package org.springframework.security.web.authentication.rememberme;

import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.Date;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.codec.Hex;
import org.springframework.security.crypto.codec.Utf8;
import org.springframework.util.StringUtils;

/* loaded from: input_file:WEB-INF/lib/spring-security-web-3.2.8.RELEASE.jar:org/springframework/security/web/authentication/rememberme/TokenBasedRememberMeServices.class */
public class TokenBasedRememberMeServices extends AbstractRememberMeServices {
    @Deprecated
    public TokenBasedRememberMeServices() {
    }

    public TokenBasedRememberMeServices(String str, UserDetailsService userDetailsService) {
        super(str, userDetailsService);
    }

    @Override // org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
    protected UserDetails processAutoLoginCookie(String[] strArr, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (strArr.length != 3) {
            throw new InvalidCookieException("Cookie token did not contain 3 tokens, but contained '" + Arrays.asList(strArr) + "'");
        }
        try {
            long longValue = new Long(strArr[1]).longValue();
            if (isTokenExpired(longValue)) {
                throw new InvalidCookieException("Cookie token[1] has expired (expired on '" + new Date(longValue) + "'; current time is '" + new Date() + "')");
            }
            UserDetails loadUserByUsername = getUserDetailsService().loadUserByUsername(strArr[0]);
            String makeTokenSignature = makeTokenSignature(longValue, loadUserByUsername.getUsername(), loadUserByUsername.getPassword());
            if (equals(makeTokenSignature, strArr[2])) {
                return loadUserByUsername;
            }
            throw new InvalidCookieException("Cookie token[2] contained signature '" + strArr[2] + "' but expected '" + makeTokenSignature + "'");
        } catch (NumberFormatException e) {
            throw new InvalidCookieException("Cookie token[1] did not contain a valid number (contained '" + strArr[1] + "')");
        }
    }

    protected String makeTokenSignature(long j, String str, String str2) {
        try {
            return new String(Hex.encode(MessageDigest.getInstance("MD5").digest((str + ":" + j + ":" + str2 + ":" + getKey()).getBytes())));
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalStateException("No MD5 algorithm available!");
        }
    }

    protected boolean isTokenExpired(long j) {
        return j < System.currentTimeMillis();
    }

    @Override // org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
    public void onLoginSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) {
        String retrieveUserName = retrieveUserName(authentication);
        String retrievePassword = retrievePassword(authentication);
        if (!StringUtils.hasLength(retrieveUserName)) {
            this.logger.debug("Unable to retrieve username");
            return;
        }
        if (!StringUtils.hasLength(retrievePassword)) {
            retrievePassword = getUserDetailsService().loadUserByUsername(retrieveUserName).getPassword();
            if (!StringUtils.hasLength(retrievePassword)) {
                this.logger.debug("Unable to obtain password for user: " + retrieveUserName);
                return;
            }
        }
        int calculateLoginLifetime = calculateLoginLifetime(httpServletRequest, authentication);
        long currentTimeMillis = System.currentTimeMillis() + (1000 * (calculateLoginLifetime < 0 ? AbstractRememberMeServices.TWO_WEEKS_S : calculateLoginLifetime));
        setCookie(new String[]{retrieveUserName, Long.toString(currentTimeMillis), makeTokenSignature(currentTimeMillis, retrieveUserName, retrievePassword)}, calculateLoginLifetime, httpServletRequest, httpServletResponse);
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("Added remember-me cookie for user '" + retrieveUserName + "', expiry: '" + new Date(currentTimeMillis) + "'");
        }
    }

    protected int calculateLoginLifetime(HttpServletRequest httpServletRequest, Authentication authentication) {
        return getTokenValiditySeconds();
    }

    protected String retrieveUserName(Authentication authentication) {
        return isInstanceOfUserDetails(authentication) ? ((UserDetails) authentication.getPrincipal()).getUsername() : authentication.getPrincipal().toString();
    }

    protected String retrievePassword(Authentication authentication) {
        if (isInstanceOfUserDetails(authentication)) {
            return ((UserDetails) authentication.getPrincipal()).getPassword();
        }
        if (authentication.getCredentials() == null) {
            return null;
        }
        return authentication.getCredentials().toString();
    }

    private boolean isInstanceOfUserDetails(Authentication authentication) {
        return authentication.getPrincipal() instanceof UserDetails;
    }

    /* JADX WARN: Multi-variable type inference failed */
    private static boolean equals(String str, String str2) {
        byte[] bytesUtf8 = bytesUtf8(str);
        byte[] bytesUtf82 = bytesUtf8(str2);
        if (bytesUtf8.length != bytesUtf82.length) {
            return false;
        }
        Object[] objArr = false;
        for (int i = 0; i < bytesUtf8.length; i++) {
            objArr = (objArr == true ? 1 : 0) | (bytesUtf8[i] ^ bytesUtf82[i]) ? 1 : 0;
        }
        return objArr == false;
    }

    private static byte[] bytesUtf8(String str) {
        if (str == null) {
            return null;
        }
        return Utf8.encode(str);
    }
}
