package b0.a.b.f0.h;

import com.google.common.net.HttpHeaders;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.Objects;
import org.apache.http.auth.AuthenticationException;
import org.apache.http.auth.InvalidCredentialsException;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.Oid;

/* loaded from: classes4.dex */
public abstract class f extends b0.a.b.f0.h.a {
    public final boolean d;

    /* renamed from: e, reason: collision with root package name */
    public final boolean f186e;
    public byte[] g;
    public final b0.a.a.b.a b = b0.a.a.b.h.f(getClass());
    public final b0.a.a.a.b.a c = new b0.a.a.a.b.a(0);
    public a f = a.UNINITIATED;

    /* loaded from: classes4.dex */
    public enum a {
        UNINITIATED,
        CHALLENGE_RECEIVED,
        TOKEN_GENERATED,
        FAILED
    }

    public f(boolean z2, boolean z3) {
        this.d = z2;
        this.f186e = z3;
    }

    @Override // b0.a.b.f0.h.a, b0.a.b.y.l
    public b0.a.b.d a(b0.a.b.y.m mVar, b0.a.b.n nVar, b0.a.b.k0.f fVar) {
        b0.a.b.k kVar;
        e.a.a.l.b.g0(nVar, "HTTP request");
        int ordinal = this.f.ordinal();
        if (ordinal == 0) {
            throw new AuthenticationException(g() + " authentication has not been initiated");
        }
        if (ordinal == 1) {
            try {
                b0.a.b.c0.u.b bVar = (b0.a.b.c0.u.b) fVar.a("http.route");
                if (bVar == null) {
                    throw new AuthenticationException("Connection route is not available");
                }
                if (h()) {
                    kVar = bVar.c();
                    if (kVar == null) {
                        kVar = bVar.a;
                    }
                } else {
                    kVar = bVar.a;
                }
                String str = kVar.a;
                if (this.f186e) {
                    try {
                        InetAddress byName = InetAddress.getByName(str);
                        String canonicalHostName = byName.getCanonicalHostName();
                        if (!byName.getHostAddress().contentEquals(canonicalHostName)) {
                            str = canonicalHostName;
                        }
                    } catch (UnknownHostException unused) {
                    }
                }
                if (!this.d) {
                    str = str + ":" + kVar.c;
                }
                if (this.b.d()) {
                    this.b.a("init " + str);
                }
                this.g = l(this.g, str, mVar);
                this.f = a.TOKEN_GENERATED;
            } catch (GSSException e2) {
                this.f = a.FAILED;
                if (e2.getMajor() == 9 || e2.getMajor() == 8) {
                    throw new InvalidCredentialsException(e2.getMessage(), e2);
                }
                if (e2.getMajor() == 13) {
                    throw new InvalidCredentialsException(e2.getMessage(), e2);
                }
                if (e2.getMajor() == 10 || e2.getMajor() == 19 || e2.getMajor() == 20) {
                    throw new AuthenticationException(e2.getMessage(), e2);
                }
                throw new AuthenticationException(e2.getMessage());
            }
        } else if (ordinal != 2) {
            if (ordinal != 3) {
                StringBuilder P = v.b.b.a.a.P("Illegal state: ");
                P.append(this.f);
                throw new IllegalStateException(P.toString());
            }
            throw new AuthenticationException(g() + " authentication has failed");
        }
        String str2 = new String(this.c.b(this.g));
        if (this.b.d()) {
            this.b.a("Sending response '" + str2 + "' back to the auth server");
        }
        b0.a.b.l0.b bVar2 = new b0.a.b.l0.b(32);
        if (h()) {
            bVar2.b(HttpHeaders.PROXY_AUTHORIZATION);
        } else {
            bVar2.b(HttpHeaders.AUTHORIZATION);
        }
        bVar2.b(": Negotiate ");
        bVar2.b(str2);
        return new b0.a.b.h0.q(bVar2);
    }

    @Override // b0.a.b.y.c
    @Deprecated
    public b0.a.b.d b(b0.a.b.y.m mVar, b0.a.b.n nVar) {
        return a(mVar, nVar, null);
    }

    @Override // b0.a.b.y.c
    public boolean c() {
        a aVar = this.f;
        return aVar == a.TOKEN_GENERATED || aVar == a.FAILED;
    }

    @Override // b0.a.b.f0.h.a
    public void i(b0.a.b.l0.b bVar, int i, int i2) {
        String i3 = bVar.i(i, i2);
        if (this.b.d()) {
            this.b.a("Received challenge '" + i3 + "' from the auth server");
        }
        if (this.f == a.UNINITIATED) {
            this.g = b0.a.a.a.b.a.f(i3.getBytes());
            this.f = a.CHALLENGE_RECEIVED;
        } else {
            this.b.a("Authentication already attempted");
            this.f = a.FAILED;
        }
    }

    public GSSContext j(GSSManager gSSManager, Oid oid, GSSName gSSName, GSSCredential gSSCredential) {
        GSSContext createContext = gSSManager.createContext(gSSName.canonicalize(oid), oid, (GSSCredential) null, 0);
        createContext.requestMutualAuth(true);
        return createContext;
    }

    public byte[] k(byte[] bArr, Oid oid, String str, b0.a.b.y.m mVar) {
        GSSManager m = m();
        GSSName createName = m.createName(v.b.b.a.a.E("HTTP@", str), GSSName.NT_HOSTBASED_SERVICE);
        if (mVar instanceof b0.a.b.y.n) {
            Objects.requireNonNull((b0.a.b.y.n) mVar);
        }
        GSSContext j = j(m, oid, createName, null);
        return bArr != null ? j.initSecContext(bArr, 0, bArr.length) : j.initSecContext(new byte[0], 0, 0);
    }

    public abstract byte[] l(byte[] bArr, String str, b0.a.b.y.m mVar);

    public GSSManager m() {
        return GSSManager.getInstance();
    }
}
