package org.codehaus.plexus.redback.http.authentication.digest;

import java.util.Properties;
import org.codehaus.plexus.redback.http.HttpUtils;
import org.codehaus.plexus.redback.http.authentication.HttpAuthenticationException;
import org.codehaus.plexus.util.Base64;
import org.codehaus.plexus.util.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Service;

@Scope("protype")
@Service("httpClientHeader")
/* loaded from: input_file:org/codehaus/plexus/redback/http/authentication/digest/HttpDigestHeader.class */
class HttpDigestHeader {
    private Logger log = LoggerFactory.getLogger(getClass());
    public String username;
    public String realm;
    public String nonce;
    public String uri;
    public String response;
    public String qop;
    public String nc;
    public String cnonce;

    public void parseClientHeader(String str, String str2, String str3) throws HttpAuthenticationException {
        Properties complexHeaderToProperties = HttpUtils.complexHeaderToProperties(str, ",", "=");
        this.username = complexHeaderToProperties.getProperty("username");
        this.realm = complexHeaderToProperties.getProperty("realm");
        this.nonce = complexHeaderToProperties.getProperty("nonce");
        this.uri = complexHeaderToProperties.getProperty("uri");
        this.response = complexHeaderToProperties.getProperty("response");
        this.qop = complexHeaderToProperties.getProperty("qop");
        this.nc = complexHeaderToProperties.getProperty("nc");
        this.cnonce = complexHeaderToProperties.getProperty("cnonce");
        if (StringUtils.isEmpty(this.username) || StringUtils.isEmpty(this.realm) || StringUtils.isEmpty(this.nonce) || StringUtils.isEmpty(this.uri) || StringUtils.isEmpty(this.response)) {
            this.log.debug("Missing mandatory fields: Raw Digest Header : [" + str + "]");
            throw new HttpAuthenticationException("Missing mandatory digest fields per RFC2069.");
        }
        if (!StringUtils.equals(str2, this.realm)) {
            this.log.debug("Realm name is invalid: expected [" + str2 + "] but got [" + this.realm + "]");
            throw new HttpAuthenticationException("Response realm does not match expected realm.");
        }
        if (StringUtils.equals("auth", this.qop) && (StringUtils.isEmpty(this.nc) || StringUtils.isEmpty(this.cnonce))) {
            this.log.debug("Missing mandatory qop fields: nc [" + this.nc + "] cnonce [" + this.cnonce + "]");
            throw new HttpAuthenticationException("Missing mandatory qop digest fields per RFC2617.");
        }
        if (!Base64.isArrayByteBase64(this.nonce.getBytes())) {
            this.log.debug("Nonce is not encoded in Base64: nonce [" + this.nonce + "]");
            throw new HttpAuthenticationException("Response nonce is not encoded in Base64.");
        }
        String str4 = new String(Base64.decodeBase64(this.nonce.getBytes()));
        String[] split = StringUtils.split(str4, ":");
        if (split.length != 2) {
            this.log.debug("Nonce format expected [2] elements, but got [" + split.length + "] instead.  Decoded nonce [" + str4 + "]");
            throw new HttpAuthenticationException("Nonce format is invalid.  Received an unexpected number of sub elements.");
        }
        try {
            if (StringUtils.equals(Digest.md5Hex(Long.parseLong(split[0]) + ":" + str3), split[1])) {
                return;
            }
            this.log.error("Nonce parameter has been compromised.");
            throw new HttpAuthenticationException("Nonce parameter has been compromised.");
        } catch (NumberFormatException e) {
            throw new HttpAuthenticationException("Unexpected nonce timestamp.");
        }
    }
}
