package cn.dev33.satoken.httpauth.digest;

import cn.dev33.satoken.SaManager;
import cn.dev33.satoken.annotation.SaCheckHttpDigest;
import cn.dev33.satoken.context.SaHolder;
import cn.dev33.satoken.error.SaErrorCode;
import cn.dev33.satoken.exception.NotHttpDigestAuthException;
import cn.dev33.satoken.exception.SaTokenException;
import cn.dev33.satoken.secure.SaSecureUtil;
import cn.dev33.satoken.util.SaFoxUtil;
import cn.dev33.satoken.util.SaResult;
import java.util.LinkedHashMap;

/* loaded from: input_file:cn/dev33/satoken/httpauth/digest/SaHttpDigestTemplate.class */
public class SaHttpDigestTemplate {
    public String buildResponseHeaderValue(SaHttpDigestModel saHttpDigestModel) {
        return "Digest realm=\"" + saHttpDigestModel.realm + "\", qop=\"" + saHttpDigestModel.qop + "\", nonce=\"" + saHttpDigestModel.nonce + "\", nc=" + saHttpDigestModel.nc + ", opaque=\"" + saHttpDigestModel.opaque + "\"";
    }

    public void throwNotHttpDigestAuthException(SaHttpDigestModel saHttpDigestModel) {
        saHttpDigestModel.realm = saHttpDigestModel.realm != null ? saHttpDigestModel.realm : "Sa-Token";
        saHttpDigestModel.qop = saHttpDigestModel.qop != null ? saHttpDigestModel.qop : SaHttpDigestModel.DEFAULT_QOP;
        saHttpDigestModel.nonce = saHttpDigestModel.nonce != null ? saHttpDigestModel.nonce : SaFoxUtil.getRandomString(32);
        saHttpDigestModel.opaque = saHttpDigestModel.opaque != null ? saHttpDigestModel.opaque : SaFoxUtil.getRandomString(32);
        saHttpDigestModel.nc = saHttpDigestModel.nc != null ? saHttpDigestModel.nc : "00000001";
        SaHolder.getResponse().setStatus(SaResult.CODE_NOT_LOGIN).setHeader("WWW-Authenticate", buildResponseHeaderValue(saHttpDigestModel));
        throw new NotHttpDigestAuthException().setCode(SaErrorCode.CODE_10312);
    }

    public String getAuthorizationValue() {
        String header = SaHolder.getRequest().getHeader("Authorization");
        if (header == null || !header.startsWith("Digest ")) {
            return null;
        }
        return header.substring(7);
    }

    public SaHttpDigestModel getAuthorizationValueToModel() {
        String authorizationValue = getAuthorizationValue();
        if (authorizationValue == null) {
            return null;
        }
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        for (String str : authorizationValue.split(",")) {
            String[] split = str.split("=");
            if (split.length == 2) {
                linkedHashMap.put(split[0].trim(), split[1].trim().replace("\"", ""));
            } else if (str.contains("=")) {
                linkedHashMap.put(split[0].trim(), str.substring(split[0].length() + 1).trim().replace("\"", ""));
            }
        }
        SaHttpDigestModel saHttpDigestModel = new SaHttpDigestModel();
        saHttpDigestModel.username = (String) linkedHashMap.get("username");
        saHttpDigestModel.realm = (String) linkedHashMap.get("realm");
        saHttpDigestModel.nonce = (String) linkedHashMap.get("nonce");
        saHttpDigestModel.uri = (String) linkedHashMap.get("uri");
        saHttpDigestModel.method = SaHolder.getRequest().getMethod();
        saHttpDigestModel.qop = (String) linkedHashMap.get("qop");
        saHttpDigestModel.nc = (String) linkedHashMap.get("nc");
        saHttpDigestModel.cnonce = (String) linkedHashMap.get("cnonce");
        saHttpDigestModel.opaque = (String) linkedHashMap.get("opaque");
        saHttpDigestModel.response = (String) linkedHashMap.get("response");
        return saHttpDigestModel;
    }

    public String calcResponse(SaHttpDigestModel saHttpDigestModel) {
        return SaSecureUtil.md5(SaSecureUtil.md5(saHttpDigestModel.username + ":" + saHttpDigestModel.realm + ":" + saHttpDigestModel.password) + ":" + (saHttpDigestModel.nonce + ":" + saHttpDigestModel.nc + ":" + saHttpDigestModel.cnonce + ":" + saHttpDigestModel.qop) + ":" + SaSecureUtil.md5(saHttpDigestModel.method + ":" + saHttpDigestModel.uri));
    }

    public void copyHopeToReq(SaHttpDigestModel saHttpDigestModel, SaHttpDigestModel saHttpDigestModel2) {
        saHttpDigestModel2.username = saHttpDigestModel.username;
        saHttpDigestModel2.password = saHttpDigestModel.password;
        saHttpDigestModel2.realm = saHttpDigestModel.realm != null ? saHttpDigestModel.realm : saHttpDigestModel2.realm;
        saHttpDigestModel2.nonce = saHttpDigestModel.nonce != null ? saHttpDigestModel.nonce : saHttpDigestModel2.nonce;
        saHttpDigestModel2.uri = saHttpDigestModel.uri != null ? saHttpDigestModel.uri : saHttpDigestModel2.uri;
        saHttpDigestModel2.method = saHttpDigestModel.method != null ? saHttpDigestModel.method : saHttpDigestModel2.method;
        saHttpDigestModel2.qop = saHttpDigestModel.qop != null ? saHttpDigestModel.qop : saHttpDigestModel2.qop;
        saHttpDigestModel2.nc = saHttpDigestModel.nc != null ? saHttpDigestModel.nc : saHttpDigestModel2.nc;
        saHttpDigestModel2.opaque = saHttpDigestModel.opaque != null ? saHttpDigestModel.opaque : saHttpDigestModel2.opaque;
    }

    public void check(SaHttpDigestModel saHttpDigestModel) {
        SaTokenException.notEmpty(saHttpDigestModel, "Digest参数对象不能为空");
        SaTokenException.notEmpty(saHttpDigestModel.username, "必须提供希望的 username 参数");
        SaTokenException.notEmpty(saHttpDigestModel.password, "必须提供希望的 password 参数");
        SaHttpDigestModel authorizationValueToModel = getAuthorizationValueToModel();
        if (authorizationValueToModel == null) {
            throwNotHttpDigestAuthException(saHttpDigestModel);
        }
        copyHopeToReq(saHttpDigestModel, authorizationValueToModel);
        if (calcResponse(authorizationValueToModel).equals(authorizationValueToModel.response)) {
            return;
        }
        throwNotHttpDigestAuthException(saHttpDigestModel);
    }

    public void check(String str, String str2) {
        check(new SaHttpDigestModel(str, str2));
    }

    public void check(String str, String str2, String str3) {
        check(new SaHttpDigestModel(str, str2, str3));
    }

    public void check() {
        String httpDigest = SaManager.getConfig().getHttpDigest();
        if (SaFoxUtil.isEmpty(httpDigest)) {
            throw new SaTokenException("未配置全局 Http Digest 认证参数");
        }
        String[] split = httpDigest.split(":");
        if (split.length != 2) {
            throw new SaTokenException("全局 Http Digest 认证参数配置错误，格式应如：username:password");
        }
        check(split[0], split[1]);
    }

    @Deprecated
    public void checkByAnnotation(SaCheckHttpDigest saCheckHttpDigest) {
        String value = saCheckHttpDigest.value();
        if (SaFoxUtil.isNotEmpty(value)) {
            String[] split = value.split(":");
            if (split.length != 2) {
                throw new SaTokenException("注解参数配置错误，格式应如：username:password");
            }
            check(split[0], split[1]);
            return;
        }
        String username = saCheckHttpDigest.username();
        if (SaFoxUtil.isNotEmpty(username)) {
            check(username, saCheckHttpDigest.password(), saCheckHttpDigest.realm());
        } else {
            check();
        }
    }
}
