package ca.carleton.gcrc.auth.cookie.impl;

import ca.carleton.gcrc.auth.common.User;
import ca.carleton.gcrc.auth.common.UserRepository;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.security.MessageDigest;
import java.util.Date;
import org.apache.commons.codec.binary.Base64;

/* loaded from: input_file:WEB-INF/lib/nunaliit2-auth-cookie-2.0.3.jar:ca/carleton/gcrc/auth/cookie/impl/CookieAuthentication.class */
public class CookieAuthentication {
    private static byte[] nonce = {111, 108, 107, 105, 116, 45, 97, 117, 116, 104};
    protected static byte[] secret = null;

    private static synchronized byte[] getSecret() throws Exception {
        if (null == secret) {
            long time = new Date().getTime();
            byte[] bArr = {(byte) ((time >> 0) & 255), (byte) ((time >> 8) & 255), (byte) ((time >> 16) & 255), (byte) ((time >> 24) & 255), (byte) ((time >> 32) & 255), (byte) ((time >> 40) & 255), (byte) ((time >> 48) & 255), (byte) ((time >> 56) & 255)};
            MessageDigest messageDigest = MessageDigest.getInstance("SHA");
            messageDigest.update(nonce);
            messageDigest.update(bArr);
            secret = messageDigest.digest();
        }
        return secret;
    }

    public static String createAuthToken(User user) throws Exception {
        int id = user.getId();
        byte[] bArr = {(byte) (id & 255), (byte) ((id >> 8) & 255), (byte) ((id >> 16) & 255), (byte) ((id >> 24) & 255)};
        MessageDigest messageDigest = MessageDigest.getInstance("SHA");
        messageDigest.update(getSecret());
        messageDigest.update(bArr);
        return new String(Base64.encodeBase64(messageDigest.digest()));
    }

    public static void verifyAuthToken(User user, String str) throws Exception {
        String createAuthToken = createAuthToken(user);
        if (false == createAuthToken.equals(str)) {
            throw new Exception("Invalid authentication token for user: " + user.getId() + " " + str + "*" + createAuthToken);
        }
    }

    public static String computeCookieString(User user) throws Exception {
        StringWriter stringWriter = new StringWriter();
        PrintWriter printWriter = new PrintWriter(stringWriter);
        printWriter.print("0|");
        printWriter.print(user.getId());
        printWriter.print("|");
        printWriter.print(createAuthToken(user));
        printWriter.flush();
        return URLEncoder.encode(stringWriter.toString(), "UTF-8");
    }

    public static User verifyCookieString(UserRepository userRepository, String str) throws Exception {
        String[] split = URLDecoder.decode(str, "UTF-8").split("\\|");
        if (3 != split.length) {
            throw new Exception("Unrecognized auth cookie string");
        }
        int parseInt = Integer.parseInt(split[0]);
        int parseInt2 = Integer.parseInt(split[1]);
        String str2 = split[2];
        if (0 != parseInt) {
            throw new Exception("Unknown version of auth cookie string");
        }
        User userFromId = userRepository.userFromId(parseInt2);
        if (null == userFromId) {
            throw new Exception("Can not find user from auth cookie string");
        }
        verifyAuthToken(userFromId, str2);
        return userFromId;
    }
}
