package com.amazonaws.org.apache.http.impl.auth;

import com.amazonaws.org.apache.http.HttpHost;
import com.amazonaws.org.apache.http.auth.AuthenticationException;
import com.amazonaws.org.apache.http.auth.InvalidCredentialsException;
import com.amazonaws.org.apache.http.message.BufferedHeader;
import com.amazonaws.org.apache.http.util.CharArrayBuffer;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.Oid;

/* loaded from: classes.dex */
public abstract class GGSSchemeBase extends a {
    private final Log a;
    private final boolean b;
    private final org.apache.commons.codec.a.a c;
    private State d;
    private byte[] e;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public enum State {
        UNINITIATED,
        CHALLENGE_RECEIVED,
        TOKEN_GENERATED,
        FAILED
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public GGSSchemeBase(boolean z) {
        super((byte) 0);
        this.a = LogFactory.getLog(getClass());
        this.c = new org.apache.commons.codec.a.a();
        this.d = State.UNINITIATED;
        this.b = z;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static byte[] a(byte[] bArr, Oid oid, String str) {
        if (bArr == null) {
            bArr = new byte[0];
        }
        GSSManager gSSManager = GSSManager.getInstance();
        GSSContext createContext = gSSManager.createContext(gSSManager.createName("HTTP@" + str, GSSName.NT_HOSTBASED_SERVICE).canonicalize(oid), oid, (GSSCredential) null, 0);
        createContext.requestMutualAuth(true);
        createContext.requestCredDeleg(true);
        return createContext.initSecContext(bArr, 0, bArr.length);
    }

    @Override // com.amazonaws.org.apache.http.auth.b
    @Deprecated
    public final com.amazonaws.org.apache.http.d a(com.amazonaws.org.apache.http.auth.h hVar, com.amazonaws.org.apache.http.n nVar) {
        return a(hVar, nVar, (com.amazonaws.org.apache.http.e.d) null);
    }

    @Override // com.amazonaws.org.apache.http.impl.auth.a, com.amazonaws.org.apache.http.auth.g
    public com.amazonaws.org.apache.http.d a(com.amazonaws.org.apache.http.auth.h hVar, com.amazonaws.org.apache.http.n nVar, com.amazonaws.org.apache.http.e.d dVar) {
        if (nVar == null) {
            throw new IllegalArgumentException("HTTP request may not be null");
        }
        switch (f.a[this.d.ordinal()]) {
            case 1:
                throw new AuthenticationException(a() + " authentication has not been initiated");
            case 2:
                throw new AuthenticationException(a() + " authentication has failed");
            case 3:
                try {
                    HttpHost httpHost = (HttpHost) dVar.a(e() ? "http.proxy_host" : "http.target_host");
                    if (httpHost != null) {
                        String hostName = (this.b || httpHost.getPort() <= 0) ? httpHost.getHostName() : httpHost.toHostString();
                        if (this.a.isDebugEnabled()) {
                            this.a.debug("init " + hostName);
                        }
                        this.e = a(this.e, hostName);
                        this.d = State.TOKEN_GENERATED;
                        break;
                    } else {
                        throw new AuthenticationException("Authentication host is not set in the execution context");
                    }
                } catch (GSSException e) {
                    this.d = State.FAILED;
                    if (e.getMajor() == 9 || e.getMajor() == 8) {
                        throw new InvalidCredentialsException(e.getMessage(), e);
                    }
                    if (e.getMajor() == 13) {
                        throw new InvalidCredentialsException(e.getMessage(), e);
                    }
                    if (e.getMajor() == 10 || e.getMajor() == 19 || e.getMajor() == 20) {
                        throw new AuthenticationException(e.getMessage(), e);
                    }
                    throw new AuthenticationException(e.getMessage());
                }
                break;
            case 4:
                break;
            default:
                throw new IllegalStateException("Illegal state: " + this.d);
        }
        org.apache.commons.codec.a.a aVar = this.c;
        String str = new String(org.apache.commons.codec.a.a.d(this.e));
        if (this.a.isDebugEnabled()) {
            this.a.debug("Sending response '" + str + "' back to the auth server");
        }
        CharArrayBuffer charArrayBuffer = new CharArrayBuffer(32);
        if (e()) {
            charArrayBuffer.append("Proxy-Authorization");
        } else {
            charArrayBuffer.append("Authorization");
        }
        charArrayBuffer.append(": Negotiate ");
        charArrayBuffer.append(str);
        return new BufferedHeader(charArrayBuffer);
    }

    @Override // com.amazonaws.org.apache.http.impl.auth.a
    protected final void a(CharArrayBuffer charArrayBuffer, int i, int i2) {
        String substringTrimmed = charArrayBuffer.substringTrimmed(i, i2);
        if (this.a.isDebugEnabled()) {
            this.a.debug("Received challenge '" + substringTrimmed + "' from the auth server");
        }
        if (this.d != State.UNINITIATED) {
            this.a.debug("Authentication already attempted");
            this.d = State.FAILED;
        } else {
            org.apache.commons.codec.a.a aVar = this.c;
            this.e = org.apache.commons.codec.a.a.b(substringTrimmed.getBytes());
            this.d = State.CHALLENGE_RECEIVED;
        }
    }

    protected abstract byte[] a(byte[] bArr, String str);

    @Override // com.amazonaws.org.apache.http.auth.b
    public final boolean d() {
        return this.d == State.TOKEN_GENERATED || this.d == State.FAILED;
    }
}
