package org.craftercms.profile.security;

import java.util.Arrays;
import java.util.Date;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.dao.DataAccessException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.authentication.rememberme.CookieTheftException;
import org.springframework.security.web.authentication.rememberme.InMemoryTokenRepositoryImpl;
import org.springframework.security.web.authentication.rememberme.InvalidCookieException;
import org.springframework.security.web.authentication.rememberme.PersistentRememberMeToken;
import org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices;
import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;
import org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationException;
import org.springframework.util.StringUtils;

/* loaded from: input_file:org/craftercms/profile/security/PersistentParameterTokenRememberMeServices.class */
public class PersistentParameterTokenRememberMeServices extends PersistentTokenBasedRememberMeServices {
    private PersistentTokenRepository tokenRepository;

    public PersistentParameterTokenRememberMeServices(String str, UserDetailsService userDetailsService, PersistentTokenRepository persistentTokenRepository) {
        super(str, userDetailsService, persistentTokenRepository);
        this.tokenRepository = new InMemoryTokenRepositoryImpl();
        this.tokenRepository = persistentTokenRepository;
    }

    protected void cancelCookie(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        this.logger.debug("cancelCookie");
        String extractRememberMeCookie = extractRememberMeCookie(httpServletRequest);
        if (extractRememberMeCookie != null) {
            String[] decodeCookie = decodeCookie(extractRememberMeCookie);
            if (decodeCookie.length >= 2) {
                String str = decodeCookie[0];
                String str2 = decodeCookie[1];
                PersistentRememberMeToken tokenForSeries = this.tokenRepository.getTokenForSeries(str);
                if (tokenForSeries != null && str2.equals(tokenForSeries.getTokenValue())) {
                    this.tokenRepository.removeUserTokens(tokenForSeries.getUsername());
                }
            }
        }
        httpServletRequest.removeAttribute(getCookieName());
    }

    protected String extractRememberMeCookie(HttpServletRequest httpServletRequest) {
        this.logger.debug(String.format("extractRememberMeCookie: %s = %s", getCookieName(), httpServletRequest.getParameter(getCookieName())));
        String parameter = httpServletRequest.getParameter(getCookieName());
        if (parameter == null || parameter.length() == 0) {
            return null;
        }
        return parameter;
    }

    protected void setCookie(String[] strArr, int i, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        httpServletRequest.setAttribute(getCookieName(), encodeCookie(strArr));
        this.logger.debug(String.format("setCookie('%s' maxAge='%d' encodedCookie='%s', request, response)", StringUtils.arrayToCommaDelimitedString(strArr), Integer.valueOf(i), encodeCookie(strArr)));
    }

    protected UserDetails processAutoLoginCookie(String[] strArr, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (strArr.length != 2) {
            throw new InvalidCookieException("Cookie token did not contain 2 tokens, but contained '" + Arrays.asList(strArr) + "'");
        }
        String str = strArr[0];
        String str2 = strArr[1];
        PersistentTenantRememberMeToken persistentTenantRememberMeToken = (PersistentTenantRememberMeToken) this.tokenRepository.getTokenForSeries(str);
        if (persistentTenantRememberMeToken == null) {
            throw new RememberMeAuthenticationException("No persistent token found for series id: " + str);
        }
        if (!str2.equals(persistentTenantRememberMeToken.getTokenValue())) {
            this.tokenRepository.removeUserTokens(persistentTenantRememberMeToken.getUsername());
            throw new CookieTheftException(this.messages.getMessage("PersistentTokenBasedRememberMeServices.cookieStolen", "Invalid remember-me token (Series/token) mismatch. Implies previous cookie theft attack."));
        }
        if (persistentTenantRememberMeToken.getDate().getTime() + (getTokenValiditySeconds() * 1000) < System.currentTimeMillis()) {
            throw new RememberMeAuthenticationException("Remember-me login has expired");
        }
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("Refreshing persistent login token for user '" + persistentTenantRememberMeToken.getUsername() + "', series '" + persistentTenantRememberMeToken.getSeries() + "'");
        }
        try {
            this.tokenRepository.updateToken(persistentTenantRememberMeToken.getSeries(), persistentTenantRememberMeToken.getTokenValue(), new Date());
            setCookie(new String[]{persistentTenantRememberMeToken.getSeries(), persistentTenantRememberMeToken.getTokenValue()}, getTokenValiditySeconds(), httpServletRequest, httpServletResponse);
            return getUserDetailsService().loadUserByUsername((persistentTenantRememberMeToken.getTenantName() == null || persistentTenantRememberMeToken.getTenantName().equals("")) ? persistentTenantRememberMeToken.getUsername() : persistentTenantRememberMeToken.getUsername() + "@" + persistentTenantRememberMeToken.getTenantName());
        } catch (DataAccessException e) {
            this.logger.error("Failed to update token: ", e);
            throw new RememberMeAuthenticationException("Autologin failed due to data access problem");
        }
    }

    public void logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) {
        if (authentication != null) {
            cancelCookie(httpServletRequest, httpServletResponse);
        }
    }

    protected void onLoginSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) {
        String name = authentication.getName();
        String parameter = httpServletRequest.getParameter("tenantName");
        String trim = name.trim();
        this.logger.debug("Creating new persistent login for user " + trim);
        PersistentTenantRememberMeToken persistentTenantRememberMeToken = new PersistentTenantRememberMeToken(trim, generateSeriesData(), generateTokenData(), new Date(), parameter);
        try {
            this.tokenRepository.createNewToken(persistentTenantRememberMeToken);
            setCookie(new String[]{persistentTenantRememberMeToken.getSeries(), persistentTenantRememberMeToken.getTokenValue()}, getTokenValiditySeconds(), httpServletRequest, httpServletResponse);
        } catch (DataAccessException e) {
            this.logger.error("Failed to save persistent token ", e);
        }
    }
}
