package org.apache.http.impl.auth;

import com.google.common.net.HttpHeaders;
import defpackage.a;
import defpackage.el;
import defpackage.kl;
import defpackage.lm;
import defpackage.n;
import defpackage.sp;
import defpackage.tl;
import defpackage.ty;
import defpackage.vk;
import defpackage.vr;
import defpackage.xk;
import java.net.InetAddress;
import java.net.UnknownHostException;
import org.apache.http.HttpHost;
import org.apache.http.auth.AuthenticationException;
import org.apache.http.auth.InvalidCredentialsException;
import org.apache.http.auth.KerberosCredentials;
import org.apache.http.message.BufferedHeader;
import org.apache.http.util.CharArrayBuffer;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.Oid;

/* loaded from: classes2.dex */
public abstract class GGSSchemeBase extends vr {

    /* renamed from: a, reason: collision with other field name */
    public final boolean f1650a;

    /* renamed from: a, reason: collision with other field name */
    public byte[] f1651a;
    public final boolean b;

    /* renamed from: a, reason: collision with other field name */
    public final xk f1649a = el.b(getClass());

    /* renamed from: a, reason: collision with other field name */
    public final vk f1648a = new vk(0);
    public State a = State.UNINITIATED;

    /* loaded from: classes2.dex */
    public enum State {
        UNINITIATED,
        CHALLENGE_RECEIVED,
        TOKEN_GENERATED,
        FAILED
    }

    public GGSSchemeBase(boolean z, boolean z2) {
        this.f1650a = z;
        this.b = z2;
    }

    @Override // defpackage.dm
    @Deprecated
    public kl a(lm lmVar, tl tlVar) {
        return a(lmVar, tlVar, (ty) null);
    }

    @Override // defpackage.vr, defpackage.km
    public kl a(lm lmVar, tl tlVar, ty tyVar) {
        HttpHost httpHost;
        a.a(tlVar, "HTTP request");
        int ordinal = this.a.ordinal();
        if (ordinal == 0) {
            throw new AuthenticationException(b() + " authentication has not been initiated");
        }
        if (ordinal == 1) {
            try {
                sp spVar = (sp) tyVar.a("http.route");
                if (spVar == null) {
                    throw new AuthenticationException("Connection route is not available");
                }
                if (c()) {
                    httpHost = spVar.mo434b();
                    if (httpHost == null) {
                        httpHost = spVar.f2134a;
                    }
                } else {
                    httpHost = spVar.f2134a;
                }
                String a = httpHost.a();
                if (this.b) {
                    try {
                        InetAddress byName = InetAddress.getByName(a);
                        String canonicalHostName = byName.getCanonicalHostName();
                        if (!byName.getHostAddress().contentEquals(canonicalHostName)) {
                            a = canonicalHostName;
                        }
                    } catch (UnknownHostException unused) {
                    }
                }
                if (!this.f1650a) {
                    a = a + ":" + httpHost.b();
                }
                if (this.f1649a.b()) {
                    this.f1649a.c("init " + a);
                }
                this.f1651a = a(this.f1651a, a, lmVar);
                this.a = State.TOKEN_GENERATED;
            } catch (GSSException e) {
                this.a = State.FAILED;
                if (e.getMajor() == 9 || e.getMajor() == 8) {
                    throw new InvalidCredentialsException(e.getMessage(), e);
                }
                if (e.getMajor() == 13) {
                    throw new InvalidCredentialsException(e.getMessage(), e);
                }
                if (e.getMajor() == 10 || e.getMajor() == 19 || e.getMajor() == 20) {
                    throw new AuthenticationException(e.getMessage(), e);
                }
                throw new AuthenticationException(e.getMessage());
            }
        } else if (ordinal != 2) {
            if (ordinal != 3) {
                StringBuilder m389a = n.m389a("Illegal state: ");
                m389a.append(this.a);
                throw new IllegalStateException(m389a.toString());
            }
            throw new AuthenticationException(b() + " authentication has failed");
        }
        String str = new String(this.f1648a.a(this.f1651a));
        if (this.f1649a.b()) {
            this.f1649a.c("Sending response '" + str + "' back to the auth server");
        }
        CharArrayBuffer charArrayBuffer = new CharArrayBuffer(32);
        if (c()) {
            charArrayBuffer.a(HttpHeaders.PROXY_AUTHORIZATION);
        } else {
            charArrayBuffer.a("Authorization");
        }
        charArrayBuffer.a(": Negotiate ");
        charArrayBuffer.a(str);
        return new BufferedHeader(charArrayBuffer);
    }

    public GSSContext a(GSSManager gSSManager, Oid oid, GSSName gSSName, GSSCredential gSSCredential) {
        GSSContext createContext = gSSManager.createContext(gSSName.canonicalize(oid), oid, gSSCredential, 0);
        createContext.requestMutualAuth(true);
        return createContext;
    }

    public GSSManager a() {
        return GSSManager.getInstance();
    }

    @Override // defpackage.vr
    public void a(CharArrayBuffer charArrayBuffer, int i, int i2) {
        String b = charArrayBuffer.b(i, i2);
        if (this.f1649a.b()) {
            this.f1649a.c("Received challenge '" + b + "' from the auth server");
        }
        if (this.a == State.UNINITIATED) {
            this.f1651a = vk.b(b.getBytes());
            this.a = State.CHALLENGE_RECEIVED;
        } else {
            this.f1649a.c("Authentication already attempted");
            this.a = State.FAILED;
        }
    }

    public abstract byte[] a(byte[] bArr, String str, lm lmVar);

    public byte[] a(byte[] bArr, Oid oid, String str, lm lmVar) {
        GSSManager a = a();
        GSSContext a2 = a(a, oid, a.createName(n.b("HTTP@", str), GSSName.NT_HOSTBASED_SERVICE), lmVar instanceof KerberosCredentials ? ((KerberosCredentials) lmVar).m432a() : null);
        return bArr != null ? a2.initSecContext(bArr, 0, bArr.length) : a2.initSecContext(new byte[0], 0, 0);
    }

    @Override // defpackage.dm
    /* renamed from: b */
    public boolean mo182b() {
        State state = this.a;
        return state == State.TOKEN_GENERATED || state == State.FAILED;
    }
}
