package com.expanset.jersey.security;

import com.expanset.common.RememberOptions;
import com.expanset.hk2.security.AbstractCredentials;
import com.expanset.hk2.security.AuthenicationResult;
import com.expanset.hk2.security.AuthenticationManager;
import com.expanset.hk2.security.AuthenticationService;
import com.expanset.hk2.security.TokenCredentials;
import com.expanset.jersey.RememberOptionsInCookie;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.Optional;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.inject.Inject;
import javax.inject.Provider;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.core.Configuration;
import javax.ws.rs.core.Cookie;
import org.apache.commons.lang.Validate;
import org.apache.commons.lang3.StringUtils;
import org.jasypt.encryption.StringEncryptor;
import org.jasypt.encryption.pbe.StandardPBEStringEncryptor;
import org.jasypt.encryption.pbe.config.PBEConfig;
import org.jasypt.encryption.pbe.config.SimpleStringPBEConfig;
import org.jasypt.salt.RandomSaltGenerator;
import org.jvnet.hk2.annotations.Contract;
import org.jvnet.hk2.annotations.Service;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Service
@Contract
/* loaded from: input_file:com/expanset/jersey/security/CookieAuthenticationManager.class */
public class CookieAuthenticationManager implements AuthenticationManager {

    @Inject
    protected Provider<AuthenticationService> authenticationServiceProvider;

    @Inject
    protected Provider<ContainerRequestContext> requestProvider;

    @Inject
    protected Provider<HttpServletResponse> responseProvider;
    protected final String cookieName;
    protected final StringEncryptor encryptor;
    private static final Logger log = LoggerFactory.getLogger(CookieAuthenticationManager.class);

    @Inject
    public CookieAuthenticationManager(Configuration configuration) {
        String str = (String) configuration.getProperty(CookieAuthenticationFeature.COOKIE_NAME);
        str = StringUtils.isEmpty(str) ? CookieAuthenticationFeature.COOKIE_NAME_DEFAULT : str;
        StringEncryptor stringEncryptor = (StringEncryptor) configuration.getProperty(CookieAuthenticationFeature.ENCRYPTOR);
        stringEncryptor = stringEncryptor == null ? createDefaultEncryptor(configuration) : stringEncryptor;
        this.cookieName = str;
        this.encryptor = stringEncryptor;
    }

    public void authenticateCurrentRequest() {
        ContainerRequestContext containerRequestContext = (ContainerRequestContext) this.requestProvider.get();
        Cookie cookie = (Cookie) containerRequestContext.getCookies().get(this.cookieName);
        String value = cookie != null ? cookie.getValue() : "";
        if (StringUtils.isEmpty(value)) {
            return;
        }
        try {
            String[] split = StringUtils.split(this.encryptor.decrypt(value), (char) 0);
            if (split.length != 2) {
                log.error("Authentication cookie invalid format, parts: {}", Integer.valueOf(split.length));
                return;
            }
            try {
                TokenCredentials tokenCredentials = new TokenCredentials(new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSSZ").parse(split[0]), split[1], StringUtils.endsWithIgnoreCase("https", containerRequestContext.getUriInfo().getRequestUri().getScheme()));
                Optional authenticate = ((AuthenticationService) this.authenticationServiceProvider.get()).authenticate(tokenCredentials);
                if (authenticate.isPresent()) {
                    containerRequestContext.setSecurityContext(new DefaultSecurityContext("FORM", (AuthenicationResult) authenticate.get(), tokenCredentials.isSecure()));
                }
            } catch (Throwable th) {
                log.error("Parse data error, string: {}", split[0]);
            }
        } catch (Throwable th2) {
            log.error("Decrypt authentication cookie error", th2);
        }
    }

    public void saveAuthentication(@Nonnull AbstractCredentials abstractCredentials, @Nullable RememberOptions rememberOptions) {
        Validate.notNull(abstractCredentials, "credentials");
        javax.servlet.http.Cookie cookie = new javax.servlet.http.Cookie(this.cookieName, this.encryptor.encrypt(new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSSZ").format(new Date()) + "��" + (abstractCredentials instanceof TokenCredentials ? ((TokenCredentials) abstractCredentials).getToken() : abstractCredentials.toString())));
        RememberOptionsInCookie.convert(rememberOptions).setupCookie((ContainerRequestContext) this.requestProvider.get(), cookie);
        cookie.setHttpOnly(true);
        ((HttpServletResponse) this.responseProvider.get()).addCookie(cookie);
    }

    public void removeAuthentication(@Nullable RememberOptions rememberOptions) {
        javax.servlet.http.Cookie cookie = new javax.servlet.http.Cookie(this.cookieName, "");
        RememberOptionsInCookie.convert(rememberOptions).setupCookie((ContainerRequestContext) this.requestProvider.get(), cookie);
        cookie.setMaxAge(0);
        cookie.setSecure(false);
        cookie.setHttpOnly(true);
        ((HttpServletResponse) this.responseProvider.get()).addCookie(cookie);
    }

    protected static StringEncryptor createDefaultEncryptor(Configuration configuration) {
        log.trace("Use default encryptor");
        StandardPBEStringEncryptor standardPBEStringEncryptor = new StandardPBEStringEncryptor();
        PBEConfig pBEConfig = (PBEConfig) configuration.getProperty(CookieAuthenticationFeature.ENCRYPTOR_CONFIG);
        if (pBEConfig == null) {
            pBEConfig = createDefaultEncryptorConfig(configuration);
        }
        String str = (String) configuration.getProperty(CookieAuthenticationFeature.ENCRYPTOR_ALGORITHM);
        if (StringUtils.isEmpty(str)) {
            str = CookieAuthenticationFeature.ENCRYPTOR_ALGORITHM_DEFAULT;
        }
        if (StringUtils.isEmpty(pBEConfig.getAlgorithm())) {
            standardPBEStringEncryptor.setAlgorithm(str);
            log.trace("Default encryptor algorithm: {}", str);
        }
        standardPBEStringEncryptor.setConfig(pBEConfig);
        return standardPBEStringEncryptor;
    }

    protected static PBEConfig createDefaultEncryptorConfig(Configuration configuration) {
        log.trace("Use default encryptor config");
        SimpleStringPBEConfig simpleStringPBEConfig = new SimpleStringPBEConfig();
        simpleStringPBEConfig.setSaltGenerator(new RandomSaltGenerator());
        String str = (String) configuration.getProperty(CookieAuthenticationFeature.ENCRYPTOR_PASSWORD);
        if (StringUtils.isEmpty(str)) {
            throw new IllegalStateException("Property CookieAuthenticationFeature.ENCRYPTOR_PASSWORD must be filled");
        }
        simpleStringPBEConfig.setPassword(str);
        return simpleStringPBEConfig;
    }
}
