package org.owasp.proxy.http.server;

import flex.messaging.config.SecurityConstraint;
import java.io.IOException;
import java.io.InputStream;
import java.net.Authenticator;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.PasswordAuthentication;
import java.util.ArrayList;
import java.util.List;
import java.util.logging.Logger;
import jcifs.ntlmssp.Type1Message;
import jcifs.ntlmssp.Type2Message;
import jcifs.ntlmssp.Type3Message;
import org.owasp.proxy.http.BufferedRequest;
import org.owasp.proxy.http.MessageFormatException;
import org.owasp.proxy.http.MessageUtils;
import org.owasp.proxy.http.MutableBufferedRequest;
import org.owasp.proxy.http.NamedValue;
import org.owasp.proxy.http.ResponseHeader;
import org.owasp.proxy.http.StreamingRequest;
import org.owasp.proxy.http.StreamingResponse;
import org.owasp.proxy.util.Base64;

/* loaded from: input_file:lib/proxy-1.1-SNAPSHOT.jar:org/owasp/proxy/http/server/AuthenticatingHttpRequestHandler.class */
public class AuthenticatingHttpRequestHandler implements HttpRequestHandler {
    private static String AUTHENTICATE = "WWW-Authenticate";
    private static String AUTHORIZATION = "Authorization";
    private static int NTLMV2_FLAGS = 557575;
    private static int NTLMV2_FLAGS_TYPE3 = NTLMV2_FLAGS & (-3);
    private HttpRequestHandler delegate;
    private Logger logger = Logger.getLogger(getClass().getName());

    public AuthenticatingHttpRequestHandler(HttpRequestHandler httpRequestHandler) {
        this.delegate = httpRequestHandler;
    }

    @Override // org.owasp.proxy.http.server.HttpRequestHandler
    public void dispose() throws IOException {
        this.delegate.dispose();
    }

    @Override // org.owasp.proxy.http.server.HttpRequestHandler
    public StreamingResponse handleRequest(InetAddress inetAddress, StreamingRequest streamingRequest, boolean z) throws IOException, MessageFormatException {
        MutableBufferedRequest.Impl impl = new MutableBufferedRequest.Impl();
        if (MessageUtils.expectContent(streamingRequest)) {
            MessageUtils.delayedCopy(streamingRequest, (MutableBufferedRequest) impl, 100000, new MessageUtils.DelayedCopyObserver() { // from class: org.owasp.proxy.http.server.AuthenticatingHttpRequestHandler.1
                @Override // org.owasp.proxy.http.MessageUtils.DelayedCopyObserver
                public void copyCompleted(boolean z2, int i) {
                    System.out.println("Content Read! " + i);
                }
            });
        } else {
            MessageUtils.buffer(streamingRequest, (MutableBufferedRequest) impl, 0);
        }
        StreamingResponse handleRequest = this.delegate.handleRequest(inetAddress, streamingRequest, z);
        int i = 0;
        Object obj = null;
        while ("401".equals(handleRequest.getStatus()) && i < 3) {
            i++;
            List<String> challenges = getChallenges(AUTHENTICATE, handleRequest);
            if (challenges.size() > 0) {
                String constructResponse = constructResponse(streamingRequest.getTarget(), challenges);
                if (constructResponse == null || constructResponse.equals(obj)) {
                    break;
                }
                consumeContent(handleRequest.getContent());
                obj = constructResponse;
                StreamingRequest.Impl impl2 = new StreamingRequest.Impl();
                MessageUtils.stream((BufferedRequest) impl, (StreamingRequest) impl2);
                impl2.setHeader(AUTHORIZATION, constructResponse);
                handleRequest = this.delegate.handleRequest(inetAddress, impl2, z);
            }
        }
        return handleRequest;
    }

    private List<String> getChallenges(String str, ResponseHeader responseHeader) throws MessageFormatException {
        ArrayList arrayList = new ArrayList();
        NamedValue[] headers = responseHeader.getHeaders();
        for (int i = 0; i < headers.length; i++) {
            if (str.equalsIgnoreCase(headers[i].getName())) {
                arrayList.add(headers[i].getValue());
            }
        }
        return arrayList;
    }

    private void consumeContent(InputStream inputStream) throws IOException {
        do {
        } while (inputStream.read(new byte[1024]) > -1);
    }

    private String constructResponse(InetSocketAddress inetSocketAddress, List<String> list) throws IOException {
        int indexOf;
        String chooseChallenge = chooseChallenge(list);
        this.logger.info("Challenge is " + chooseChallenge);
        if (chooseChallenge == null) {
            return null;
        }
        if (!chooseChallenge.startsWith("NTLM")) {
            if (!chooseChallenge.startsWith(SecurityConstraint.BASIC_AUTH_METHOD) || (indexOf = chooseChallenge.indexOf("realm=")) == -1) {
                return null;
            }
            PasswordAuthentication requestPasswordAuthentication = Authenticator.requestPasswordAuthentication(inetSocketAddress.getHostName(), inetSocketAddress.isUnresolved() ? null : inetSocketAddress.getAddress(), inetSocketAddress.getPort(), "HTTP", chooseChallenge.substring(indexOf + 6), "Basic Authentication");
            if (requestPasswordAuthentication == null) {
                return null;
            }
            return "Basic " + Base64.encodeBytes((requestPasswordAuthentication.getUserName() + ":" + new String(requestPasswordAuthentication.getPassword())).getBytes(), 0);
        }
        if (chooseChallenge.length() == 4) {
            Type1Message type1Message = new Type1Message(NTLMV2_FLAGS, null, null);
            this.logger.fine("Sending message: " + type1Message);
            return "NTLM " + Base64.encodeBytes(type1Message.toByteArray(), 0);
        }
        Type2Message type2Message = new Type2Message(Base64.decode(chooseChallenge.substring(5), 0));
        this.logger.fine("Got Type 2 challenge : " + type2Message);
        String target = type2Message.getTarget();
        PasswordAuthentication requestPasswordAuthentication2 = Authenticator.requestPasswordAuthentication(inetSocketAddress.getHostName(), inetSocketAddress.isUnresolved() ? null : inetSocketAddress.getAddress(), inetSocketAddress.getPort(), "HTTP", target, "NTLM");
        if (requestPasswordAuthentication2 == null) {
            return null;
        }
        String userName = requestPasswordAuthentication2.getUserName();
        String str = new String(requestPasswordAuthentication2.getPassword());
        int indexOf2 = userName.indexOf(92);
        if (indexOf2 > -1) {
            target = userName.substring(0, indexOf2);
            userName = userName.substring(indexOf2 + 1);
        }
        Type3Message type3Message = new Type3Message(type2Message, str, target, userName, (String) null, NTLMV2_FLAGS_TYPE3);
        this.logger.fine("Sending type 3 : " + type3Message);
        return "NTLM " + Base64.encodeBytes(type3Message.toByteArray(), 0);
    }

    private String chooseChallenge(List<String> list) {
        for (String str : list) {
            if (str.startsWith("NTLM")) {
                return str;
            }
        }
        return null;
    }
}
