package zed.panel.security;

import java.security.SecureRandom;
import java.util.Arrays;
import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.joda.time.LocalDate;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.env.Environment;
import org.springframework.dao.DataAccessException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.codec.Base64;
import org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices;
import org.springframework.security.web.authentication.rememberme.CookieTheftException;
import org.springframework.security.web.authentication.rememberme.InvalidCookieException;
import org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationException;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import zed.panel.domain.PersistentToken;
import zed.panel.repository.PersistentTokenRepository;
import zed.panel.repository.UserRepository;

@Service
/* loaded from: input_file:WEB-INF/classes/zed/panel/security/CustomPersistentRememberMeServices.class */
public class CustomPersistentRememberMeServices extends AbstractRememberMeServices {
    private final Logger log;
    private static final int TOKEN_VALIDITY_DAYS = 31;
    private static final int TOKEN_VALIDITY_SECONDS = 2678400;
    private static final int DEFAULT_SERIES_LENGTH = 16;
    private static final int DEFAULT_TOKEN_LENGTH = 16;
    private SecureRandom random;

    @Inject
    private PersistentTokenRepository persistentTokenRepository;

    @Inject
    private UserRepository userRepository;

    @Inject
    public CustomPersistentRememberMeServices(Environment environment, org.springframework.security.core.userdetails.UserDetailsService userDetailsService) {
        super(environment.getProperty("jhipster.security.rememberme.key"), userDetailsService);
        this.log = LoggerFactory.getLogger((Class<?>) CustomPersistentRememberMeServices.class);
        this.random = new SecureRandom();
    }

    @Override // org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
    @Transactional
    protected UserDetails processAutoLoginCookie(String[] strArr, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        PersistentToken persistentToken = getPersistentToken(strArr);
        String login = persistentToken.getUser().getLogin();
        this.log.debug("Refreshing persistent login token for user '{}', series '{}'", login, persistentToken.getSeries());
        persistentToken.setTokenDate(new LocalDate());
        persistentToken.setTokenValue(generateTokenData());
        persistentToken.setIpAddress(httpServletRequest.getRemoteAddr());
        persistentToken.setUserAgent(httpServletRequest.getHeader("User-Agent"));
        try {
            this.persistentTokenRepository.saveAndFlush(persistentToken);
            addCookie(persistentToken, httpServletRequest, httpServletResponse);
            return getUserDetailsService().loadUserByUsername(login);
        } catch (DataAccessException e) {
            this.log.error("Failed to update token: ", (Throwable) e);
            throw new RememberMeAuthenticationException("Autologin failed due to data access problem", e);
        }
    }

    @Override // org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
    protected void onLoginSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) {
        String name = authentication.getName();
        this.log.debug("Creating new persistent login for user {}", name);
        PersistentToken persistentToken = (PersistentToken) this.userRepository.findOneByLogin(name).map(user -> {
            PersistentToken persistentToken2 = new PersistentToken();
            persistentToken2.setSeries(generateSeriesData());
            persistentToken2.setUser(user);
            persistentToken2.setTokenValue(generateTokenData());
            persistentToken2.setTokenDate(new LocalDate());
            persistentToken2.setIpAddress(httpServletRequest.getRemoteAddr());
            persistentToken2.setUserAgent(httpServletRequest.getHeader("User-Agent"));
            return persistentToken2;
        }).orElseThrow(() -> {
            return new UsernameNotFoundException("User " + name + " was not found in the database");
        });
        try {
            this.persistentTokenRepository.saveAndFlush(persistentToken);
            addCookie(persistentToken, httpServletRequest, httpServletResponse);
        } catch (DataAccessException e) {
            this.log.error("Failed to save persistent token ", (Throwable) e);
        }
    }

    @Override // org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices, org.springframework.security.web.authentication.logout.LogoutHandler
    @Transactional
    public void logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) {
        String extractRememberMeCookie = extractRememberMeCookie(httpServletRequest);
        if (extractRememberMeCookie != null && extractRememberMeCookie.length() != 0) {
            try {
                this.persistentTokenRepository.delete((PersistentTokenRepository) getPersistentToken(decodeCookie(extractRememberMeCookie)));
            } catch (InvalidCookieException unused) {
                this.log.info("Invalid cookie, no persistent token could be deleted");
            } catch (RememberMeAuthenticationException unused2) {
                this.log.debug("No persistent token found, so no token could be deleted");
            }
        }
        super.logout(httpServletRequest, httpServletResponse, authentication);
    }

    private PersistentToken getPersistentToken(String[] strArr) {
        if (strArr.length != 2) {
            throw new InvalidCookieException("Cookie token did not contain 2 tokens, but contained '" + Arrays.asList(strArr) + "'");
        }
        String str = strArr[0];
        String str2 = strArr[1];
        PersistentToken findOne = this.persistentTokenRepository.findOne(str);
        if (findOne == null) {
            throw new RememberMeAuthenticationException("No persistent token found for series id: " + str);
        }
        this.log.info("presentedToken={} / tokenValue={}", str2, findOne.getTokenValue());
        if (!str2.equals(findOne.getTokenValue())) {
            this.persistentTokenRepository.delete((PersistentTokenRepository) findOne);
            throw new CookieTheftException("Invalid remember-me token (Series/token) mismatch. Implies previous cookie theft attack.");
        }
        if (!findOne.getTokenDate().plusDays(31).isBefore(LocalDate.now())) {
            return findOne;
        }
        this.persistentTokenRepository.delete((PersistentTokenRepository) findOne);
        throw new RememberMeAuthenticationException("Remember-me login has expired");
    }

    private String generateSeriesData() {
        byte[] bArr = new byte[16];
        this.random.nextBytes(bArr);
        return new String(Base64.encode(bArr));
    }

    private String generateTokenData() {
        byte[] bArr = new byte[16];
        this.random.nextBytes(bArr);
        return new String(Base64.encode(bArr));
    }

    private void addCookie(PersistentToken persistentToken, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        setCookie(new String[]{persistentToken.getSeries(), persistentToken.getTokenValue()}, TOKEN_VALIDITY_SECONDS, httpServletRequest, httpServletResponse);
    }
}
