package net.takela.common.security.service;

import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.Base64;
import java.util.Date;
import net.takela.common.security.model.AuthUser;
import net.takela.common.security.model.UserAuthToken;
import org.springframework.core.log.LogMessage;
import org.springframework.security.authentication.RememberMeAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices;
import org.springframework.security.web.authentication.rememberme.CookieTheftException;
import org.springframework.security.web.authentication.rememberme.InvalidCookieException;
import org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationException;
import org.springframework.util.Assert;

/* loaded from: input_file:net/takela/common/security/service/TokenRememberServiceImpl.class */
public class TokenRememberServiceImpl extends AbstractRememberMeServices {
    private UserAuthTokenService userAuthTokenService;
    private SecureRandom random;
    public static final int DEFAULT_SERIES_LENGTH = 16;
    public static final int DEFAULT_TOKEN_LENGTH = 16;
    private int seriesLength;
    private int tokenLength;

    public TokenRememberServiceImpl(String str, UserDetailsService userDetailsService, UserAuthTokenService userAuthTokenService) {
        super(str, userDetailsService);
        this.seriesLength = 16;
        this.tokenLength = 16;
        setAlwaysRemember(true);
        this.random = new SecureRandom();
        this.userAuthTokenService = userAuthTokenService;
    }

    protected UserDetails processAutoLoginCookie(String[] strArr, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (strArr.length != 2) {
            throw new InvalidCookieException("Cookie token did not contain 2 tokens, but contained '" + Arrays.asList(strArr) + "'");
        }
        String str = strArr[0];
        String str2 = strArr[1];
        UserAuthToken tokenByClientId = this.userAuthTokenService.getTokenByClientId(str);
        if (tokenByClientId == null) {
            throw new RememberMeAuthenticationException("No persistent token found for series id: " + str);
        }
        if (!str2.equals(tokenByClientId.getToken())) {
            this.userAuthTokenService.removeToken(tokenByClientId.getUid());
            throw new CookieTheftException(this.messages.getMessage("PersistentTokenBasedRememberMeServices.cookieStolen", "Invalid remember-me token (Series/token) mismatch. Implies previous cookie theft attack."));
        }
        if (tokenByClientId.getUpdateTime().getTime() + (getTokenValiditySeconds() * 1000) < System.currentTimeMillis()) {
            throw new RememberMeAuthenticationException("Remember-me login has expired");
        }
        this.logger.debug(LogMessage.format("Refreshing persistent login token for user '%s', series '%s'", tokenByClientId.getUid(), tokenByClientId.getClientId()));
        UserAuthToken userAuthToken = new UserAuthToken();
        userAuthToken.setUid(tokenByClientId.getUid());
        userAuthToken.setClientId(tokenByClientId.getClientId());
        userAuthToken.setToken(generateTokenData());
        userAuthToken.setUpdateTime(new Date());
        try {
            this.userAuthTokenService.updateToken(userAuthToken);
            addCookie(userAuthToken, httpServletRequest, httpServletResponse);
            return ((UserDetailServiceImpl) getUserDetailsService()).loadUserByUid(tokenByClientId.getUid());
        } catch (Exception e) {
            this.logger.error("Failed to update token: ", e);
            throw new RememberMeAuthenticationException("Autologin failed due to data access problem");
        }
    }

    protected Authentication createSuccessfulAuthentication(HttpServletRequest httpServletRequest, UserDetails userDetails) {
        return new RememberMeAuthenticationToken(getKey(), userDetails, userDetails.getAuthorities());
    }

    protected void onLoginSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) {
        String name = authentication.getName();
        AuthUser authUser = (AuthUser) authentication.getPrincipal();
        UserAuthToken userAuthToken = new UserAuthToken();
        userAuthToken.setUid(authUser.getUid());
        userAuthToken.setClientId(generateSeriesData());
        userAuthToken.setToken(generateTokenData());
        userAuthToken.setUpdateTime(new Date());
        this.logger.debug(LogMessage.format("Creating new persistent login for user %s", name));
        try {
            this.userAuthTokenService.addToken(userAuthToken);
            addCookie(userAuthToken, httpServletRequest, httpServletResponse);
        } catch (Exception e) {
            this.logger.error("Failed to save persistent token ", e);
        }
    }

    public void logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) {
        super.logout(httpServletRequest, httpServletResponse, authentication);
        if (authentication != null) {
            this.userAuthTokenService.removeToken(((AuthUser) authentication.getDetails()).getUid());
        }
    }

    protected String generateSeriesData() {
        byte[] bArr = new byte[this.seriesLength];
        this.random.nextBytes(bArr);
        return new String(Base64.getEncoder().encode(bArr));
    }

    protected String generateTokenData() {
        byte[] bArr = new byte[this.tokenLength];
        this.random.nextBytes(bArr);
        return new String(Base64.getEncoder().encode(bArr));
    }

    private void addCookie(UserAuthToken userAuthToken, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        setCookie(new String[]{userAuthToken.getClientId(), userAuthToken.getToken()}, getTokenValiditySeconds(), httpServletRequest, httpServletResponse);
    }

    public void setSeriesLength(int i) {
        this.seriesLength = i;
    }

    public void setTokenLength(int i) {
        this.tokenLength = i;
    }

    public void setTokenValiditySeconds(int i) {
        Assert.isTrue(i > 0, "tokenValiditySeconds must be positive for this implementation");
        super.setTokenValiditySeconds(i);
    }
}
