package org.apereo.cas.trusted.authentication.storage;

import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.File;
import java.io.InputStreamReader;
import java.io.Serializable;
import java.nio.charset.StandardCharsets;
import java.time.ZonedDateTime;
import java.util.LinkedHashMap;
import java.util.LinkedHashSet;
import java.util.Map;
import java.util.Set;
import java.util.TreeSet;
import java.util.stream.Collectors;
import lombok.Generated;
import org.apereo.cas.configuration.model.support.mfa.TrustedDevicesMultifactorProperties;
import org.apereo.cas.trusted.authentication.api.MultifactorAuthenticationTrustRecord;
import org.apereo.cas.trusted.authentication.api.MultifactorAuthenticationTrustRecordKeyGenerator;
import org.apereo.cas.util.DateTimeUtils;
import org.apereo.cas.util.ResourceUtils;
import org.apereo.cas.util.crypto.CipherExecutor;
import org.hjson.JsonValue;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.io.Resource;

/* loaded from: input_file:org/apereo/cas/trusted/authentication/storage/JsonMultifactorAuthenticationTrustStorage.class */
public class JsonMultifactorAuthenticationTrustStorage extends BaseMultifactorAuthenticationTrustStorage {
    private static final int MAP_SIZE = 8;
    private final Resource location;
    private Map<String, MultifactorAuthenticationTrustRecord> storage;

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(JsonMultifactorAuthenticationTrustStorage.class);
    private static final ObjectMapper MAPPER = new ObjectMapper().findAndRegisterModules();

    public JsonMultifactorAuthenticationTrustStorage(TrustedDevicesMultifactorProperties trustedDevicesMultifactorProperties, CipherExecutor<Serializable, String> cipherExecutor, Resource resource, MultifactorAuthenticationTrustRecordKeyGenerator multifactorAuthenticationTrustRecordKeyGenerator) {
        super(trustedDevicesMultifactorProperties, cipherExecutor, multifactorAuthenticationTrustRecordKeyGenerator);
        this.location = resource;
        readTrustedRecordsFromResource();
    }

    @Override // org.apereo.cas.trusted.authentication.api.MultifactorAuthenticationTrustStorage
    public void remove(String str) {
        this.storage.keySet().removeIf(str2 -> {
            return str2.equalsIgnoreCase(str);
        });
        writeTrustedRecordsToResource();
    }

    @Override // org.apereo.cas.trusted.authentication.api.MultifactorAuthenticationTrustStorage
    public void remove(ZonedDateTime zonedDateTime) {
        LinkedHashSet linkedHashSet = (LinkedHashSet) this.storage.values().stream().filter(multifactorAuthenticationTrustRecord -> {
            return multifactorAuthenticationTrustRecord.getExpirationDate() != null;
        }).filter(multifactorAuthenticationTrustRecord2 -> {
            return DateTimeUtils.dateOf(zonedDateTime).compareTo(multifactorAuthenticationTrustRecord2.getExpirationDate()) >= 0;
        }).sorted().collect(Collectors.toCollection(LinkedHashSet::new));
        LOGGER.info("Found [{}] expired trusted-device records", Integer.valueOf(linkedHashSet.size()));
        if (linkedHashSet.isEmpty()) {
            return;
        }
        linkedHashSet.forEach(multifactorAuthenticationTrustRecord3 -> {
            this.storage.remove(multifactorAuthenticationTrustRecord3.getRecordKey());
        });
        LOGGER.info("Invalidated and removed [{}] expired records", Integer.valueOf(linkedHashSet.size()));
        writeTrustedRecordsToResource();
    }

    @Override // org.apereo.cas.trusted.authentication.api.MultifactorAuthenticationTrustStorage
    public Set<? extends MultifactorAuthenticationTrustRecord> getAll() {
        remove();
        return new TreeSet(this.storage.values());
    }

    @Override // org.apereo.cas.trusted.authentication.api.MultifactorAuthenticationTrustStorage
    public MultifactorAuthenticationTrustRecord get(long j) {
        remove();
        return this.storage.values().stream().filter(multifactorAuthenticationTrustRecord -> {
            return multifactorAuthenticationTrustRecord.getId() == j;
        }).sorted().findFirst().orElse(null);
    }

    @Override // org.apereo.cas.trusted.authentication.api.MultifactorAuthenticationTrustStorage
    public Set<? extends MultifactorAuthenticationTrustRecord> get(ZonedDateTime zonedDateTime) {
        remove();
        return (Set) this.storage.values().stream().filter(multifactorAuthenticationTrustRecord -> {
            return multifactorAuthenticationTrustRecord.getRecordDate().isEqual(zonedDateTime) || multifactorAuthenticationTrustRecord.getRecordDate().isAfter(zonedDateTime);
        }).sorted().collect(Collectors.toCollection(LinkedHashSet::new));
    }

    @Override // org.apereo.cas.trusted.authentication.api.MultifactorAuthenticationTrustStorage
    public Set<? extends MultifactorAuthenticationTrustRecord> get(String str) {
        remove();
        return (Set) this.storage.values().stream().filter(multifactorAuthenticationTrustRecord -> {
            return multifactorAuthenticationTrustRecord.getPrincipal().equalsIgnoreCase(str);
        }).sorted().collect(Collectors.toCollection(LinkedHashSet::new));
    }

    @Override // org.apereo.cas.trusted.authentication.storage.BaseMultifactorAuthenticationTrustStorage
    public MultifactorAuthenticationTrustRecord saveInternal(MultifactorAuthenticationTrustRecord multifactorAuthenticationTrustRecord) {
        this.storage.put(multifactorAuthenticationTrustRecord.getRecordKey(), multifactorAuthenticationTrustRecord);
        writeTrustedRecordsToResource();
        return multifactorAuthenticationTrustRecord;
    }

    private void readTrustedRecordsFromResource() {
        this.storage = new LinkedHashMap(MAP_SIZE);
        if (ResourceUtils.doesResourceExist(this.location)) {
            InputStreamReader inputStreamReader = new InputStreamReader(this.location.getInputStream(), StandardCharsets.UTF_8);
            try {
                this.storage = (Map) MAPPER.readValue(JsonValue.readHjson(inputStreamReader).toString(), new TypeReference<Map<String, MultifactorAuthenticationTrustRecord>>() { // from class: org.apereo.cas.trusted.authentication.storage.JsonMultifactorAuthenticationTrustStorage.1
                });
                inputStreamReader.close();
            } finally {
            }
        }
    }

    private void writeTrustedRecordsToResource() {
        File file = this.location.getFile();
        if (file.createNewFile()) {
            LOGGER.debug("Created JSON resource @ [{}]", this.location);
        }
        MAPPER.writerWithDefaultPrettyPrinter().writeValue(file, this.storage);
        readTrustedRecordsFromResource();
    }
}
