package org.infinispan.server.security.http.localuser;

import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.SecureRandom;
import java.util.List;
import java.util.Random;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.wildfly.common.Assert;
import org.wildfly.common.iteration.ByteIterator;
import org.wildfly.common.iteration.CodePointIterator;
import org.wildfly.security.http.HttpAuthenticationException;
import org.wildfly.security.http.HttpServerRequest;
import org.wildfly.security.http.HttpServerResponse;
import org.wildfly.security.mechanism.http.UsernamePasswordAuthenticationMechanism;

/* loaded from: input_file:org/infinispan/server/security/http/localuser/LocalUserAuthenticationMechanism.class */
final class LocalUserAuthenticationMechanism extends UsernamePasswordAuthenticationMechanism {
    public static final String LOCALUSER_NAME = "LOCALUSER";
    static final String SILENT = "silent";
    public static final String LOCAL_USER_USE_SECURE_RANDOM = "wildfly.http.local-user.use-secure-random";
    public static final String LOCAL_USER_CHALLENGE_PATH = "wildfly.http.local-user.challenge-path";
    public static final String DEFAULT_USER = "wildfly.http.local-user.default-user";
    private static final String CHALLENGE_PREFIX = "Localuser ";
    private static final int PREFIX_LENGTH = CHALLENGE_PREFIX.length();
    private static final byte UTF8NUL = 0;
    private final boolean useSecureRandom;
    private final boolean silent;
    private final File basePath;

    /* JADX INFO: Access modifiers changed from: package-private */
    public LocalUserAuthenticationMechanism(CallbackHandler callbackHandler, boolean z) {
        super((CallbackHandler) Assert.checkNotNullParam("callbackHandler", callbackHandler));
        this.silent = z;
        this.useSecureRandom = true;
        this.basePath = new File(System.getProperty("java.io.tmpdir"));
    }

    public String getMechanismName() {
        return LOCALUSER_NAME;
    }

    public void evaluateRequest(HttpServerRequest httpServerRequest) throws HttpAuthenticationException {
        List<String> requestHeaderValues = httpServerRequest.getRequestHeaderValues("Authorization");
        if (requestHeaderValues != null) {
            for (String str : requestHeaderValues) {
                if (str.startsWith(CHALLENGE_PREFIX)) {
                    if (ByteIterator.ofBytes(str.substring(PREFIX_LENGTH).getBytes(StandardCharsets.UTF_8)).asUtf8String().base64Decode().drain().length != 0) {
                        try {
                            httpServerRequest.authenticationComplete();
                            succeed();
                            httpServerRequest.authenticationComplete();
                            return;
                        } catch (IOException | UnsupportedCallbackException e) {
                            throw new HttpAuthenticationException(e);
                        }
                    }
                    Random random = getRandom();
                    try {
                        File createTempFile = File.createTempFile("local", ".challenge", this.basePath);
                        try {
                            FileOutputStream fileOutputStream = new FileOutputStream(createTempFile);
                            boolean z = UTF8NUL;
                            try {
                                byte[] bArr = new byte[8];
                                random.nextBytes(bArr);
                                try {
                                    fileOutputStream.write(bArr);
                                    fileOutputStream.close();
                                    z = true;
                                    if (1 == 0) {
                                        deleteChallenge(null);
                                    }
                                    try {
                                        fileOutputStream.close();
                                    } catch (Throwable th) {
                                    }
                                    CodePointIterator.ofString(createTempFile.getAbsolutePath()).asUtf8(true).drain();
                                } catch (IOException e2) {
                                    throw new RuntimeException(e2);
                                }
                            } catch (Throwable th2) {
                                if (!z) {
                                    deleteChallenge(null);
                                }
                                try {
                                    fileOutputStream.close();
                                } catch (Throwable th3) {
                                }
                                throw th2;
                            }
                        } catch (FileNotFoundException e3) {
                            throw new RuntimeException(e3);
                        }
                    } catch (IOException e4) {
                        throw new RuntimeException(e4);
                    }
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* renamed from: prepareResponse, reason: merged with bridge method [inline-methods] */
    public void lambda$evaluateRequest$0(HttpServerRequest httpServerRequest, HttpServerResponse httpServerResponse) {
        if (this.silent && httpServerRequest.getFirstRequestHeaderValue("Authorization") == null) {
            return;
        }
        httpServerResponse.addResponseHeader("WWW-Authenticate", new StringBuilder(CHALLENGE_PREFIX).toString());
        httpServerResponse.setStatusCode(401);
    }

    private void deleteChallenge(File file) {
        if (file != null) {
            file.delete();
        }
    }

    private Random getRandom() {
        return this.useSecureRandom ? new SecureRandom() : new Random();
    }
}
