package defpackage;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.Oid;

/* compiled from: GGSSchemeBase.java */
/* loaded from: classes10.dex */
public abstract class quw extends qur {
    private final Log log;
    private final boolean qLT;
    private final txt qLU;
    private a qLV;
    private byte[] qLW;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* compiled from: GGSSchemeBase.java */
    /* loaded from: classes10.dex */
    public enum a {
        UNINITIATED,
        CHALLENGE_RECEIVED,
        TOKEN_GENERATED,
        FAILED
    }

    quw() {
        this(false);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public quw(boolean z) {
        this.log = LogFactory.getLog(getClass());
        this.qLU = new txt();
        this.qLV = a.UNINITIATED;
        this.qLT = z;
    }

    @Override // defpackage.qpp
    @Deprecated
    public final qok a(qpy qpyVar, qow qowVar) throws qpu {
        return a(qpyVar, qowVar, (rao) null);
    }

    @Override // defpackage.qur, defpackage.qpx
    public qok a(qpy qpyVar, qow qowVar, rao raoVar) throws qpu {
        if (qowVar == null) {
            throw new IllegalArgumentException("HTTP request may not be null");
        }
        switch (this.qLV) {
            case UNINITIATED:
                throw new qpu(getSchemeName() + " authentication has not been initiated");
            case FAILED:
                throw new qpu(getSchemeName() + " authentication has failed");
            case CHALLENGE_RECEIVED:
                try {
                    qot qotVar = (qot) raoVar.getAttribute(isProxy() ? "http.proxy_host" : "http.target_host");
                    if (qotVar != null) {
                        String hostName = (this.qLT || qotVar.getPort() <= 0) ? qotVar.getHostName() : qotVar.toHostString();
                        if (this.log.isDebugEnabled()) {
                            this.log.debug("init " + hostName);
                        }
                        this.qLW = d(this.qLW, hostName);
                        this.qLV = a.TOKEN_GENERATED;
                        break;
                    } else {
                        throw new qpu("Authentication host is not set in the execution context");
                    }
                } catch (GSSException e) {
                    this.qLV = a.FAILED;
                    if (e.getMajor() == 9 || e.getMajor() == 8) {
                        throw new qpz(e.getMessage(), e);
                    }
                    if (e.getMajor() == 13) {
                        throw new qpz(e.getMessage(), e);
                    }
                    if (e.getMajor() == 10 || e.getMajor() == 19 || e.getMajor() == 20) {
                        throw new qpu(e.getMessage(), e);
                    }
                    throw new qpu(e.getMessage());
                }
                break;
            case TOKEN_GENERATED:
                break;
            default:
                throw new IllegalStateException("Illegal state: " + this.qLV);
        }
        txt txtVar = this.qLU;
        String str = new String(txt.ba(this.qLW));
        if (this.log.isDebugEnabled()) {
            this.log.debug("Sending response '" + str + "' back to the auth server");
        }
        raz razVar = new raz(32);
        if (isProxy()) {
            razVar.append("Proxy-Authorization");
        } else {
            razVar.append("Authorization");
        }
        razVar.append(": Negotiate ");
        razVar.append(str);
        return new qzs(razVar);
    }

    @Override // defpackage.qur
    protected final void a(raz razVar, int i, int i2) throws qqa {
        String substringTrimmed = razVar.substringTrimmed(i, i2);
        if (this.log.isDebugEnabled()) {
            this.log.debug("Received challenge '" + substringTrimmed + "' from the auth server");
        }
        if (this.qLV != a.UNINITIATED) {
            this.log.debug("Authentication already attempted");
            this.qLV = a.FAILED;
        } else {
            txt txtVar = this.qLU;
            this.qLW = txt.decode(substringTrimmed.getBytes());
            this.qLV = a.CHALLENGE_RECEIVED;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final byte[] a(byte[] bArr, Oid oid, String str) throws GSSException {
        if (bArr == null) {
            bArr = new byte[0];
        }
        GSSManager gSSManager = GSSManager.getInstance();
        GSSContext createContext = gSSManager.createContext(gSSManager.createName("HTTP@" + str, GSSName.NT_HOSTBASED_SERVICE).canonicalize(oid), oid, (GSSCredential) null, 0);
        createContext.requestMutualAuth(true);
        createContext.requestCredDeleg(true);
        return createContext.initSecContext(bArr, 0, bArr.length);
    }

    protected abstract byte[] d(byte[] bArr, String str) throws GSSException;

    @Override // defpackage.qpp
    public final boolean isComplete() {
        return this.qLV == a.TOKEN_GENERATED || this.qLV == a.FAILED;
    }
}
