package org.apache.cxf.rs.security.oauth2.grants.code;

import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.crypto.SecretKey;
import org.apache.cxf.rs.security.oauth2.common.Client;
import org.apache.cxf.rs.security.oauth2.common.UserSubject;
import org.apache.cxf.rs.security.oauth2.provider.DefaultEncryptingOAuthDataProvider;
import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
import org.apache.cxf.rs.security.oauth2.utils.crypto.ModelEncryptionSupport;
import org.apache.cxf.rt.security.crypto.KeyProperties;

/* loaded from: input_file:lib/cxf-rt-rs-security-oauth2-3.4.3.jar:org/apache/cxf/rs/security/oauth2/grants/code/DefaultEncryptingCodeDataProvider.class */
public class DefaultEncryptingCodeDataProvider extends DefaultEncryptingOAuthDataProvider implements AuthorizationCodeDataProvider {
    private long grantLifetime;
    private Set<String> grants;

    public DefaultEncryptingCodeDataProvider(String str, int i) {
        super(str, i);
        this.grants = Collections.synchronizedSet(new HashSet());
    }

    public DefaultEncryptingCodeDataProvider(KeyProperties keyProperties) {
        super(keyProperties);
        this.grants = Collections.synchronizedSet(new HashSet());
    }

    public DefaultEncryptingCodeDataProvider(SecretKey secretKey) {
        super(secretKey);
        this.grants = Collections.synchronizedSet(new HashSet());
    }

    @Override // org.apache.cxf.rs.security.oauth2.provider.AbstractOAuthDataProvider, org.apache.cxf.rs.security.oauth2.provider.ClientRegistrationProvider
    public Client removeClient(String str) {
        Client removeClient = super.removeClient(str);
        removeClientCodeGrants(removeClient);
        return removeClient;
    }

    protected void removeClientCodeGrants(Client client) {
        Iterator<ServerAuthorizationCodeGrant> it = getCodeGrants(client, null).iterator();
        while (it.hasNext()) {
            removeCodeGrant(it.next().getCode());
        }
    }

    @Override // org.apache.cxf.rs.security.oauth2.grants.code.AuthorizationCodeDataProvider
    public ServerAuthorizationCodeGrant createCodeGrant(AuthorizationCodeRegistration authorizationCodeRegistration) throws OAuthServiceException {
        ServerAuthorizationCodeGrant doCreateCodeGrant = doCreateCodeGrant(authorizationCodeRegistration);
        saveAuthorizationGrant(doCreateCodeGrant);
        return doCreateCodeGrant;
    }

    @Override // org.apache.cxf.rs.security.oauth2.grants.code.AuthorizationCodeDataProvider
    public List<ServerAuthorizationCodeGrant> getCodeGrants(Client client, UserSubject userSubject) {
        ArrayList arrayList = new ArrayList(this.grants.size());
        Iterator<String> it = this.grants.iterator();
        while (it.hasNext()) {
            ServerAuthorizationCodeGrant codeGrant = getCodeGrant(it.next());
            if (client == null || codeGrant.getClient().getClientId().equals(client.getClientId())) {
                UserSubject subject = codeGrant.getSubject();
                if (userSubject == null || (subject != null && subject.getLogin().equals(userSubject.getLogin()))) {
                    arrayList.add(codeGrant);
                }
            }
        }
        return arrayList;
    }

    @Override // org.apache.cxf.rs.security.oauth2.grants.code.AuthorizationCodeDataProvider
    public ServerAuthorizationCodeGrant removeCodeGrant(String str) throws OAuthServiceException {
        this.grants.remove(str);
        return ModelEncryptionSupport.decryptCodeGrant(this, str, this.key);
    }

    public ServerAuthorizationCodeGrant getCodeGrant(String str) throws OAuthServiceException {
        ServerAuthorizationCodeGrant decryptCodeGrant = ModelEncryptionSupport.decryptCodeGrant(this, str, this.key);
        if (decryptCodeGrant != null) {
            this.grants.remove(str);
        }
        return decryptCodeGrant;
    }

    protected ServerAuthorizationCodeGrant doCreateCodeGrant(AuthorizationCodeRegistration authorizationCodeRegistration) throws OAuthServiceException {
        return AbstractCodeDataProvider.initCodeGrant(authorizationCodeRegistration, this.grantLifetime);
    }

    protected List<String> getApprovedScopes(AuthorizationCodeRegistration authorizationCodeRegistration) {
        return authorizationCodeRegistration.getApprovedScope();
    }

    protected String getCode(AuthorizationCodeRegistration authorizationCodeRegistration) {
        return OAuthUtils.generateRandomTokenKey();
    }

    public long getGrantLifetime() {
        return this.grantLifetime;
    }

    public void setGrantLifetime(long j) {
        this.grantLifetime = j;
    }

    protected long getIssuedAt() {
        return OAuthUtils.getIssuedAt();
    }

    protected void saveAuthorizationGrant(ServerAuthorizationCodeGrant serverAuthorizationCodeGrant) {
        String encryptCodeGrant = ModelEncryptionSupport.encryptCodeGrant(serverAuthorizationCodeGrant, this.key);
        serverAuthorizationCodeGrant.setCode(encryptCodeGrant);
        this.grants.add(encryptCodeGrant);
    }
}
