package org.apache.cxf.rs.security.oauth2.tokens.hawk;

import org.apache.cxf.common.util.StringUtils;
import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;

/* loaded from: input_file:lib/cxf-shade-8.0.16.jar:org/apache/cxf/rs/security/oauth2/tokens/hawk/NonceVerifierImpl.class */
public class NonceVerifierImpl implements NonceVerifier {
    private NonceStore nonceStore;
    private long allowedWindow;

    @Override // org.apache.cxf.rs.security.oauth2.tokens.hawk.NonceVerifier
    public void verifyNonce(String str, String str2, String str3) throws OAuthServiceException {
        if (StringUtils.isEmpty(str2) || StringUtils.isEmpty(str3)) {
            throw new OAuthServiceException("Nonce or timestamp is not available");
        }
        long currentTimeMillis = System.currentTimeMillis();
        long parseLong = Long.parseLong(str3);
        NonceHistory nonceHistory = this.nonceStore.getNonceHistory(str);
        Nonce nonce = new Nonce(str2, parseLong);
        if (nonceHistory == null) {
            this.nonceStore.initNonceHistory(str, nonce, currentTimeMillis - parseLong);
        } else {
            checkAdjustedRequestTime(currentTimeMillis, parseLong, nonceHistory);
            if (!nonceHistory.addNonce(nonce)) {
                throw new OAuthServiceException("Duplicate nonce");
            }
        }
    }

    private void checkAdjustedRequestTime(long j, long j2, NonceHistory nonceHistory) {
        if (Math.abs(j - (j2 + nonceHistory.getRequestTimeDelta())) > this.allowedWindow) {
            throw new OAuthServiceException("Timestamp is invalid");
        }
    }

    public void setAllowedWindow(long j) {
        this.allowedWindow = j;
    }

    public void setNonceStore(NonceStore nonceStore) {
        this.nonceStore = nonceStore;
    }
}
