package com.ibm.ws.sip.security.digest;

import com.ibm.websphere.security.auth.callback.WSCallbackHandlerImpl;
import com.ibm.workplace.util.logging.Log;
import com.ibm.workplace.util.logging.LogMgr;
import com.ibm.workplace.util.logging.Situation;
import com.ibm.ws.sip.container.parser.SipAppDesc;
import com.ibm.ws.sip.security.tai.AuthenticationFailedException;
import com.ibm.ws.sip.security.tai.SIPBaseTrustAssociationInterceptor;
import jain.protocol.ip.sip.header.SecurityHeader;
import java.util.Properties;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;

/* JADX WARN: Classes with same name are omitted:
  input_file:plugins/com.ibm.voicetools.debug.vxml.model_6.0.1/lib/sipsecurityserver.jar:com/ibm/ws/sip/security/digest/DigestTAI.class
 */
/* loaded from: input_file:plugins/com.ibm.voicetools.sipclient_6.0.1/lib/sipsecurityserver.jar:com/ibm/ws/sip/security/digest/DigestTAI.class */
public class DigestTAI extends SIPBaseTrustAssociationInterceptor {
    private static final String SERVER_CLASS_PROPERTY_NAME = "DigestPasswordServerClass";
    private static final LogMgr c_logger;
    private SIPDigestService m_digestService = null;
    static Class class$com$ibm$ws$sip$security$digest$DigestTAI;
    static Class class$com$ibm$ws$sip$security$digest$ldap$LdapPasswordServer;

    @Override // com.ibm.ws.sip.security.tai.SIPBaseTrustAssociationInterceptor
    public int init(Properties properties) {
        Class cls;
        if (c_logger.isTraceEntryExitEnabled()) {
            c_logger.traceEntry(this, "init");
        }
        String str = (String) properties.remove(SERVER_CLASS_PROPERTY_NAME);
        if (str == null) {
            if (class$com$ibm$ws$sip$security$digest$ldap$LdapPasswordServer == null) {
                cls = class$("com.ibm.ws.sip.security.digest.ldap.LdapPasswordServer");
                class$com$ibm$ws$sip$security$digest$ldap$LdapPasswordServer = cls;
            } else {
                cls = class$com$ibm$ws$sip$security$digest$ldap$LdapPasswordServer;
            }
            str = cls.getName();
        }
        if (str != null) {
            if (c_logger.isTraceDebugEnabled()) {
                StringBuffer stringBuffer = new StringBuffer("");
                stringBuffer.append("found property [");
                stringBuffer.append(SERVER_CLASS_PROPERTY_NAME);
                stringBuffer.append("]=[");
                stringBuffer.append(str);
                stringBuffer.append("]");
                c_logger.traceDebug(this, "init", stringBuffer.toString());
            }
            try {
                DigestPasswordServer digestPasswordServer = (DigestPasswordServer) Class.forName(str).newInstance();
                if (digestPasswordServer.initialize(properties) == 0) {
                    if (c_logger.isTraceDebugEnabled()) {
                        c_logger.traceDebug(this, "init", "digest password server init successfuly");
                    }
                } else if (c_logger.isTraceDebugEnabled()) {
                    c_logger.traceDebug(this, "init", "digest password server failed to initialize");
                }
                this.m_digestService = new SIPDigestService(digestPasswordServer, properties);
            } catch (ClassNotFoundException e) {
                if (!c_logger.isErrorEnabled()) {
                    return 1;
                }
                c_logger.error("error.exception.classnotfound", Situation.SITUATION_UNKNOWN, null, e);
                return 1;
            } catch (IllegalAccessException e2) {
                if (!c_logger.isErrorEnabled()) {
                    return 1;
                }
                c_logger.error("error.exception.illegalaccess", Situation.SITUATION_UNKNOWN, null, e2);
                return 1;
            } catch (InstantiationException e3) {
                if (!c_logger.isErrorEnabled()) {
                    return 1;
                }
                c_logger.error("error.exception.instantiate", Situation.SITUATION_UNKNOWN, null, e3);
                return 1;
            }
        } else if (c_logger.isTraceDebugEnabled()) {
            StringBuffer stringBuffer2 = new StringBuffer("");
            stringBuffer2.append("property [");
            stringBuffer2.append(SERVER_CLASS_PROPERTY_NAME);
            stringBuffer2.append("] not found");
            c_logger.traceDebug(this, "init", stringBuffer2.toString());
            return 1;
        }
        if (!c_logger.isTraceEntryExitEnabled()) {
            return 0;
        }
        c_logger.traceExit(this, "init");
        return 0;
    }

    @Override // com.ibm.ws.sip.security.tai.SIPBaseTrustAssociationInterceptor
    public boolean doHandleAuthorizationHeader(SecurityHeader securityHeader) {
        if (c_logger.isTraceEntryExitEnabled()) {
            c_logger.traceEntry(this, "doHandleAuthorizationHeader", new Object[]{securityHeader});
        }
        boolean z = false;
        if (securityHeader.getScheme().equalsIgnoreCase(DigestConstants.DIGEST)) {
            z = true;
        }
        if (c_logger.isTraceEntryExitEnabled()) {
            c_logger.traceExit(this, "doHandleAuthorizationHeader", z);
        }
        return z;
    }

    @Override // com.ibm.ws.sip.security.tai.SIPBaseTrustAssociationInterceptor
    public String handleAuthorizationHeader(SecurityHeader securityHeader, String str, SipAppDesc sipAppDesc) throws AuthenticationFailedException {
        if (c_logger.isTraceEntryExitEnabled()) {
            c_logger.traceEntry(this, "handleAuthorizationHeader", new Object[]{securityHeader, str, sipAppDesc});
        }
        String str2 = null;
        if (securityHeader == null) {
            String createNonce = this.m_digestService.createNonce();
            StringBuffer stringBuffer = new StringBuffer(DigestConstants.DIGEST_FIRST_REQUEST);
            stringBuffer.append("\"");
            stringBuffer.append(createNonce);
            stringBuffer.append("\",");
            stringBuffer.append(DigestConstants.DIGEST_REALM);
            stringBuffer.append("\"");
            stringBuffer.append(sipAppDesc.getRealm());
            stringBuffer.append("\"");
            throw new AuthenticationFailedException(stringBuffer.toString());
        }
        if (securityHeader != null) {
            if (!this.m_digestService.authenticate(securityHeader, str)) {
                String createNonce2 = this.m_digestService.createNonce();
                StringBuffer stringBuffer2 = new StringBuffer(DigestConstants.DIGEST_FIRST_REQUEST);
                stringBuffer2.append("\"");
                stringBuffer2.append(createNonce2);
                stringBuffer2.append("\",");
                stringBuffer2.append(DigestConstants.DIGEST_REALM);
                stringBuffer2.append("\"");
                stringBuffer2.append(sipAppDesc.getRealm());
                stringBuffer2.append("\"");
                throw new AuthenticationFailedException(stringBuffer2.toString());
            }
            str2 = new StringBuffer().append("qop=\"auth\",nextnonce=\"").append(this.m_digestService.createNonce()).append("\"").toString();
            if (c_logger.isTraceDebugEnabled()) {
                c_logger.traceDebug(this, "negotiateAndValidateEstablishedTrust", new StringBuffer().append("auth successful sending auth-info=[").append(str2).append("]").toString());
            }
        }
        if (c_logger.isTraceEntryExitEnabled()) {
            c_logger.traceExit(this, "handleAuthorizationHeader", str2);
        }
        return str2;
    }

    private String removeQuotes(String str) {
        return str.charAt(0) == '\"' ? str.substring(1, str.length() - 1) : str;
    }

    @Override // com.ibm.ws.sip.security.tai.SIPBaseTrustAssociationInterceptor
    public String getAuthenticatedUsernameFromAuthorizationHeader(SecurityHeader securityHeader) {
        if (c_logger.isTraceEntryExitEnabled()) {
            c_logger.traceEntry(this, "getAuthenticatedUsernameFromAuthorizationHeader", new Object[]{securityHeader});
        }
        String parameter = securityHeader.getParameter(DigestConstants.PROPERTY_USER_NAME);
        if (c_logger.isTraceEntryExitEnabled()) {
            c_logger.traceExit(this, "getAuthenticatedUsernameFromAuthorizationHeader", parameter);
        }
        return parameter;
    }

    @Override // com.ibm.ws.sip.security.tai.SIPBaseTrustAssociationInterceptor
    public Subject getUserSubject(String str) {
        if (c_logger.isTraceEntryExitEnabled()) {
            c_logger.traceEntry(this, "getUserSubject", new Object[]{str});
        }
        Subject subject = null;
        try {
            LoginContext loginContext = new LoginContext("WSLogin", new WSCallbackHandlerImpl(str, "", this.m_digestService.getUserPassword(str)));
            loginContext.login();
            subject = loginContext.getSubject();
        } catch (LoginException e) {
            if (c_logger.isErrorEnabled()) {
                c_logger.error("error.exception.login", Situation.SITUATION_UNKNOWN, null, e);
            }
        }
        if (c_logger.isTraceEntryExitEnabled()) {
            c_logger.traceExit(this, "getUserSubject", subject);
        }
        return subject;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$com$ibm$ws$sip$security$digest$DigestTAI == null) {
            cls = class$("com.ibm.ws.sip.security.digest.DigestTAI");
            class$com$ibm$ws$sip$security$digest$DigestTAI = cls;
        } else {
            cls = class$com$ibm$ws$sip$security$digest$DigestTAI;
        }
        c_logger = Log.get(cls);
    }
}
