package org.apache.hadoop.gateway.pac4j.session;

import java.io.Serializable;
import org.apache.commons.codec.binary.Base64;
import org.apache.hadoop.gateway.services.security.CryptoService;
import org.apache.hadoop.gateway.services.security.EncryptionResult;
import org.apache.hadoop.gateway.util.Urls;
import org.pac4j.core.context.ContextHelper;
import org.pac4j.core.context.Cookie;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.context.session.SessionStore;
import org.pac4j.core.exception.TechnicalException;
import org.pac4j.core.util.JavaSerializationHelper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/hadoop/gateway/pac4j/session/KnoxSessionStore.class */
public class KnoxSessionStore implements SessionStore {
    private static final Logger logger = LoggerFactory.getLogger(KnoxSessionStore.class);
    public static final String PAC4J_PASSWORD = "pac4j.password";
    public static final String PAC4J_SESSION_PREFIX = "pac4j.session.";
    private final JavaSerializationHelper javaSerializationHelper = new JavaSerializationHelper();
    private final CryptoService cryptoService;
    private final String clusterName;
    private final String domainSuffix;

    public KnoxSessionStore(CryptoService cryptoService, String str, String str2) {
        this.cryptoService = cryptoService;
        this.clusterName = str;
        this.domainSuffix = str2;
    }

    public String getOrCreateSessionId(WebContext webContext) {
        return null;
    }

    private Serializable decryptBase64(String str) {
        if (str == null || str.length() <= 0) {
            return null;
        }
        EncryptionResult fromByteArray = EncryptionResult.fromByteArray(Base64.decodeBase64(str));
        byte[] decryptForCluster = this.cryptoService.decryptForCluster(this.clusterName, PAC4J_PASSWORD, fromByteArray.cipher, fromByteArray.iv, fromByteArray.salt);
        if (decryptForCluster != null) {
            return this.javaSerializationHelper.unserializeFromBytes(decryptForCluster);
        }
        return null;
    }

    public Object get(WebContext webContext, String str) {
        Cookie cookie = ContextHelper.getCookie(webContext, PAC4J_SESSION_PREFIX + str);
        Serializable serializable = null;
        if (cookie != null) {
            serializable = decryptBase64(cookie.getValue());
        }
        logger.debug("Get from session: {} = {}", str, serializable);
        return serializable;
    }

    private String encryptBase64(Object obj) {
        if (obj == null || obj.equals("")) {
            return null;
        }
        return Base64.encodeBase64String(this.cryptoService.encryptForCluster(this.clusterName, PAC4J_PASSWORD, this.javaSerializationHelper.serializeToBytes((Serializable) obj)).toByteAray());
    }

    public void set(WebContext webContext, String str, Object obj) {
        logger.debug("Save in session: {} = {}", str, obj);
        Cookie cookie = new Cookie(PAC4J_SESSION_PREFIX + str, encryptBase64(obj));
        try {
            String domainName = Urls.getDomainName(webContext.getFullRequestURL(), this.domainSuffix);
            if (domainName == null) {
                domainName = webContext.getServerName();
            }
            cookie.setDomain(domainName);
            cookie.setHttpOnly(true);
            cookie.setSecure(ContextHelper.isHttpsOrSecure(webContext));
            webContext.addResponseCookie(cookie);
        } catch (Exception e) {
            throw new TechnicalException(e);
        }
    }
}
