package aurora.plugin.ntlm;

import aurora.plugin.spnego.SpnegoConfig;
import java.io.IOException;
import java.util.Iterator;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import jcifs.Config;
import jcifs.UniAddress;
import jcifs.http.NtlmSsp;
import jcifs.ntlmssp.Type1Message;
import jcifs.ntlmssp.Type3Message;
import jcifs.smb.NtlmPasswordAuthentication;
import jcifs.smb.SmbAuthException;
import jcifs.smb.SmbSession;
import jcifs.util.Base64;
import uncertain.composite.CompositeMap;

/* loaded from: input_file:aurora/plugin/ntlm/NtlmAuthenticator.class */
public class NtlmAuthenticator {
    private String defaultDomain;
    private String domainController;
    private String realm;
    private boolean offerBasic;
    NtlmConfig ntlmConfig;

    public NtlmAuthenticator(NtlmConfig ntlmConfig) {
        this.ntlmConfig = ntlmConfig;
        this.offerBasic = ntlmConfig.getEnableBasic();
    }

    public NtlmPasswordAuthentication authenticate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        String header = httpServletRequest.getHeader(SpnegoConfig.Constants.AUTHZ_HEADER);
        if (header != null && header.startsWith("NTLM ")) {
            Type1Message type1Message = null;
            Type3Message type3Message = null;
            byte[] decode = Base64.decode(header.substring(5));
            if (decode[8] == 1) {
                type1Message = new Type1Message(decode);
                this.defaultDomain = type1Message.getSuppliedDomain();
            } else if (decode[8] == 3) {
                type3Message = new Type3Message(decode);
                this.defaultDomain = type3Message.getDomain();
            }
            DomainInstance defaultDomainInstance = this.defaultDomain == null ? this.ntlmConfig.getDefaultDomainInstance() : this.ntlmConfig.getDomainInstance(this.defaultDomain.toUpperCase());
            if (defaultDomainInstance == null) {
                throw new NtlmException("DomainInstance is null;defaultDomain:" + this.defaultDomain + ";type1:" + type1Message + ";type3:" + type3Message);
            }
            this.domainController = defaultDomainInstance.getDomainController();
            Config.setProperty("jcifs.smb.client.domain", defaultDomainInstance.getDomain());
            Config.setProperty("jcifs.smb.client.username", defaultDomainInstance.getUserName());
            Config.setProperty("jcifs.smb.client.password", defaultDomainInstance.getPassword());
            UniAddress byName = UniAddress.getByName(this.domainController, true);
            NtlmPasswordAuthentication authenticate = NtlmSsp.authenticate(httpServletRequest, httpServletResponse, SmbSession.getChallenge(byName));
            if (authenticate == null) {
                return null;
            }
            SmbSession.logon(byName, authenticate);
            return authenticate;
        }
        if (header != null && header.startsWith("Basic ") && this.offerBasic) {
            String str = new String(Base64.decode(header.substring(6)), "US-ASCII");
            int indexOf = str.indexOf(58);
            String substring = indexOf != -1 ? str.substring(0, indexOf) : str;
            String substring2 = indexOf != -1 ? str.substring(indexOf + 1) : "";
            int indexOf2 = substring.indexOf(92);
            if (indexOf2 == -1) {
                indexOf2 = substring.indexOf(47);
            }
            String substring3 = indexOf2 != -1 ? substring.substring(indexOf2 + 1) : substring;
            CompositeMap domainInstances = this.ntlmConfig.getDomainInstances();
            Iterator it = domainInstances.keySet().iterator();
            while (it.hasNext()) {
                DomainInstance domainInstance = (DomainInstance) domainInstances.get(it.next());
                Config.setProperty("jcifs.smb.client.domain", domainInstance.getDomain());
                Config.setProperty("jcifs.smb.client.username", domainInstance.getUserName());
                Config.setProperty("jcifs.smb.client.password", domainInstance.getPassword());
                this.defaultDomain = domainInstance.getDomain();
                this.domainController = domainInstance.getDomainController();
                NtlmPasswordAuthentication ntlmPasswordAuthentication = new NtlmPasswordAuthentication(indexOf2 != -1 ? substring3.substring(0, indexOf2) : this.defaultDomain, substring3, substring2);
                try {
                    SmbSession.logon(UniAddress.getByName(this.domainController, true), ntlmPasswordAuthentication);
                    return ntlmPasswordAuthentication;
                } catch (SmbAuthException e) {
                    e.printStackTrace();
                }
            }
        }
        httpServletResponse.setHeader(SpnegoConfig.Constants.AUTHN_HEADER, "NTLM");
        if (this.offerBasic) {
            this.realm = "Basic Authenticate Logon failure: unknown user name or bad password";
            httpServletResponse.addHeader(SpnegoConfig.Constants.AUTHN_HEADER, "Basic realm=\"" + this.realm + "\"");
        }
        httpServletResponse.setStatus(401);
        httpServletResponse.setContentLength(0);
        httpServletResponse.flushBuffer();
        return null;
    }
}
