package org.apereo.cas.trusted.authentication.storage;

import java.io.Serializable;
import java.time.ZonedDateTime;
import java.util.Set;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.configuration.model.support.mfa.TrustedDevicesMultifactorProperties;
import org.apereo.cas.trusted.authentication.api.MultifactorAuthenticationTrustRecord;
import org.apereo.cas.trusted.authentication.api.MultifactorAuthenticationTrustRecordKeyGenerator;
import org.apereo.cas.trusted.authentication.api.MultifactorAuthenticationTrustStorage;
import org.apereo.cas.util.crypto.CipherExecutor;
import org.apereo.inspektr.audit.annotation.Audit;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.transaction.annotation.EnableTransactionManagement;
import org.springframework.transaction.annotation.Transactional;

@Transactional(transactionManager = "transactionManagerMfaAuthnTrust")
@EnableTransactionManagement(proxyTargetClass = true)
/* loaded from: input_file:org/apereo/cas/trusted/authentication/storage/BaseMultifactorAuthenticationTrustStorage.class */
public abstract class BaseMultifactorAuthenticationTrustStorage implements MultifactorAuthenticationTrustStorage {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(BaseMultifactorAuthenticationTrustStorage.class);
    private final TrustedDevicesMultifactorProperties trustedDevicesMultifactorProperties;
    private final CipherExecutor<Serializable, String> cipherExecutor;
    private final MultifactorAuthenticationTrustRecordKeyGenerator keyGenerationStrategy;

    @Override // org.apereo.cas.trusted.authentication.api.MultifactorAuthenticationTrustStorage
    @Audit(action = "TRUSTED_AUTHENTICATION", actionResolverName = "TRUSTED_AUTHENTICATION_ACTION_RESOLVER", resourceResolverName = "TRUSTED_AUTHENTICATION_RESOURCE_RESOLVER")
    public MultifactorAuthenticationTrustRecord save(MultifactorAuthenticationTrustRecord multifactorAuthenticationTrustRecord) {
        if (StringUtils.isBlank(multifactorAuthenticationTrustRecord.getRecordKey())) {
            LOGGER.trace("Generating record key for record [{}]", Long.valueOf(multifactorAuthenticationTrustRecord.getId()));
            multifactorAuthenticationTrustRecord.setRecordKey(generateKey(multifactorAuthenticationTrustRecord));
        }
        LOGGER.debug("Storing authentication trust record for [{}]", multifactorAuthenticationTrustRecord);
        return saveInternal(multifactorAuthenticationTrustRecord);
    }

    @Override // org.apereo.cas.trusted.authentication.api.MultifactorAuthenticationTrustStorage
    public Set<? extends MultifactorAuthenticationTrustRecord> get(String str, ZonedDateTime zonedDateTime) {
        Set<? extends MultifactorAuthenticationTrustRecord> set = get(str);
        set.removeIf(multifactorAuthenticationTrustRecord -> {
            if (multifactorAuthenticationTrustRecord.getRecordDate().isBefore(zonedDateTime)) {
                return true;
            }
            String str2 = (String) this.cipherExecutor.decode(multifactorAuthenticationTrustRecord.getRecordKey());
            return StringUtils.isBlank(str2) || !str2.equals(this.keyGenerationStrategy.generate(multifactorAuthenticationTrustRecord));
        });
        return set;
    }

    protected String generateKey(MultifactorAuthenticationTrustRecord multifactorAuthenticationTrustRecord) {
        return (String) this.cipherExecutor.encode(this.keyGenerationStrategy.generate(multifactorAuthenticationTrustRecord));
    }

    protected abstract MultifactorAuthenticationTrustRecord saveInternal(MultifactorAuthenticationTrustRecord multifactorAuthenticationTrustRecord);

    @Generated
    public String toString() {
        return "BaseMultifactorAuthenticationTrustStorage(trustedDevicesMultifactorProperties=" + this.trustedDevicesMultifactorProperties + ", cipherExecutor=" + this.cipherExecutor + ", keyGenerationStrategy=" + this.keyGenerationStrategy + ")";
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Generated
    public BaseMultifactorAuthenticationTrustStorage(TrustedDevicesMultifactorProperties trustedDevicesMultifactorProperties, CipherExecutor<Serializable, String> cipherExecutor, MultifactorAuthenticationTrustRecordKeyGenerator multifactorAuthenticationTrustRecordKeyGenerator) {
        this.trustedDevicesMultifactorProperties = trustedDevicesMultifactorProperties;
        this.cipherExecutor = cipherExecutor;
        this.keyGenerationStrategy = multifactorAuthenticationTrustRecordKeyGenerator;
    }

    @Generated
    public TrustedDevicesMultifactorProperties getTrustedDevicesMultifactorProperties() {
        return this.trustedDevicesMultifactorProperties;
    }

    @Generated
    public CipherExecutor<Serializable, String> getCipherExecutor() {
        return this.cipherExecutor;
    }

    @Generated
    public MultifactorAuthenticationTrustRecordKeyGenerator getKeyGenerationStrategy() {
        return this.keyGenerationStrategy;
    }
}
