package org.eclipse.jetty.security.authentication;

import com.fasterxml.jackson.annotation.JsonProperty;
import java.io.IOException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.eclipse.jetty.http.HttpHeader;
import org.eclipse.jetty.security.ServerAuthException;
import org.eclipse.jetty.security.UserAuthentication;
import org.eclipse.jetty.server.Authentication;
import org.eclipse.jetty.server.UserIdentity;
import org.eclipse.jetty.util.log.Log;
import org.eclipse.jetty.util.log.Logger;
import org.eclipse.jetty.util.security.Constraint;

@Deprecated
/* loaded from: input_file:org/eclipse/jetty/security/authentication/SpnegoAuthenticator.class */
public class SpnegoAuthenticator extends LoginAuthenticator {
    private static final Logger LOG = Log.getLogger((Class<?>) SpnegoAuthenticator.class);
    private String _authMethod;

    public SpnegoAuthenticator() {
        this._authMethod = Constraint.__SPNEGO_AUTH;
    }

    public SpnegoAuthenticator(String str) {
        this._authMethod = Constraint.__SPNEGO_AUTH;
        this._authMethod = str;
    }

    @Override // org.eclipse.jetty.security.Authenticator
    public String getAuthMethod() {
        return this._authMethod;
    }

    @Override // org.eclipse.jetty.security.Authenticator
    public Authentication validateRequest(ServletRequest servletRequest, ServletResponse servletResponse, boolean z) throws ServerAuthException {
        UserIdentity login;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String header = ((HttpServletRequest) servletRequest).getHeader(HttpHeader.AUTHORIZATION.asString());
        String authSchemeFromHeader = getAuthSchemeFromHeader(header);
        if (!z) {
            return new DeferredAuthentication(this);
        }
        if (header != null && isAuthSchemeNegotiate(authSchemeFromHeader) && (login = login(null, header.substring(10), servletRequest)) != null) {
            return new UserAuthentication(getAuthMethod(), login);
        }
        try {
            if (DeferredAuthentication.isDeferred(httpServletResponse)) {
                return Authentication.UNAUTHENTICATED;
            }
            LOG.debug("Sending challenge", new Object[0]);
            httpServletResponse.setHeader(HttpHeader.WWW_AUTHENTICATE.asString(), HttpHeader.NEGOTIATE.asString());
            httpServletResponse.sendError(401);
            return Authentication.SEND_CONTINUE;
        } catch (IOException e) {
            throw new ServerAuthException(e);
        }
    }

    String getAuthSchemeFromHeader(String str) {
        if (str == null || str.isEmpty()) {
            return JsonProperty.USE_DEFAULT_NAME;
        }
        String trim = str.trim();
        int indexOf = trim.indexOf(32);
        return indexOf > 0 ? trim.substring(0, indexOf) : trim;
    }

    boolean isAuthSchemeNegotiate(String str) {
        if (str == null || str.length() != HttpHeader.NEGOTIATE.asString().length()) {
            return false;
        }
        return str.equalsIgnoreCase(HttpHeader.NEGOTIATE.asString());
    }

    @Override // org.eclipse.jetty.security.Authenticator
    public boolean secureResponse(ServletRequest servletRequest, ServletResponse servletResponse, boolean z, Authentication.User user) throws ServerAuthException {
        return true;
    }
}
