package oh;

import dh.q;
import ih.u;
import io.milton.http.exceptions.BadRequestException;
import io.milton.http.exceptions.NotAuthorizedException;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import oh.l;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import xh.t;

/* loaded from: classes3.dex */
public class b implements ih.b {

    /* renamed from: j, reason: collision with root package name */
    private static final Logger f30122j = LoggerFactory.getLogger(b.class);

    /* renamed from: d, reason: collision with root package name */
    private final List<ih.b> f30126d;

    /* renamed from: e, reason: collision with root package name */
    private final u f30127e;

    /* renamed from: f, reason: collision with root package name */
    private l f30128f;

    /* renamed from: i, reason: collision with root package name */
    private final List<String> f30131i;

    /* renamed from: a, reason: collision with root package name */
    private String f30123a = "miltonLogout";

    /* renamed from: b, reason: collision with root package name */
    private String f30124b = "miltonUserUrl";

    /* renamed from: c, reason: collision with root package name */
    private String f30125c = "miltonUserUrlHash";

    /* renamed from: g, reason: collision with root package name */
    private String f30129g = "userUrl";

    /* renamed from: h, reason: collision with root package name */
    private boolean f30130h = true;

    public b(l lVar, List<ih.b> list, u uVar, List<String> list2) {
        this.f30128f = lVar;
        this.f30126d = list;
        this.f30127e = uVar;
        this.f30131i = list2;
    }

    private void f(io.milton.http.m mVar) {
        f30122j.info("clearCookieValue");
        mVar.a(this.f30124b, "");
        mVar.a(this.f30125c, "");
    }

    private String h(io.milton.http.k kVar, String str) {
        String str2;
        if (kVar == null) {
            return null;
        }
        if (kVar.getParams() != null && (str2 = kVar.getParams().get(str)) != null) {
            return str2;
        }
        ih.e b10 = kVar.b(str);
        if (b10 != null) {
            return b10.getValue();
        }
        return null;
    }

    private boolean m(io.milton.http.k kVar) {
        String str;
        return (kVar.getParams() == null || (str = kVar.getParams().get(this.f30123a)) == null || str.length() <= 0) ? false : true;
    }

    private void n(io.milton.http.m mVar, String str, String str2) {
        f30122j.trace("setCookieValues");
        ih.c cVar = new ih.c(this.f30124b);
        cVar.e(g(str));
        cVar.d("/");
        cVar.f(1);
        if (this.f30130h) {
            cVar.b(31536000);
        }
        mVar.n(cVar);
        ih.c cVar2 = new ih.c(this.f30125c);
        cVar2.e("\"" + str2 + "\"");
        cVar2.c(true);
        cVar2.f(1);
        cVar2.d("/");
        if (this.f30130h) {
            cVar2.b(31536000);
        }
        mVar.n(cVar2);
    }

    private boolean q(String str, io.milton.http.k kVar) {
        String i10 = i(kVar);
        if (i10 == null) {
            return false;
        }
        String trim = i10.replace("\"", "").trim();
        if (trim.length() == 0) {
            f30122j.warn("cookie signature is not present in cookie: " + this.f30125c);
            return false;
        }
        for (String str2 : this.f30131i) {
            if (str2 != null && str2.length() > 0 && r(str, str2, trim, kVar)) {
                return true;
            }
        }
        return false;
    }

    private boolean r(String str, String str2, String str3, io.milton.http.k kVar) {
        int indexOf = str3.indexOf(":");
        if (indexOf < 1) {
            f30122j.warn("Invalid cookie signing format, no semi-colon: " + str3 + " Should be in form - nonce:hmac");
            return false;
        }
        String substring = str3.substring(0, indexOf);
        String substring2 = str3.substring(indexOf + 1);
        String a10 = i.a(substring + ":" + str, str2);
        if (!a10.equals(substring2)) {
            Logger logger = f30122j;
            if (logger.isDebugEnabled()) {
                logger.debug("Cookie sig does not match expected. Given=" + substring2 + " Expected=" + a10);
            }
            return false;
        }
        l.a a11 = this.f30128f.a(substring, null);
        if (a11 == l.a.OK) {
            return true;
        }
        if (a11 == l.a.EXPIRED) {
            f30122j.warn("Nonce is valid, but expired. We will accept it but reset it");
            o(str, kVar);
            return true;
        }
        if (a11 != l.a.INVALID) {
            throw new RuntimeException("Unhandled nonce validity value");
        }
        f30122j.warn("Received an invalid nonce: " + substring);
        return false;
    }

    @Override // ih.b
    public boolean a(t tVar, io.milton.http.k kVar) {
        String k10 = k(kVar);
        if (m(kVar)) {
            f30122j.info("Is LogOut request, clear cookie");
            if (k10 != null && k10.length() > 0) {
                f(io.milton.http.j.s());
            }
        }
        for (ih.b bVar : this.f30126d) {
            if (bVar.a(tVar, kVar)) {
                kVar.getAttributes().put("_delegatedAuthenticationHandler", bVar);
                return true;
            }
        }
        return k10 != null;
    }

    @Override // ih.b
    public void b(t tVar, io.milton.http.k kVar, List<String> list) {
        for (ih.b bVar : this.f30126d) {
            if (bVar.c(tVar, kVar)) {
                bVar.b(tVar, kVar, list);
            }
        }
    }

    @Override // ih.b
    public boolean c(t tVar, io.milton.http.k kVar) {
        Iterator<ih.b> it2 = this.f30126d.iterator();
        while (it2.hasNext()) {
            if (it2.next().c(tVar, kVar)) {
                return true;
            }
        }
        return false;
    }

    @Override // ih.b
    public boolean d(io.milton.http.k kVar) {
        String l10 = l(kVar);
        if (l10 != null && l10.length() > 0) {
            return true;
        }
        Iterator<ih.b> it2 = this.f30126d.iterator();
        while (it2.hasNext()) {
            if (it2.next().d(kVar)) {
                return true;
            }
        }
        return false;
    }

    @Override // ih.b
    public Object e(t tVar, io.milton.http.k kVar) {
        ih.b bVar = (ih.b) kVar.getAttributes().get("_delegatedAuthenticationHandler");
        Object obj = null;
        if (bVar != null) {
            Logger logger = f30122j;
            if (logger.isTraceEnabled()) {
                logger.trace("authenticate: use delegateHandler: " + bVar);
            }
            Object e10 = bVar.e(tVar, kVar);
            if (e10 == null) {
                logger.info("Login failed by delegated handler: " + bVar.getClass());
                return null;
            }
            if (e10 instanceof vh.a) {
                p((vh.a) e10, kVar);
                logger.trace("authenticate: authentication passed by delegated handler, persisted userUrl to cookie");
            } else {
                logger.warn("authenticate: auth.tag is not an instance of " + vh.a.class + ", is: " + e10.getClass() + " so is not compatible with cookie authentication");
                if (bVar instanceof h) {
                    j.C(kVar);
                    return null;
                }
            }
            return e10;
        }
        Logger logger2 = f30122j;
        logger2.trace("no delegating handler");
        if (m(kVar)) {
            logger2.trace("authenticate: is logout");
            return null;
        }
        String k10 = k(kVar);
        if (k10 == null) {
            logger2.trace("authenticate: no userUrl in request or cookie, nothing to do");
            return null;
        }
        if (logger2.isTraceEnabled()) {
            logger2.trace("authenticate: userUrl=" + k10);
        }
        String p10 = kVar.p();
        try {
            Object a10 = this.f30127e.a(p10, k10);
            logger2.info("found current user: " + a10);
            obj = a10;
        } catch (BadRequestException e11) {
            f30122j.error("Couldnt check userUrl in cookie", (Throwable) e11);
        } catch (NotAuthorizedException e12) {
            f30122j.error("Couldnt check userUrl in cookie", (Throwable) e12);
        }
        if (obj == null) {
            f30122j.warn("User not found host: " + p10 + " userUrl: " + k10 + " with resourcefactory: " + this.f30127e);
            f(io.milton.http.j.s());
        } else if (kVar.getParams() == null || !kVar.getParams().containsKey(this.f30124b)) {
            f30122j.trace("Do not set cookies, because token did not come from request variable");
        } else if (obj instanceof vh.a) {
            p((vh.a) obj, kVar);
        } else {
            f30122j.warn("Found user from request, but user object is not expected type. Should be " + vh.a.class + " but is " + obj.getClass());
        }
        return obj;
    }

    public String g(String str) {
        return "b64" + q.e(gh.a.b(str.getBytes(q.f19983a)));
    }

    public String i(io.milton.http.k kVar) {
        return h(kVar, this.f30125c);
    }

    public String j(String str, io.milton.http.k kVar) {
        String b10 = this.f30128f.b(kVar);
        return b10 + ":" + i.a(b10 + ":" + str, this.f30131i.get(r0.size() - 1));
    }

    public String k(io.milton.http.k kVar) {
        String l10;
        if (kVar != null && (l10 = l(kVar)) != null) {
            String trim = l10.trim();
            if (trim.length() > 0) {
                if (q(trim, kVar)) {
                    return trim;
                }
                f30122j.error("Invalid userUrl hash, possible attempted hacking attempt. userUrl=" + trim);
            }
        }
        return null;
    }

    public String l(io.milton.http.k kVar) {
        String h10 = h(kVar, this.f30124b);
        if (h10 == null) {
            f30122j.trace("getUserUrlFromRequest: Null encodedUserUrl");
            return null;
        }
        Logger logger = f30122j;
        if (logger.isDebugEnabled()) {
            logger.debug("getUserUrlFromRequest: Raw:" + h10);
        }
        if (!h10.startsWith("b64")) {
            logger.trace("Looks like a plain path, return as is");
            return h10;
        }
        logger.trace("Looks like a base64 encoded string");
        String a10 = q.a(h10.substring(3));
        if (logger.isDebugEnabled()) {
            logger.debug("getUserUrlFromRequest: Percent decoded:" + a10);
        }
        byte[] a11 = gh.a.a(a10);
        if (a11 == null) {
            logger.debug("Failed to decode encodedUserUrl, so maybe its not encoded, return as it is");
            return a10;
        }
        String str = new String(a11);
        if (logger.isDebugEnabled()) {
            logger.debug("getUserUrlFromRequest: Decoded user url:" + str);
        }
        return str;
    }

    public void o(String str, io.milton.http.k kVar) {
        if (kVar == null) {
            return;
        }
        n(io.milton.http.j.s(), str, j(str, kVar));
        kVar.getAttributes().put(this.f30129g, str);
    }

    public void p(vh.a aVar, io.milton.http.k kVar) {
        f30122j.trace("setLoginCookies");
        Objects.requireNonNull(aVar, "user object is null");
        Objects.requireNonNull(aVar.r(), "getIdenitifer object is null");
        String value = aVar.r().getValue();
        Objects.requireNonNull(value, "user identifier returned a null value");
        o(value, kVar);
    }
}
