package com.mware.web.auth;

import com.mware.core.model.user.GeUser;
import com.mware.core.security.AuthToken;
import com.mware.core.security.AuthTokenException;
import com.mware.core.util.BcLogger;
import com.mware.core.util.BcLoggerFactory;
import com.mware.ge.values.storable.Values;
import com.mware.web.CurrentUser;
import com.mware.web.WebServer;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.Date;
import javax.crypto.SecretKey;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;

/* loaded from: input_file:com/mware/web/auth/AuthTokenHttpResponse.class */
public class AuthTokenHttpResponse extends HttpServletResponseWrapper {
    private static final BcLogger LOGGER = BcLoggerFactory.getLogger(AuthTokenHttpResponse.class);
    private static final String EXPIRATION_HEADER_NAME = "BC-Auth-Token-Expiration";
    private final SecretKey macKey;
    private final HttpServletRequest request;
    private final long tokenValidityDurationInMinutes;
    private final AuthToken token;
    private boolean tokenCookieWritten;
    private boolean tokenHeaderWritten;

    public AuthTokenHttpResponse(AuthToken authToken, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SecretKey secretKey, long j) {
        super(httpServletResponse);
        this.tokenCookieWritten = false;
        this.tokenHeaderWritten = false;
        this.token = authToken;
        this.request = httpServletRequest;
        this.macKey = secretKey;
        this.tokenValidityDurationInMinutes = j;
    }

    public ServletOutputStream getOutputStream() throws IOException {
        updateAuthToken();
        updateExpirationHeader();
        return super.getOutputStream();
    }

    public PrintWriter getWriter() throws IOException {
        updateAuthToken();
        updateExpirationHeader();
        return super.getWriter();
    }

    public void sendRedirect(String str) throws IOException {
        updateAuthToken();
        super.sendRedirect(str);
    }

    public void invalidateAuthentication() {
        if (isCommitted()) {
            throw new IllegalStateException("Unable to clear auth token. The response is already committed.");
        }
        writeAuthTokenCookie(null, 0L);
    }

    private void updateExpirationHeader() {
        updateExpirationHeader(this.token);
    }

    private void updateExpirationHeader(AuthToken authToken) {
        if (this.tokenHeaderWritten || authToken == null) {
            return;
        }
        setHeader(EXPIRATION_HEADER_NAME, Long.valueOf(authToken.getExpiration().getTime() - System.currentTimeMillis()).toString());
        this.tokenHeaderWritten = true;
    }

    private void updateAuthToken() throws IOException {
        GeUser geUser;
        if (this.tokenCookieWritten) {
            return;
        }
        if ((this.token == null || isTokenNearingExpiration(this.token)) && (geUser = CurrentUser.get(this.request)) != null) {
            AuthToken authToken = new AuthToken(geUser.getUserId(), this.macKey, calculateTokenExpiration());
            try {
                String serialize = authToken.serialize();
                if (geUser instanceof GeUser) {
                    geUser.setProperty("jwt", Values.stringValue(authToken.serialize()));
                }
                writeAuthTokenCookie(serialize, this.tokenValidityDurationInMinutes);
            } catch (AuthTokenException e) {
                LOGGER.error("Auth token serialization failed.", e);
                sendError(500);
            }
        }
    }

    private void writeAuthTokenCookie(String str, long j) {
        if (isCommitted()) {
            throw new IllegalStateException("Response committed before auth token cookie written.");
        }
        Cookie cookie = new Cookie(AuthTokenFilter.TOKEN_COOKIE_NAME, str);
        cookie.setMaxAge(((int) j) * 60);
        cookie.setSecure(false);
        cookie.setHttpOnly(true);
        cookie.setPath(WebServer.DEFAULT_CONTEXT_PATH);
        addCookie(cookie);
        this.tokenCookieWritten = true;
    }

    private Date calculateTokenExpiration() {
        return new Date(System.currentTimeMillis() + (this.tokenValidityDurationInMinutes * 60 * 1000));
    }

    private boolean isTokenNearingExpiration(AuthToken authToken) {
        return authToken.getExpiration().getTime() - System.currentTimeMillis() < ((this.tokenValidityDurationInMinutes * 60) * 1000) / 2;
    }
}
