package org.apache.commons.httpclient.auth;

import com.microsoft.tfs.jni.AuthenticationEngine;
import com.microsoft.tfs.jni.NegotiateEngine;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.httpclient.Credentials;
import org.apache.commons.httpclient.DefaultNTCredentials;
import org.apache.commons.httpclient.HttpMethod;
import org.apache.commons.httpclient.NTCredentials;
import org.apache.commons.httpclient.util.EncodingUtil;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:lib/com.microsoft.tfs.sdk-10.1.0.jar:org/apache/commons/httpclient/auth/NegotiateScheme.class */
public class NegotiateScheme implements AuthScheme {
    private static final Log LOG = LogFactory.getLog(NegotiateScheme.class);
    private static final int STATUS_NONE = 0;
    private static final int STATUS_INITIATED = 1;
    private static final int STATUS_EXCHANGING = 2;
    private static final int STATUS_COMPLETE = 3;
    private static final int STATUS_ERROR = 4;
    private int status = 0;
    private byte[] inputToken = null;
    private NegotiateEngine.NegotiateClient negotiateClient;

    @Override // org.apache.commons.httpclient.auth.AuthScheme
    public String getSchemeName() {
        return "negotiate";
    }

    public static boolean isSupported() {
        try {
            return NegotiateEngine.getInstance().isAvailable();
        } catch (Exception e) {
            LOG.debug("Negotiate authentication not supported", e);
            return false;
        }
    }

    @Override // org.apache.commons.httpclient.auth.AuthScheme
    public boolean supportsCredentials(Credentials credentials) {
        if (credentials == null) {
            return false;
        }
        return supportsCredentials(credentials.getClass());
    }

    public static boolean supportsCredentials(Class cls) {
        if (cls == null || !isSupported()) {
            return false;
        }
        if (cls.equals(DefaultNTCredentials.class)) {
            return NegotiateEngine.getInstance().supportsCredentialsDefault();
        }
        if (cls.equals(NTCredentials.class)) {
            return NegotiateEngine.getInstance().supportsCredentialsSpecified();
        }
        return false;
    }

    public static String getDefaultCredentials() {
        if (isSupported()) {
            return NegotiateEngine.getInstance().getCredentialsDefault();
        }
        return null;
    }

    @Override // org.apache.commons.httpclient.auth.AuthScheme
    public String getRealm() {
        return null;
    }

    @Override // org.apache.commons.httpclient.auth.AuthScheme
    public String getParameter(String str) {
        return null;
    }

    @Override // org.apache.commons.httpclient.auth.AuthScheme
    public boolean isComplete() {
        return this.status == 3 || this.status == 4;
    }

    @Override // org.apache.commons.httpclient.auth.AuthScheme
    public boolean isConnectionBased() {
        return true;
    }

    @Override // org.apache.commons.httpclient.auth.AuthScheme
    public void processChallenge(String str) throws MalformedChallengeException {
        if (this.status == 0 && str.equals(AuthPolicy.NEGOTIATE)) {
            if (this.negotiateClient != null) {
                try {
                    this.negotiateClient.dispose();
                } catch (Exception e) {
                }
            }
            this.negotiateClient = null;
            this.inputToken = null;
            this.status = 1;
            return;
        }
        if (this.status == 2 && str.startsWith("Negotiate ")) {
            this.inputToken = Base64.decodeBase64(EncodingUtil.getAsciiBytes(str.substring(10)));
        } else {
            if (!str.startsWith(AuthPolicy.NEGOTIATE)) {
                throw new MalformedChallengeException("Unknown challenge: " + str);
            }
            this.status = 4;
        }
    }

    @Override // org.apache.commons.httpclient.auth.AuthScheme
    public String authenticate(AuthScope authScope, Credentials credentials, HttpMethod httpMethod) throws AuthenticationException {
        if (authScope == null || credentials == null || httpMethod == null) {
            throw new AuthenticationException("Invalid authentication usage");
        }
        if (!supportsCredentials(credentials)) {
            throw new AuthenticationException("Credential type unsupported");
        }
        try {
            if (this.status == 1 && this.negotiateClient == null && this.inputToken == null) {
                this.negotiateClient = (NegotiateEngine.NegotiateClient) NegotiateEngine.getInstance().newClient();
                this.negotiateClient.setTarget("http@" + authScope.getHost().toUpperCase());
                if (credentials instanceof DefaultNTCredentials) {
                    this.negotiateClient.setCredentialsDefault();
                } else {
                    if (!(credentials instanceof NTCredentials)) {
                        throw new AuthenticationException("Unsupported credential type");
                    }
                    this.negotiateClient.setCredentialsSpecified(((NTCredentials) credentials).getUserName(), ((NTCredentials) credentials).getDomain(), ((NTCredentials) credentials).getPassword());
                    this.negotiateClient.setLocalhost(((NTCredentials) credentials).getHost());
                }
            } else if (this.status != 2 || this.negotiateClient == null || this.inputToken == null) {
                LOG.error("Negotiate authenticate called in invalid state " + this.status);
                this.status = 4;
                throw new AuthenticationException("Negotiate Authentication Routines Used Out of Order");
            }
            byte[] token = this.negotiateClient.getToken(this.inputToken);
            if (this.negotiateClient.isComplete()) {
                this.status = 3;
                this.negotiateClient.dispose();
                this.negotiateClient = null;
                this.inputToken = null;
            } else {
                this.status = 2;
            }
            if (token == null || token.length == 0) {
                this.status = 4;
                throw new AuthenticationException("Negotiate Scheme did not provided token");
            }
            return "Negotiate " + EncodingUtil.getAsciiString(Base64.encodeBase64(token));
        } catch (AuthenticationEngine.AuthenticationException e) {
            LOG.error("Negotiate failure: " + e.getMessage());
            this.status = 4;
            return null;
        }
    }
}
