package com.adobe.granite.auth.oauth.impl.helper;

import com.adobe.granite.auth.oauth.ProviderConfigProperties;
import com.adobe.granite.crypto.CryptoException;
import com.adobe.granite.crypto.CryptoSupport;
import com.day.crx.security.token.TokenCookie;
import javax.jcr.Node;
import javax.jcr.RepositoryException;
import javax.jcr.Value;
import javax.jcr.ValueFactory;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.jackrabbit.api.security.user.User;
import org.apache.sling.api.resource.Resource;
import org.apache.sling.api.resource.ValueMap;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/adobe/granite/auth/oauth/impl/helper/OauthTokenManager.class */
public class OauthTokenManager {
    private static final String PROPERTY_OAUTH_TOKEN = "oauth.accesstoken.encrypted";
    private CryptoSupport cryptoSupport;
    private int _maxAge;
    private int _loginTimeout;
    private final Logger log = LoggerFactory.getLogger(getClass());
    private String _cookiePath = "/";
    private String _cookieDomain = null;

    public OauthTokenManager(CryptoSupport cryptoSupport, int i, int i2) {
        this._maxAge = 600;
        this._loginTimeout = 60;
        this.cryptoSupport = cryptoSupport;
        this._loginTimeout = i;
        this._maxAge = i2;
    }

    public void setCryptoSupport(CryptoSupport cryptoSupport) {
        this.cryptoSupport = cryptoSupport;
    }

    public void setMaxAge(int i) {
        this._maxAge = i;
    }

    public void setLoginTimeout(int i) {
        this._loginTimeout = i;
    }

    public OAuthToken getToken(String str, HttpServletRequest httpServletRequest) {
        Object attribute = httpServletRequest.getAttribute(str);
        if (attribute instanceof OAuthToken) {
            this.log.debug("token retrieved via request attribute:{}", attribute);
            return (OAuthToken) attribute;
        }
        String cookie = TokenCookie.getCookie(httpServletRequest, str);
        if (cookie == null) {
            this.log.info("token not found in request attribute or cookie for:{}", str);
            return null;
        }
        OAuthToken token = getToken(cookie);
        httpServletRequest.setAttribute(str, token);
        this.log.debug("token retrieved via cookie:{}", token);
        return token;
    }

    public OAuthToken getToken(String str, User user, String str2) throws RepositoryException {
        Value[] property;
        if (!user.hasProperty(str2) || (property = user.getProperty(str2)) == null || property[0] == null) {
            this.log.info("token not found in user:{} for app id:{}", user, str);
            return null;
        }
        OAuthToken token = getToken(property[0].getString());
        this.log.debug("token retrieved from jcr:{}", token);
        return token;
    }

    public OAuthToken getToken(Resource resource) throws RepositoryException {
        return getToken((String) ((ValueMap) resource.adaptTo(ValueMap.class)).get(PROPERTY_OAUTH_TOKEN, String.class));
    }

    private OAuthToken getToken(String str) {
        if (str == null) {
            return null;
        }
        try {
            return OAuthToken.fromJSON(this.cryptoSupport.unprotect(str));
        } catch (CryptoException e) {
            this.log.error("failed decrypting cookie:{}", str);
            return null;
        }
    }

    public boolean saveToken(OAuthToken oAuthToken, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        httpServletRequest.setAttribute(oAuthToken.getCk(), oAuthToken);
        String encryptedTokenString = getEncryptedTokenString(oAuthToken);
        if (encryptedTokenString == null) {
            return false;
        }
        return write(oAuthToken.getCk(), "\"" + encryptedTokenString + "\"", oAuthToken.isAuthentic() ? this._maxAge : this._loginTimeout, httpServletRequest.isSecure(), httpServletResponse);
    }

    public boolean saveToken(String str, HttpServletRequest httpServletRequest, Node node) throws RepositoryException {
        String encryptedTokenString = getEncryptedTokenString(getToken(str, httpServletRequest));
        node.setProperty(PROPERTY_OAUTH_TOKEN, encryptedTokenString);
        node.getSession().save();
        return encryptedTokenString != null;
    }

    public boolean saveToken(String str, HttpServletRequest httpServletRequest, User user, ValueFactory valueFactory, String str2) throws RepositoryException {
        user.setProperty(str2, valueFactory.createValue(getEncryptedTokenString(getToken(str, httpServletRequest))));
        return true;
    }

    public boolean invalidate(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        httpServletRequest.removeAttribute(str);
        return write(str, ProviderConfigProperties.DEFAULT_CALL_BACK_URL, 0, httpServletRequest.isSecure(), httpServletResponse);
    }

    protected boolean write(String str, String str2, int i, boolean z, HttpServletResponse httpServletResponse) {
        TokenCookie.setCookie(httpServletResponse, str, str2, i, this._cookiePath, this._cookieDomain, true, z);
        return true;
    }

    private String getEncryptedTokenString(OAuthToken oAuthToken) {
        try {
            return this.cryptoSupport.protect(oAuthToken.toJSON());
        } catch (Exception e) {
            e.printStackTrace();
            this.log.error("failed encrypting cookie:{}", oAuthToken == null ? null : oAuthToken.toString());
            return null;
        }
    }
}
