package org.ametys.core.authentication.token;

import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Timestamp;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.ametys.core.authentication.AuthenticateAction;
import org.ametys.core.datasource.ConnectionHelper;
import org.ametys.core.datasource.dbtype.SQLDatabaseTypeExtensionPoint;
import org.ametys.core.ui.Callable;
import org.ametys.core.user.CurrentUserProvider;
import org.ametys.core.user.UserIdentity;
import org.ametys.plugins.core.schedule.Scheduler;
import org.ametys.runtime.config.Config;
import org.ametys.runtime.plugin.component.AbstractLogEnabled;
import org.apache.avalon.framework.activity.Initializable;
import org.apache.avalon.framework.component.Component;
import org.apache.avalon.framework.service.ServiceException;
import org.apache.avalon.framework.service.ServiceManager;
import org.apache.avalon.framework.service.Serviceable;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.RandomStringUtils;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:org/ametys/core/authentication/token/AuthenticationTokenManager.class */
public class AuthenticationTokenManager extends AbstractLogEnabled implements Component, Serviceable, Initializable {
    public static final String ROLE = AuthenticationTokenManager.class.getName();
    public static final String TOKEN_SEPARATOR = "#";
    public static final String USER_TOKEN_TYPE = "User";
    private static final String TOKEN_SQL_GET_FIELDS = "id, token, salt, creation_date, end_date, last_update_date, nb_uses_left, auto_renew_duration, context, type, token_comment";
    private static final String TOKEN_SQL_SET_FIELDS = "login, population_id, token, salt, creation_date, end_date, nb_uses_left, auto_renew_duration, context, type, token_comment";
    private ServiceManager _manager;
    private CurrentUserProvider _currentUserProvider;
    private String _datasourceId;
    private SQLDatabaseTypeExtensionPoint _sqlDatabaseTypeExtensionPoint;

    /* loaded from: input_file:org/ametys/core/authentication/token/AuthenticationTokenManager$Token.class */
    public static class Token {
        protected Integer _id;
        protected String _type;
        protected String _comment;
        protected Date _creationDate;
        protected Date _endDate;
        protected Date _lastUpdateDate;
        protected Integer _nbUsesLeft;
        protected Long _autoRenewDuration;
        protected String _context;

        protected Token(Integer num, String str, String str2, Date date, Date date2, Date date3, Integer num2, Long l, String str3) {
            this._id = num;
            this._type = str;
            this._comment = str2;
            this._creationDate = date;
            this._endDate = date2;
            this._lastUpdateDate = date3;
            this._nbUsesLeft = num2;
            this._autoRenewDuration = l;
            this._context = str3;
        }

        public Integer getId() {
            return this._id;
        }

        public String getType() {
            return this._type;
        }

        public String getComment() {
            return this._comment;
        }

        public Date getCreationDate() {
            return this._creationDate;
        }

        public Date getEndDate() {
            return this._endDate;
        }

        public Date getLastUpdateDate() {
            return this._endDate;
        }

        public Long getAutoRenewDuration() {
            return this._autoRenewDuration;
        }

        public String getContext() {
            return this._context;
        }

        public Integer getNbUsesLeft() {
            return this._nbUsesLeft;
        }
    }

    public void service(ServiceManager serviceManager) throws ServiceException {
        this._manager = serviceManager;
        this._sqlDatabaseTypeExtensionPoint = (SQLDatabaseTypeExtensionPoint) serviceManager.lookup(SQLDatabaseTypeExtensionPoint.ROLE);
    }

    public void initialize() throws Exception {
        this._datasourceId = Config.getInstance() != null ? (String) Config.getInstance().getValue("runtime.assignments.authenticationtokens") : ConnectionHelper.DATABASE_UNKNOWN;
    }

    private CurrentUserProvider _getCurrentUserProvider() throws RuntimeException {
        if (this._currentUserProvider == null) {
            try {
                this._currentUserProvider = (CurrentUserProvider) this._manager.lookup(CurrentUserProvider.ROLE);
            } catch (ServiceException e) {
                throw new RuntimeException((Throwable) e);
            }
        }
        return this._currentUserProvider;
    }

    public List<Token> getTokens(String str) throws RuntimeException {
        return getTokens(_getCurrentUserProvider().getUser(), str);
    }

    public List<Token> getTokens(UserIdentity userIdentity, String str) throws RuntimeException {
        if (userIdentity == null) {
            throw new RuntimeException("Cannot generate a temporary authentication token for a null user");
        }
        ArrayList arrayList = new ArrayList();
        try {
            try {
                Connection connection = ConnectionHelper.getConnection(this._datasourceId);
                _deleteOldTokens(connection);
                PreparedStatement _getSelectUserTokenStatement = _getSelectUserTokenStatement(connection, userIdentity.getLogin(), userIdentity.getPopulationId(), str);
                try {
                    ResultSet executeQuery = _getSelectUserTokenStatement.executeQuery();
                    while (executeQuery.next()) {
                        try {
                            arrayList.add(_getTokenFromResultSet(executeQuery, connection));
                        } catch (Throwable th) {
                            if (executeQuery != null) {
                                try {
                                    executeQuery.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            }
                            throw th;
                        }
                    }
                    if (executeQuery != null) {
                        executeQuery.close();
                    }
                    if (_getSelectUserTokenStatement != null) {
                        _getSelectUserTokenStatement.close();
                    }
                    ConnectionHelper.cleanup(connection);
                } catch (Throwable th3) {
                    if (_getSelectUserTokenStatement != null) {
                        try {
                            _getSelectUserTokenStatement.close();
                        } catch (Throwable th4) {
                            th3.addSuppressed(th4);
                        }
                    }
                    throw th3;
                }
            } catch (Exception e) {
                getLogger().error("Communication error with the database", e);
                ConnectionHelper.cleanup((Connection) null);
            }
            return arrayList;
        } catch (Throwable th5) {
            ConnectionHelper.cleanup((Connection) null);
            throw th5;
        }
    }

    public String generateToken(long j, String str, String str2) throws RuntimeException {
        return generateToken(_getCurrentUserProvider().getUser(), j, str, str2);
    }

    public String generateToken(UserIdentity userIdentity, long j, String str, String str2) throws RuntimeException {
        return generateToken(userIdentity, j, false, null, null, str, str2);
    }

    public String generateToken(UserIdentity userIdentity, long j, Integer num, String str, String str2) throws RuntimeException {
        return generateToken(userIdentity, j, false, num, null, str, str2);
    }

    public String generateToken(UserIdentity userIdentity, long j, boolean z, Integer num, String str, String str2, String str3) throws RuntimeException {
        if (userIdentity == null) {
            throw new RuntimeException("Cannot generate a temporary authentication token for a null user");
        }
        if (j < 0) {
            throw new RuntimeException("Cannot generate a token for a negative duration [" + j + "]");
        }
        String randomAlphanumeric = RandomStringUtils.randomAlphanumeric(j == 0 ? 64 : 16);
        String randomAlphanumeric2 = RandomStringUtils.randomAlphanumeric(48);
        _generateToken(userIdentity, j, z, num, str, str2, str3, DigestUtils.sha512Hex(randomAlphanumeric + randomAlphanumeric2), randomAlphanumeric2, new Timestamp(new Date().getTime()), j > 0 ? new Timestamp(System.currentTimeMillis() + (j * 1000)) : null);
        try {
            return Base64.getEncoder().withoutPadding().encodeToString((userIdentity.getPopulationId() + "#" + userIdentity.getLogin() + "#" + randomAlphanumeric).getBytes("UTF-8"));
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }
    }

    private void _generateToken(UserIdentity userIdentity, long j, boolean z, Integer num, String str, String str2, String str3, String str4, String str5, Timestamp timestamp, Timestamp timestamp2) throws RuntimeException {
        PreparedStatement prepareStatement;
        int i;
        int i2;
        int i3;
        int i4;
        int i5;
        int i6;
        ResultSet resultSet = null;
        Connection connection = null;
        try {
            try {
                connection = ConnectionHelper.getConnection(this._datasourceId);
                String databaseType = ConnectionHelper.getDatabaseType(connection);
                if (ConnectionHelper.DATABASE_ORACLE.equals(databaseType)) {
                    PreparedStatement prepareStatement2 = connection.prepareStatement("SELECT seq_authenticationtoken.nextval FROM dual");
                    resultSet = prepareStatement2.executeQuery();
                    String str6 = null;
                    if (resultSet.next()) {
                        str6 = resultSet.getString(1);
                    }
                    ConnectionHelper.cleanup(resultSet);
                    ConnectionHelper.cleanup(prepareStatement2);
                    prepareStatement = connection.prepareStatement("INSERT INTO Authentication_Token (id, login, population_id, token, salt, creation_date, end_date, nb_uses_left, auto_renew_duration, context, type, token_comment) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
                    int i7 = 1 + 1;
                    prepareStatement.setString(1, str6);
                    int i8 = i7 + 1;
                    prepareStatement.setString(i7, userIdentity.getLogin());
                    int i9 = i8 + 1;
                    prepareStatement.setString(i8, userIdentity.getPopulationId());
                    int i10 = i9 + 1;
                    prepareStatement.setString(i9, str4);
                    int i11 = i10 + 1;
                    prepareStatement.setString(i10, str5);
                    int i12 = i11 + 1;
                    prepareStatement.setTimestamp(i11, timestamp);
                    int i13 = i12 + 1;
                    prepareStatement.setTimestamp(i12, timestamp2);
                    if (num == null) {
                        i4 = i13 + 1;
                        prepareStatement.setNull(i13, 4);
                    } else {
                        i4 = i13 + 1;
                        prepareStatement.setInt(i13, num.intValue());
                    }
                    if (z) {
                        int i14 = i4;
                        i5 = i4 + 1;
                        prepareStatement.setLong(i14, j);
                    } else {
                        int i15 = i4;
                        i5 = i4 + 1;
                        prepareStatement.setNull(i15, -5);
                    }
                    if (str == null) {
                        int i16 = i5;
                        i6 = i5 + 1;
                        prepareStatement.setNull(i16, 12);
                    } else {
                        int i17 = i5;
                        i6 = i5 + 1;
                        prepareStatement.setString(i17, str);
                    }
                    int i18 = i6;
                    int i19 = i6 + 1;
                    prepareStatement.setString(i18, str2);
                    if (str3 == null) {
                        int i20 = i19 + 1;
                        prepareStatement.setNull(i19, 2004);
                    } else {
                        int i21 = i19 + 1;
                        this._sqlDatabaseTypeExtensionPoint.setBlob(databaseType, prepareStatement, i19, str3);
                    }
                } else {
                    prepareStatement = connection.prepareStatement("INSERT INTO Authentication_Token (login, population_id, token, salt, creation_date, end_date, nb_uses_left, auto_renew_duration, context, type, token_comment) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
                    int i22 = 1 + 1;
                    prepareStatement.setString(1, userIdentity.getLogin());
                    int i23 = i22 + 1;
                    prepareStatement.setString(i22, userIdentity.getPopulationId());
                    int i24 = i23 + 1;
                    prepareStatement.setString(i23, str4);
                    int i25 = i24 + 1;
                    prepareStatement.setString(i24, str5);
                    int i26 = i25 + 1;
                    prepareStatement.setTimestamp(i25, timestamp);
                    int i27 = i26 + 1;
                    prepareStatement.setTimestamp(i26, timestamp2);
                    if (num == null) {
                        i = i27 + 1;
                        prepareStatement.setNull(i27, 4);
                    } else {
                        i = i27 + 1;
                        prepareStatement.setInt(i27, num.intValue());
                    }
                    if (z) {
                        int i28 = i;
                        i2 = i + 1;
                        prepareStatement.setLong(i28, j);
                    } else {
                        int i29 = i;
                        i2 = i + 1;
                        prepareStatement.setNull(i29, -5);
                    }
                    if (str == null) {
                        int i30 = i2;
                        i3 = i2 + 1;
                        prepareStatement.setNull(i30, 12);
                    } else {
                        int i31 = i2;
                        i3 = i2 + 1;
                        prepareStatement.setString(i31, str);
                    }
                    int i32 = i3;
                    int i33 = i3 + 1;
                    prepareStatement.setString(i32, str2);
                    int i34 = i33 + 1;
                    this._sqlDatabaseTypeExtensionPoint.setBlob(databaseType, prepareStatement, i33, str3);
                }
                prepareStatement.executeUpdate();
                ConnectionHelper.cleanup(resultSet);
                ConnectionHelper.cleanup(connection);
            } catch (UnsupportedEncodingException | SQLException e) {
                throw new RuntimeException(e);
            }
        } catch (Throwable th) {
            ConnectionHelper.cleanup(resultSet);
            ConnectionHelper.cleanup(connection);
            throw th;
        }
    }

    private UserIdentity _validateToken(String str, String str2, boolean z) {
        try {
            String[] split = StringUtils.split(new String(Base64.getDecoder().decode(str), "UTF-8"), "#");
            if (split == null || split.length != 3) {
                return null;
            }
            String str3 = split[0];
            String str4 = split[1];
            String str5 = split[2];
            try {
                try {
                    Connection connection = ConnectionHelper.getConnection(this._datasourceId);
                    _deleteOldTokens(connection);
                    PreparedStatement _getSelectUserTokenStatement = _getSelectUserTokenStatement(connection, str4, str3, null);
                    try {
                        ResultSet executeQuery = _getSelectUserTokenStatement.executeQuery();
                        while (executeQuery.next()) {
                            try {
                                if (executeQuery.getString(AuthenticateAction.REQUEST_PARAMETER_TOKEN).equals(DigestUtils.sha512Hex(str5 + executeQuery.getString("salt")))) {
                                    Token _getTokenFromResultSet = _getTokenFromResultSet(executeQuery, connection);
                                    if (_getTokenFromResultSet.getContext() == null || _getTokenFromResultSet.getContext().equals(str2)) {
                                        if (z) {
                                            _deleteUserToken(connection, _getTokenFromResultSet.getId());
                                        } else {
                                            _updateUserToken(connection, _getTokenFromResultSet);
                                        }
                                        UserIdentity userIdentity = new UserIdentity(str4, str3);
                                        if (executeQuery != null) {
                                            executeQuery.close();
                                        }
                                        if (_getSelectUserTokenStatement != null) {
                                            _getSelectUserTokenStatement.close();
                                        }
                                        ConnectionHelper.cleanup(connection);
                                        return userIdentity;
                                    }
                                }
                            } catch (Throwable th) {
                                if (executeQuery != null) {
                                    try {
                                        executeQuery.close();
                                    } catch (Throwable th2) {
                                        th.addSuppressed(th2);
                                    }
                                }
                                throw th;
                            }
                        }
                        if (executeQuery != null) {
                            executeQuery.close();
                        }
                        if (_getSelectUserTokenStatement != null) {
                            _getSelectUserTokenStatement.close();
                        }
                        ConnectionHelper.cleanup(connection);
                        return null;
                    } catch (Throwable th3) {
                        if (_getSelectUserTokenStatement != null) {
                            try {
                                _getSelectUserTokenStatement.close();
                            } catch (Throwable th4) {
                                th3.addSuppressed(th4);
                            }
                        }
                        throw th3;
                    }
                } catch (Exception e) {
                    getLogger().error("Communication error with the database", e);
                    ConnectionHelper.cleanup((Connection) null);
                    return null;
                }
            } catch (Throwable th5) {
                ConnectionHelper.cleanup((Connection) null);
                throw th5;
            }
        } catch (UnsupportedEncodingException e2) {
            throw new RuntimeException(e2);
        } catch (Exception e3) {
            return null;
        }
    }

    public UserIdentity validateToken(String str) {
        return validateToken(str, null);
    }

    public UserIdentity validateToken(String str, String str2) {
        return _validateToken(str, str2, false);
    }

    public void deleteTokenByValue(String str, String str2) {
        _validateToken(str, str2, true);
    }

    public void deleteTokenById(Integer num) {
        Connection connection = null;
        try {
            try {
                connection = ConnectionHelper.getConnection(this._datasourceId);
                _deleteUserToken(connection, num);
                ConnectionHelper.cleanup(connection);
            } catch (SQLException e) {
                throw new RuntimeException("Could not delete the authentication token with identifier " + num, e);
            }
        } catch (Throwable th) {
            ConnectionHelper.cleanup(connection);
            throw th;
        }
    }

    private void _deleteOldTokens(Connection connection) throws SQLException {
        PreparedStatement prepareStatement = connection.prepareStatement("DELETE FROM Authentication_Token WHERE end_date < ? OR nb_uses_left = ?");
        try {
            prepareStatement.setTimestamp(1, new Timestamp(System.currentTimeMillis()));
            prepareStatement.setInt(2, 0);
            prepareStatement.executeUpdate();
            if (prepareStatement != null) {
                prepareStatement.close();
            }
        } catch (Throwable th) {
            if (prepareStatement != null) {
                try {
                    prepareStatement.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private PreparedStatement _getSelectUserTokenStatement(Connection connection, String str, String str2, String str3) throws SQLException {
        PreparedStatement prepareStatement = connection.prepareStatement("SELECT id, token, salt, creation_date, end_date, last_update_date, nb_uses_left, auto_renew_duration, context, type, token_comment FROM Authentication_Token WHERE login=? AND population_id=?" + (str3 != null ? " AND type=?" : ConnectionHelper.DATABASE_UNKNOWN));
        int i = 1 + 1;
        prepareStatement.setString(1, str);
        int i2 = i + 1;
        prepareStatement.setString(i, str2);
        if (str3 != null) {
            int i3 = i2 + 1;
            prepareStatement.setString(i2, str3);
        }
        return prepareStatement;
    }

    private Token _getTokenFromResultSet(ResultSet resultSet, Connection connection) throws SQLException, IOException {
        String str = null;
        InputStream blob = this._sqlDatabaseTypeExtensionPoint.getBlob(ConnectionHelper.getDatabaseType(connection), resultSet, "token_comment");
        if (blob != null) {
            try {
                str = IOUtils.toString(blob, "UTF-8");
            } catch (Throwable th) {
                if (blob != null) {
                    try {
                        blob.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        }
        if (blob != null) {
            blob.close();
        }
        Integer valueOf = Integer.valueOf(resultSet.getInt("nb_uses_left"));
        if (resultSet.wasNull()) {
            valueOf = null;
        }
        Long valueOf2 = Long.valueOf(resultSet.getLong("auto_renew_duration"));
        if (resultSet.wasNull()) {
            valueOf2 = null;
        }
        return new Token(Integer.valueOf(resultSet.getInt(Scheduler.KEY_RUNNABLE_ID)), resultSet.getString("type"), str, resultSet.getTimestamp("creation_date"), resultSet.getTimestamp("end_date"), resultSet.getTimestamp("last_update_date"), valueOf, valueOf2, resultSet.getString("context"));
    }

    private void _deleteUserToken(Connection connection, Integer num) throws SQLException {
        PreparedStatement prepareStatement = connection.prepareStatement("DELETE FROM Authentication_Token WHERE id = ?");
        try {
            prepareStatement.setInt(1, num.intValue());
            prepareStatement.executeUpdate();
            if (prepareStatement != null) {
                prepareStatement.close();
            }
        } catch (Throwable th) {
            if (prepareStatement != null) {
                try {
                    prepareStatement.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private void _updateUserToken(Connection connection, Token token) throws SQLException {
        PreparedStatement prepareStatement;
        Integer nbUsesLeft = token.getNbUsesLeft();
        if (nbUsesLeft != null && nbUsesLeft.intValue() > 0) {
            nbUsesLeft = Integer.valueOf(nbUsesLeft.intValue() - 1);
        }
        if (nbUsesLeft != null && nbUsesLeft.intValue() == 0) {
            _deleteUserToken(connection, token.getId());
            return;
        }
        if (token.getAutoRenewDuration() == null) {
            prepareStatement = connection.prepareStatement("UPDATE Authentication_Token SET last_update_date = ?, nb_uses_left = ? WHERE id = ?");
            try {
                prepareStatement.setTimestamp(1, new Timestamp(new Date().getTime()));
                if (nbUsesLeft == null) {
                    prepareStatement.setNull(2, 4);
                } else {
                    prepareStatement.setInt(2, nbUsesLeft.intValue());
                }
                prepareStatement.setInt(3, token.getId().intValue());
                prepareStatement.executeUpdate();
                if (prepareStatement != null) {
                    prepareStatement.close();
                    return;
                }
                return;
            } finally {
            }
        }
        Timestamp timestamp = new Timestamp(new Date().getTime() + (token.getAutoRenewDuration().longValue() * 1000));
        prepareStatement = connection.prepareStatement("UPDATE Authentication_Token SET last_update_date = ?, end_date = ?, nb_uses_left = ? WHERE id = ?");
        try {
            prepareStatement.setTimestamp(1, new Timestamp(new Date().getTime()));
            prepareStatement.setTimestamp(2, timestamp);
            if (nbUsesLeft == null) {
                prepareStatement.setNull(3, 4);
            } else {
                prepareStatement.setInt(3, nbUsesLeft.intValue());
            }
            prepareStatement.setInt(4, token.getId().intValue());
            prepareStatement.executeUpdate();
            if (prepareStatement != null) {
                prepareStatement.close();
            }
        } finally {
        }
    }

    @Callable
    public String generateAuthenticationToken(Map<String, Object> map) {
        return generateToken(0L, USER_TOKEN_TYPE, (String) map.get(Scheduler.KEY_RUNNABLE_DESCRIPTION));
    }

    @Callable
    public void deleteAuthenticationToken(List<Integer> list) {
        Iterator<Integer> it = list.iterator();
        while (it.hasNext()) {
            deleteTokenById(it.next());
        }
    }
}
