package blackboard.platform.security.authentication.validators;

import blackboard.platform.context.ContextManagerFactory;
import blackboard.platform.log.LogServiceFactory;
import blackboard.platform.security.SecurityUtil;
import blackboard.platform.security.authentication.BbAuthenticationFailedException;
import blackboard.platform.security.authentication.HttpAuthManager;
import blackboard.platform.security.authentication.RDBMSAuthUtil;
import blackboard.platform.security.authentication.SessionStub;
import blackboard.util.StringUtil;

/* loaded from: input_file:blackboard/platform/security/authentication/validators/ChallengeResponsePasswordValidator.class */
public class ChallengeResponsePasswordValidator extends ModernPasswordValidator {
    private final SessionStub _sessionStub;
    private final String _clientResponse;
    private final String _dbUserPass;

    public ChallengeResponsePasswordValidator(SessionStub sessionStub, String str, String str2) {
        this._sessionStub = sessionStub;
        this._clientResponse = str;
        this._dbUserPass = str2;
    }

    @Override // blackboard.platform.security.authentication.validators.AbstractPasswordValidator, blackboard.platform.security.authentication.validators.PasswordValidator
    public boolean validate() throws BbAuthenticationFailedException {
        String str = (String) ContextManagerFactory.getInstance().getContext().getAttribute(HttpAuthManager.CHALLENGE_TOKEN);
        if (StringUtil.isEmpty(str)) {
            str = this._sessionStub.getChallengeToken();
        }
        if (StringUtil.isEmpty(str)) {
            str = RDBMSAuthUtil.loadChallengeToken(this._sessionStub.getSessionKey());
        }
        if (StringUtil.isEmpty(str)) {
            LogServiceFactory.getInstance().getDefaultLog().logDebug("Error processing authentication request: challenge token is empty or null");
            throw new BbAuthenticationFailedException(SecurityUtil.getBundle().getString("auth.impl.invalid.request"));
        }
        StringBuilder sb = new StringBuilder();
        sb.append(this._dbUserPass);
        sb.append(str);
        if (RDBMSAuthUtil.getHashValue(sb.toString()).equalsIgnoreCase(this._clientResponse)) {
            return true;
        }
        return SecurityUtil.getHashValue(sb.toString(), "ISO-8859-1").equalsIgnoreCase(this._clientResponse);
    }
}
