package com.liferay.portal.security.auth;

import com.liferay.portal.kernel.exception.PortalException;
import com.liferay.portal.kernel.exception.SystemException;
import com.liferay.portal.kernel.util.MapUtil;
import com.liferay.portal.kernel.util.StringBundler;
import com.liferay.portal.security.auth.AuthVerifierResult;
import com.liferay.portal.servlet.filters.secure.NonceUtil;
import com.liferay.portal.util.PortalInstances;
import com.liferay.portal.util.PortalUtil;
import java.util.Properties;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:WEB-INF/lib/portal-impl.jar:com/liferay/portal/security/auth/DigestAuthenticationAuthVerifier.class */
public class DigestAuthenticationAuthVerifier implements AuthVerifier {
    private static final String _DIGEST_REALM = "Digest realm=\"PortalRealm\"";

    public String getAuthType() {
        return "DIGEST";
    }

    public AuthVerifierResult verify(AccessControlContext accessControlContext, Properties properties) throws AuthException {
        try {
            AuthVerifierResult authVerifierResult = new AuthVerifierResult();
            HttpServletRequest request = accessControlContext.getRequest();
            long digestAuthUserId = PortalUtil.getDigestAuthUserId(request);
            if (digestAuthUserId != 0) {
                authVerifierResult.setState(AuthVerifierResult.State.SUCCESS);
                authVerifierResult.setUserId(digestAuthUserId);
                return authVerifierResult;
            }
            if (MapUtil.getBoolean(accessControlContext.getSettings(), "digest_auth")) {
                HttpServletResponse response = accessControlContext.getResponse();
                String generate = NonceUtil.generate(PortalInstances.getCompanyId(request), request.getRemoteAddr());
                StringBundler stringBundler = new StringBundler(4);
                stringBundler.append(_DIGEST_REALM);
                stringBundler.append(", nonce=\"");
                stringBundler.append(generate);
                stringBundler.append("\"");
                response.setHeader("WWW-Authenticate", stringBundler.toString());
                response.setStatus(401);
                authVerifierResult.setState(AuthVerifierResult.State.INVALID_CREDENTIALS);
            }
            return authVerifierResult;
        } catch (SystemException e) {
            throw new AuthException(e);
        } catch (PortalException e2) {
            throw new AuthException(e2);
        }
    }
}
