package com.ohadr.authentication.token;

import com.ohadr.authentication.config.AuthProperties;
import com.ohadr.authentication.token.interfaces.UsernameTranslationService;
import java.util.Date;
import java.util.UUID;
import org.apache.log4j.Logger;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken;
import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
import org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.common.exceptions.InvalidGrantException;
import org.springframework.security.oauth2.common.exceptions.InvalidTokenException;
import org.springframework.security.oauth2.provider.AuthorizationRequest;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
import org.springframework.security.oauth2.provider.token.InMemoryTokenStore;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.stereotype.Component;
import org.springframework.util.Assert;

@Component("myAuthorizationServerTokenServices")
/* loaded from: input_file:com/ohadr/authentication/token/OAuth2TokenServices.class */
public class OAuth2TokenServices implements AuthorizationServerTokenServices, InitializingBean {
    private static final Logger log = Logger.getLogger(OAuth2TokenServices.class);
    private static final String TOKEN_TYPE = "Bearer";

    @Autowired
    private AuthProperties authProperties;

    @Autowired
    private SignedTokenGenerator signedTokenGenerator;
    private TokenStore tokenStore = new InMemoryTokenStore();

    @Autowired
    private UsernameTranslationService usernameTranslationService;

    public void afterPropertiesSet() throws Exception {
        Assert.notNull(this.tokenStore, "tokenStore must be set");
        Assert.notNull(this.usernameTranslationService, "usernameTranslationService must be set");
    }

    public OAuth2AccessToken createAccessToken(OAuth2Authentication oAuth2Authentication) throws AuthenticationException {
        log.info("authentication-provider is creating token");
        int tokenTimeToLive = this.authProperties.getTokenTimeToLive();
        try {
            String generateToken = this.signedTokenGenerator.generateToken(this.usernameTranslationService.getUsernameFromAuthentication(oAuth2Authentication), this.authProperties.getTokenIssuer(), null, null, tokenTimeToLive);
            log.info("the generated token: " + generateToken);
            DefaultOAuth2AccessToken defaultOAuth2AccessToken = new DefaultOAuth2AccessToken(generateToken);
            defaultOAuth2AccessToken.setExpiration(new Date(new Date().getTime() + (tokenTimeToLive * 1000)));
            defaultOAuth2AccessToken.setTokenType(TOKEN_TYPE);
            defaultOAuth2AccessToken.setRefreshToken(createRefreshToken(oAuth2Authentication));
            return defaultOAuth2AccessToken;
        } catch (Exception e) {
            throw new InvalidTokenException("Token generation failed", e);
        }
    }

    public OAuth2AccessToken refreshAccessToken(String str, AuthorizationRequest authorizationRequest) throws AuthenticationException {
        log.info("authentication-provider is refreshing token");
        ExpiringOAuth2RefreshToken expiringOAuth2RefreshToken = (ExpiringOAuth2RefreshToken) this.tokenStore.readRefreshToken(str);
        if (expiringOAuth2RefreshToken == null) {
            throw new InvalidGrantException("Invalid refresh token: " + str);
        }
        if (isExpired(expiringOAuth2RefreshToken)) {
            this.tokenStore.removeRefreshToken(expiringOAuth2RefreshToken);
            throw new InvalidGrantException("Invalid refresh token: " + expiringOAuth2RefreshToken);
        }
        OAuth2Authentication readAuthenticationForRefreshToken = this.tokenStore.readAuthenticationForRefreshToken(expiringOAuth2RefreshToken);
        this.tokenStore.removeRefreshToken(expiringOAuth2RefreshToken);
        return createAccessToken(readAuthenticationForRefreshToken);
    }

    private ExpiringOAuth2RefreshToken createRefreshToken(OAuth2Authentication oAuth2Authentication) {
        DefaultExpiringOAuth2RefreshToken defaultExpiringOAuth2RefreshToken = new DefaultExpiringOAuth2RefreshToken(UUID.randomUUID().toString(), new Date(System.currentTimeMillis() + (this.authProperties.getRefreshTokenTimeToLive() * 1000)));
        this.tokenStore.storeRefreshToken(defaultExpiringOAuth2RefreshToken, oAuth2Authentication);
        return defaultExpiringOAuth2RefreshToken;
    }

    protected boolean isExpired(ExpiringOAuth2RefreshToken expiringOAuth2RefreshToken) {
        return expiringOAuth2RefreshToken.getExpiration() == null || System.currentTimeMillis() > expiringOAuth2RefreshToken.getExpiration().getTime();
    }

    public void setTokenStore(TokenStore tokenStore) {
        this.tokenStore = tokenStore;
    }

    public OAuth2AccessToken getAccessToken(OAuth2Authentication oAuth2Authentication) {
        return createAccessToken(oAuth2Authentication);
    }

    public void setUsernameTranslationService(UsernameTranslationService usernameTranslationService) {
        this.usernameTranslationService = usernameTranslationService;
    }

    public UsernameTranslationService getUsernameTranslationService() {
        return this.usernameTranslationService;
    }
}
