package org.springframework.security.oauth.provider.token;

import java.security.SecureRandom;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Random;
import java.util.UUID;
import org.apache.commons.codec.binary.Base64;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;

/* loaded from: input_file:WEB-INF/lib/spring-security-oauth-2.0.7.RELEASE.jar:org/springframework/security/oauth/provider/token/RandomValueProviderTokenServices.class */
public abstract class RandomValueProviderTokenServices implements OAuthProviderTokenServices, InitializingBean, OAuthTokenLifecycleRegistry {
    private Random random;
    private int requestTokenValiditySeconds = 600;
    private int accessTokenValiditySeconds = 43200;
    private int tokenSecretLengthBytes = 80;
    private final Collection<OAuthTokenLifecycleListener> lifecycleListeners = new HashSet();

    protected abstract OAuthProviderTokenImpl readToken(String str);

    protected abstract void storeToken(String str, OAuthProviderTokenImpl oAuthProviderTokenImpl);

    protected abstract OAuthProviderTokenImpl removeToken(String str);

    public void afterPropertiesSet() throws Exception {
        if (this.random == null) {
            this.random = new SecureRandom();
        }
    }

    @Override // org.springframework.security.oauth.provider.token.OAuthProviderTokenServices
    public OAuthProviderToken getToken(String str) throws AuthenticationException {
        OAuthProviderTokenImpl readToken = readToken(str);
        if (readToken == null) {
            throw new InvalidOAuthTokenException("Invalid token: " + str);
        }
        if (!isExpired(readToken)) {
            return readToken;
        }
        removeToken(str);
        onTokenRemoved(readToken);
        throw new ExpiredOAuthTokenException("Expired token.");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isExpired(OAuthProviderTokenImpl oAuthProviderTokenImpl) {
        return oAuthProviderTokenImpl.isAccessToken() ? oAuthProviderTokenImpl.getTimestamp() + (((long) getAccessTokenValiditySeconds()) * 1000) < System.currentTimeMillis() : oAuthProviderTokenImpl.getTimestamp() + (((long) getRequestTokenValiditySeconds()) * 1000) < System.currentTimeMillis();
    }

    @Override // org.springframework.security.oauth.provider.token.OAuthProviderTokenServices
    public OAuthProviderToken createUnauthorizedRequestToken(String str, String str2) throws AuthenticationException {
        String uuid = UUID.randomUUID().toString();
        byte[] bArr = new byte[getTokenSecretLengthBytes()];
        getRandom().nextBytes(bArr);
        String str3 = new String(Base64.encodeBase64(bArr));
        OAuthProviderTokenImpl oAuthProviderTokenImpl = new OAuthProviderTokenImpl();
        oAuthProviderTokenImpl.setAccessToken(false);
        oAuthProviderTokenImpl.setConsumerKey(str);
        oAuthProviderTokenImpl.setCallbackUrl(str2);
        oAuthProviderTokenImpl.setUserAuthentication(null);
        oAuthProviderTokenImpl.setSecret(str3);
        oAuthProviderTokenImpl.setValue(uuid);
        oAuthProviderTokenImpl.setTimestamp(System.currentTimeMillis());
        onTokenCreated(oAuthProviderTokenImpl);
        storeToken(uuid, oAuthProviderTokenImpl);
        return oAuthProviderTokenImpl;
    }

    @Override // org.springframework.security.oauth.provider.token.OAuthProviderTokenServices
    public void authorizeRequestToken(String str, String str2, Authentication authentication) throws AuthenticationException {
        OAuthProviderTokenImpl readToken = readToken(str);
        if (readToken == null) {
            throw new InvalidOAuthTokenException("Invalid token: " + str);
        }
        if (isExpired(readToken)) {
            removeToken(str);
            onTokenRemoved(readToken);
            throw new ExpiredOAuthTokenException("Expired token.");
        }
        if (readToken.isAccessToken()) {
            throw new InvalidOAuthTokenException("Request to authorize an access token.");
        }
        readToken.setUserAuthentication(authentication);
        readToken.setTimestamp(System.currentTimeMillis());
        readToken.setVerifier(str2);
        storeToken(str, readToken);
    }

    @Override // org.springframework.security.oauth.provider.token.OAuthProviderTokenServices
    public OAuthAccessProviderToken createAccessToken(String str) throws AuthenticationException {
        OAuthProviderTokenImpl readToken = readToken(str);
        if (readToken == null) {
            throw new InvalidOAuthTokenException("Invalid token: " + str);
        }
        if (isExpired(readToken)) {
            removeToken(str);
            onTokenRemoved(readToken);
            throw new ExpiredOAuthTokenException("Expired token.");
        }
        if (readToken.isAccessToken()) {
            throw new InvalidOAuthTokenException("Not a request token.");
        }
        if (readToken.getUserAuthentication() == null) {
            throw new InvalidOAuthTokenException("Request token has not been authorized.");
        }
        OAuthProviderTokenImpl removeToken = removeToken(str);
        if (removeToken != null) {
            onTokenRemoved(removeToken);
        }
        String uuid = UUID.randomUUID().toString();
        byte[] bArr = new byte[getTokenSecretLengthBytes()];
        getRandom().nextBytes(bArr);
        String str2 = new String(Base64.encodeBase64(bArr));
        OAuthProviderTokenImpl oAuthProviderTokenImpl = new OAuthProviderTokenImpl();
        oAuthProviderTokenImpl.setAccessToken(true);
        oAuthProviderTokenImpl.setConsumerKey(readToken.getConsumerKey());
        oAuthProviderTokenImpl.setUserAuthentication(readToken.getUserAuthentication());
        oAuthProviderTokenImpl.setSecret(str2);
        oAuthProviderTokenImpl.setValue(uuid);
        oAuthProviderTokenImpl.setTimestamp(System.currentTimeMillis());
        onTokenCreated(oAuthProviderTokenImpl);
        storeToken(uuid, oAuthProviderTokenImpl);
        return oAuthProviderTokenImpl;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void onTokenRemoved(OAuthProviderTokenImpl oAuthProviderTokenImpl) {
        Iterator<OAuthTokenLifecycleListener> it = getLifecycleListeners().iterator();
        while (it.hasNext()) {
            it.next().tokenExpired(oAuthProviderTokenImpl);
        }
    }

    protected void onTokenCreated(OAuthProviderTokenImpl oAuthProviderTokenImpl) {
        Iterator<OAuthTokenLifecycleListener> it = getLifecycleListeners().iterator();
        while (it.hasNext()) {
            it.next().tokenCreated(oAuthProviderTokenImpl);
        }
    }

    public int getTokenSecretLengthBytes() {
        return this.tokenSecretLengthBytes;
    }

    public void setTokenSecretLengthBytes(int i) {
        this.tokenSecretLengthBytes = i;
    }

    public Random getRandom() {
        return this.random;
    }

    public void setRandom(Random random) {
        this.random = random;
    }

    public int getRequestTokenValiditySeconds() {
        return this.requestTokenValiditySeconds;
    }

    public void setRequestTokenValiditySeconds(int i) {
        this.requestTokenValiditySeconds = i;
    }

    public int getAccessTokenValiditySeconds() {
        return this.accessTokenValiditySeconds;
    }

    public void setAccessTokenValiditySeconds(int i) {
        this.accessTokenValiditySeconds = i;
    }

    @Override // org.springframework.security.oauth.provider.token.OAuthTokenLifecycleRegistry
    public Collection<OAuthTokenLifecycleListener> getLifecycleListeners() {
        return this.lifecycleListeners;
    }

    @Override // org.springframework.security.oauth.provider.token.OAuthTokenLifecycleRegistry
    @Autowired(required = false)
    public void register(OAuthTokenLifecycleListener... oAuthTokenLifecycleListenerArr) {
        if (oAuthTokenLifecycleListenerArr != null) {
            this.lifecycleListeners.addAll(Arrays.asList(oAuthTokenLifecycleListenerArr));
        }
    }
}
