package net.tokensmith.otter.security.session.between;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectWriter;
import java.io.ByteArrayOutputStream;
import net.tokensmith.otter.config.CookieConfig;
import net.tokensmith.otter.controller.entity.Cookie;
import net.tokensmith.otter.controller.entity.StatusCode;
import net.tokensmith.otter.controller.entity.request.Request;
import net.tokensmith.otter.controller.entity.response.Response;
import net.tokensmith.otter.router.entity.Method;
import net.tokensmith.otter.router.entity.between.Between;
import net.tokensmith.otter.router.exception.HaltException;
import net.tokensmith.otter.security.session.between.exception.EncryptSessionException;
import org.rootservices.jwt.builder.compact.EncryptedCompactBuilder;
import org.rootservices.jwt.builder.exception.CompactException;
import org.rootservices.jwt.entity.jwe.EncryptionAlgorithm;
import org.rootservices.jwt.entity.jwk.SymmetricKey;
import org.rootservices.jwt.entity.jwt.header.Algorithm;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/tokensmith/otter/security/session/between/EncryptSession.class */
public class EncryptSession<S, U> implements Between<S, U> {
    public static final String NOT_ENCRYPTING = "Not re-encrypting session cookie";
    public static final String COULD_NOT_ENCRYPT_SESSION = "Could not encrypt session cookie";
    protected static Logger LOGGER = LoggerFactory.getLogger(EncryptSession.class);
    private CookieConfig cookieConfig;
    private SymmetricKey preferredKey;
    private ObjectWriter objectWriter;

    public EncryptSession(CookieConfig cookieConfig, SymmetricKey symmetricKey, ObjectWriter objectWriter) {
        this.cookieConfig = cookieConfig;
        this.preferredKey = symmetricKey;
        this.objectWriter = objectWriter;
    }

    @Override // net.tokensmith.otter.router.entity.between.Between
    public void process(Method method, Request<S, U> request, Response<S> response) throws HaltException {
        if (!shouldEncrypt(request, response).booleanValue()) {
            LOGGER.debug(NOT_ENCRYPTING);
            return;
        }
        try {
            ByteArrayOutputStream encrypt = encrypt(response.getSession().get());
            Cookie cookie = new Cookie();
            cookie.setName(this.cookieConfig.getName());
            cookie.setMaxAge(this.cookieConfig.getAge().intValue());
            cookie.setSecure(this.cookieConfig.getSecure().booleanValue());
            cookie.setHttpOnly(this.cookieConfig.getHttpOnly().booleanValue());
            cookie.setValue(encrypt.toString());
            response.getCookies().put(this.cookieConfig.getName(), cookie);
        } catch (EncryptSessionException e) {
            LOGGER.error(e.getMessage(), e);
            onHalt(new HaltException(COULD_NOT_ENCRYPT_SESSION, e), response);
            throw new HaltException(COULD_NOT_ENCRYPT_SESSION, e);
        }
    }

    protected void onHalt(HaltException haltException, Response response) {
        response.setStatusCode(StatusCode.SERVER_ERROR);
    }

    protected Boolean shouldEncrypt(Request<S, U> request, Response<S> response) {
        return (request.getSession().isPresent() && response.getSession().isPresent()) ? !response.getSession().get().equals(request.getSession().get()) : response.getSession().isPresent();
    }

    protected ByteArrayOutputStream encrypt(S s) throws EncryptSessionException {
        try {
            try {
                return new EncryptedCompactBuilder().encAlg(EncryptionAlgorithm.AES_GCM_256).alg(Algorithm.DIRECT).payload(this.objectWriter.writeValueAsBytes(s)).cek(this.preferredKey).build();
            } catch (CompactException e) {
                throw new EncryptSessionException(e.getMessage(), e);
            }
        } catch (JsonProcessingException e2) {
            throw new EncryptSessionException(e2.getMessage(), e2);
        }
    }

    public CookieConfig getCookieConfig() {
        return this.cookieConfig;
    }

    public void setCookieConfig(CookieConfig cookieConfig) {
        this.cookieConfig = cookieConfig;
    }

    public SymmetricKey getPreferredKey() {
        return this.preferredKey;
    }

    public void setPreferredKey(SymmetricKey symmetricKey) {
        this.preferredKey = symmetricKey;
    }
}
