package org.springframework.security.web.authentication.www;

import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Base64;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.core.Ordered;
import org.springframework.core.log.LogMessage;
import org.springframework.http.HttpStatus;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.util.Assert;

/* loaded from: input_file:BOOT-INF/lib/spring-security-web-6.0.0.jar:org/springframework/security/web/authentication/www/DigestAuthenticationEntryPoint.class */
public class DigestAuthenticationEntryPoint implements AuthenticationEntryPoint, InitializingBean, Ordered {
    private static final Log logger = LogFactory.getLog((Class<?>) DigestAuthenticationEntryPoint.class);
    private String key;
    private String realmName;
    private int nonceValiditySeconds = 300;
    private int order = Integer.MAX_VALUE;

    @Override // org.springframework.core.Ordered
    public int getOrder() {
        return this.order;
    }

    public void setOrder(int i) {
        this.order = i;
    }

    @Override // org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() {
        Assert.hasLength(this.realmName, "realmName must be specified");
        Assert.hasLength(this.key, "key must be specified");
    }

    @Override // org.springframework.security.web.AuthenticationEntryPoint
    public void commence(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException {
        long currentTimeMillis = System.currentTimeMillis() + (this.nonceValiditySeconds * 1000);
        String str = this.key;
        DigestAuthUtils.md5Hex(currentTimeMillis + ":" + currentTimeMillis);
        String str2 = "Digest realm=\"" + this.realmName + "\", qop=\"auth\", nonce=\"" + new String(Base64.getEncoder().encode((currentTimeMillis + ":" + currentTimeMillis).getBytes())) + "\"";
        if (authenticationException instanceof NonceExpiredException) {
            str2 = str2 + ", stale=\"true\"";
        }
        logger.debug(LogMessage.format("WWW-Authenticate header sent to user agent: %s", str2));
        httpServletResponse.addHeader("WWW-Authenticate", str2);
        httpServletResponse.sendError(HttpStatus.UNAUTHORIZED.value(), HttpStatus.UNAUTHORIZED.getReasonPhrase());
    }

    public String getKey() {
        return this.key;
    }

    public int getNonceValiditySeconds() {
        return this.nonceValiditySeconds;
    }

    public String getRealmName() {
        return this.realmName;
    }

    public void setKey(String str) {
        this.key = str;
    }

    public void setNonceValiditySeconds(int i) {
        this.nonceValiditySeconds = i;
    }

    public void setRealmName(String str) {
        this.realmName = str;
    }
}
