:
                        try {
                            HttpRequestAuthenticationHandler.this.handle401(httpRequest, httpResponse.getHeader(HttpRequestAuthenticationHandler.HEADER_WWW_AUTHENTICATE));
                            return;
                        } catch (Exception e2) {
                            HttpRequestAuthenticationHandler.LOG.log(Level.FINE, e2.getMessage());
                            HttpRequestAuthenticationHandler.this.listener.errorOccurred(httpRequest, e2);
                            return;
                        }
                    default:
                        HttpRequestAuthenticationHandler.this.handleRemoveAuthenticationData(httpRequest);
                        HttpRequestAuthenticationHandler.this.listener.requestLoaded(httpRequest, httpResponse);
                        return;
                }
            }

            @Override // org.kaazing.gateway.client.impl.http.HttpRequestListener
            public void requestClosed(HttpRequest httpRequest) {
                HttpRequestAuthenticationHandler.this.handleRemoveAuthenticationData(httpRequest);
            }

            @Override // org.kaazing.gateway.client.impl.http.HttpRequestListener
            public void errorOccurred(HttpRequest httpRequest, Exception exc) {
                HttpRequestAuthenticationHandler.this.handleRemoveAuthenticationData(httpRequest);
                HttpRequestAuthenticationHandler.this.listener.errorOccurred(httpRequest, exc);
            }

            @Override // org.kaazing.gateway.client.impl.http.HttpRequestListener
            public void requestAborted(HttpRequest httpRequest) {
                HttpRequestAuthenticationHandler.this.handleRemoveAuthenticationData(httpRequest);
                HttpRequestAuthenticationHandler.this.listener.requestAborted(httpRequest);
            }
        });
    }

    @Override // org.kaazing.gateway.client.impl.http.HttpRequestHandlerAdapter, org.kaazing.gateway.client.impl.http.HttpRequestHandler
    public void setListener(HttpRequestListener httpRequestListener) {
        this.listener = httpRequestListener;
    }
}
