package com.kingdee.bos.qing.data.util;

import com.kingdee.bos.qing.common.Messages;
import com.kingdee.bos.qing.data.exception.api.OpenAPIAuthException;
import com.kingdee.bos.qing.data.exception.api.OpenAPIErrorCode;
import com.kingdee.bos.qing.util.HttpUtil;
import com.kingdee.bos.qing.util.LogUtil;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Map;
import java.util.Random;
import org.apache.commons.codec.binary.Hex;

/* loaded from: input_file:com/kingdee/bos/qing/data/util/DigestUtil.class */
public class DigestUtil {
    private static final String nc = "00000001";

    public static String getRequestHeads(String str, String str2, String str3) throws OpenAPIAuthException, NoSuchAlgorithmException {
        return getAuthorization(getChallengeHeads(str3), str3.split(".QData")[1], str, str2, "POST");
    }

    private static String getChallengeHeads(String str) {
        return HttpUtil.restfulForEntity(str, (Map) null, (String) null).getHeaders("WWW-Authenticate")[0].getValue();
    }

    private static String getAuthorization(String str, String str2, String str3, String str4, String str5) throws OpenAPIAuthException, NoSuchAlgorithmException {
        if (str == null || str.length() <= 7) {
            return null;
        }
        if (str.toLowerCase().indexOf("digest") >= 0) {
            str = str.substring(6);
        }
        String str6 = null;
        String str7 = null;
        String str8 = null;
        String str9 = null;
        try {
            for (String str10 : str.replaceAll("\"", "").split(",")) {
                String trim = str10.substring(0, str10.indexOf("=")).trim();
                String trim2 = str10.substring(str10.indexOf("=") + 1).trim();
                if ("realm".equals(trim)) {
                    str6 = trim2;
                } else if ("qop".equals(trim)) {
                    str8 = trim2;
                } else if ("nonce".equals(trim)) {
                    str7 = trim2;
                } else if ("algorithm".equals(trim)) {
                    str9 = trim2;
                }
            }
            if (str6 == null || str7 == null || str9 == null) {
                throw new OpenAPIAuthException(OpenAPIErrorCode.DIGEST_AUTH_HEAD_PARAM_ERROR, Messages.getMLS("theDigestAuthHeadParamMissing", "摘要认证质询头参数缺失"));
            }
            String generateSalt = generateSalt(8);
            String createDigestResponse = createDigestResponse(str3, str6, str4, str7, nc, generateSalt, str8, str5, str2, str9);
            StringBuilder sb = new StringBuilder();
            sb.append("Digest ").append("realm=\"").append(str6).append("\",").append("nonce=\"").append(str7).append("\",").append("algorithm=\"").append(str9).append("\",").append("username=\"").append(str3).append("\",").append("nc=\"").append(nc).append("\",").append("cnonce=\"").append(generateSalt).append("\",").append("uri=\"").append(str2).append("\",").append("method=\"").append(str5).append("\",").append("response=\"").append(createDigestResponse).append("\"");
            if (str8 != null) {
                sb.append(",qop=\"").append(str8).append("\"");
            }
            return sb.toString();
        } catch (Exception e) {
            LogUtil.error("摘要认证服务器质询头参数异常", e);
            throw new OpenAPIAuthException(OpenAPIErrorCode.DIGEST_AUTH_HEAD_PARAM_ERROR, e.getMessage());
        }
    }

    public static String generateSalt(int i) {
        StringBuilder sb = new StringBuilder();
        Random random = new Random();
        for (int i2 = 0; i2 < i; i2++) {
            String str = random.nextInt(2) % 2 == 0 ? "char" : "num";
            if ("char".equalsIgnoreCase(str)) {
                sb.append((char) (random.nextInt(26) + (random.nextInt(2) % 2 == 0 ? 65 : 97)));
            } else if ("num".equalsIgnoreCase(str)) {
                sb.append(random.nextInt(10));
            }
        }
        return sb.toString().toLowerCase();
    }

    public static String createDigestResponse(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, String str9, String str10) {
        String str11 = new String(Hex.encodeHex(md5(("MD5".equals(str10) ? createHa1(str, str2, str3) : createHa1WithSess(str, str2, str3, str4, str6)).getBytes())));
        String str12 = new String(Hex.encodeHex(md5(createHa2(str8, str9).getBytes())));
        return new String(Hex.encodeHex(md5((str7 == null ? str11 + ":" + str4 + ":" + str12 : str11 + ":" + str4 + ":" + str5 + ":" + str6 + ":" + str7 + ":" + str12).getBytes())));
    }

    private static String createHa1(String str, String str2, String str3) {
        return str + ":" + str2 + ":" + str3;
    }

    private static String createHa1WithSess(String str, String str2, String str3, String str4, String str5) {
        return new String(Hex.encodeHex(md5(createHa1(str, str2, str3).getBytes()))) + ":" + str4 + ":" + str5;
    }

    private static String createHa2(String str, String str2) {
        return str + ":" + str2;
    }

    public static byte[] md5(byte[] bArr) {
        return digest(bArr, "MD5", null, 1);
    }

    private static byte[] digest(byte[] bArr, String str, byte[] bArr2, int i) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(str);
            if (bArr2 != null) {
                messageDigest.update(bArr2);
            }
            byte[] digest = messageDigest.digest(bArr);
            for (int i2 = 1; i2 < i; i2++) {
                messageDigest.reset();
                digest = messageDigest.digest(digest);
            }
            return digest;
        } catch (GeneralSecurityException e) {
            LogUtil.error("生成摘要算法异常：", e);
            return null;
        }
    }
}
