package org.apache.abdera.ext.wsse;

import java.security.MessageDigest;
import java.security.SecureRandom;
import java.util.Date;
import net.sf.json.util.JSONUtils;
import org.apache.abdera.model.AtomDate;
import org.apache.abdera.protocol.client.AbderaClient;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.httpclient.Credentials;
import org.apache.commons.httpclient.HttpMethod;
import org.apache.commons.httpclient.UsernamePasswordCredentials;
import org.apache.commons.httpclient.auth.AuthScheme;
import org.apache.commons.httpclient.auth.AuthenticationException;
import org.apache.commons.httpclient.auth.RFC2617Scheme;

/* loaded from: input_file:WEB-INF/lib/abdera-bundle-1.1.2.jar:org/apache/abdera/ext/wsse/WSSEAuthScheme.class */
public class WSSEAuthScheme extends RFC2617Scheme implements AuthScheme {
    private final int NONCE_LENGTH = 16;

    public static void register(AbderaClient abderaClient, boolean z) {
        AbderaClient.registerScheme("WSSE", WSSEAuthScheme.class);
        if (z) {
            abderaClient.setAuthenticationSchemePriority("WSSE");
        } else {
            abderaClient.setAuthenticationSchemeDefaults();
        }
    }

    @Override // org.apache.commons.httpclient.auth.AuthScheme
    public String authenticate(Credentials credentials, HttpMethod httpMethod) throws AuthenticationException {
        if (!(credentials instanceof UsernamePasswordCredentials)) {
            return null;
        }
        UsernamePasswordCredentials usernamePasswordCredentials = (UsernamePasswordCredentials) credentials;
        AtomDate atomDate = new AtomDate(new Date());
        String generateNonce = generateNonce();
        String str = "UsernameToken Username=\"" + usernamePasswordCredentials.getUserName() + "\", PasswordDigest=\"" + generatePasswordDigest(usernamePasswordCredentials.getPassword(), generateNonce, atomDate) + "\", Nonce=\"" + generateNonce + "\", Created=\"" + atomDate.getValue() + JSONUtils.DOUBLE_QUOTE;
        if (httpMethod == null) {
            return "WSSE profile=\"UsernameToken\"";
        }
        httpMethod.addRequestHeader("X-WSSE", str);
        return "WSSE profile=\"UsernameToken\"";
    }

    private String generatePasswordDigest(String str, String str2, AtomDate atomDate) throws AuthenticationException {
        try {
            return new String(Base64.encodeBase64(MessageDigest.getInstance("SHA1").digest((str2 + atomDate.getValue() + str).getBytes())));
        } catch (Exception e) {
            throw new AuthenticationException(e.getMessage(), e);
        }
    }

    private String generateNonce() throws AuthenticationException {
        try {
            byte[] bArr = new byte[16];
            SecureRandom.getInstance("SHA1PRNG").nextBytes(bArr);
            return new String(Hex.encodeHex(bArr));
        } catch (Exception e) {
            throw new AuthenticationException(e.getMessage(), e);
        }
    }

    @Override // org.apache.commons.httpclient.auth.AuthScheme
    public String authenticate(Credentials credentials, String str, String str2) throws AuthenticationException {
        return authenticate(credentials, null);
    }

    @Override // org.apache.commons.httpclient.auth.AuthScheme
    public String getSchemeName() {
        return "WSSE";
    }

    @Override // org.apache.commons.httpclient.auth.AuthScheme
    public boolean isComplete() {
        return true;
    }

    @Override // org.apache.commons.httpclient.auth.AuthScheme
    public boolean isConnectionBased() {
        return false;
    }
}
