package mertz.security.oauth2.provider.token.store.cassandra;

import com.datastax.driver.core.RegularStatement;
import com.datastax.driver.core.querybuilder.QueryBuilder;
import java.nio.ByteBuffer;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.HashSet;
import java.util.List;
import java.util.Optional;
import mertz.security.oauth2.provider.token.store.cassandra.cfg.OAuthUtil;
import mertz.security.oauth2.provider.token.store.cassandra.model.AccessToken;
import mertz.security.oauth2.provider.token.store.cassandra.model.Authentication;
import mertz.security.oauth2.provider.token.store.cassandra.model.AuthenticationToAccessToken;
import mertz.security.oauth2.provider.token.store.cassandra.model.ClientIdToAccessToken;
import mertz.security.oauth2.provider.token.store.cassandra.model.RefreshToken;
import mertz.security.oauth2.provider.token.store.cassandra.model.RefreshTokenAuthentication;
import mertz.security.oauth2.provider.token.store.cassandra.model.RefreshTokenToAccessToken;
import mertz.security.oauth2.provider.token.store.cassandra.model.UsernameToAccessToken;
import mertz.security.oauth2.provider.token.store.cassandra.repo.AccessTokenRepository;
import mertz.security.oauth2.provider.token.store.cassandra.repo.AuthenticationRepository;
import mertz.security.oauth2.provider.token.store.cassandra.repo.AuthenticationToAccessTokenRepository;
import mertz.security.oauth2.provider.token.store.cassandra.repo.ClientIdToAccessTokenRepository;
import mertz.security.oauth2.provider.token.store.cassandra.repo.RefreshTokenAuthenticationRepository;
import mertz.security.oauth2.provider.token.store.cassandra.repo.RefreshTokenRepository;
import mertz.security.oauth2.provider.token.store.cassandra.repo.RefreshTokenToAccessTokenRepository;
import mertz.security.oauth2.provider.token.store.cassandra.repo.UsernameToAccessTokenRepository;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cassandra.core.QueryOptions;
import org.springframework.cassandra.core.WriteOptions;
import org.springframework.data.cassandra.core.CassandraTemplate;
import org.springframework.data.cassandra.mapping.CassandraMappingContext;
import org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.common.OAuth2RefreshToken;
import org.springframework.security.oauth2.common.util.SerializationUtils;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.token.AuthenticationKeyGenerator;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:mertz/security/oauth2/provider/token/store/cassandra/CassandraTokenStore.class */
public class CassandraTokenStore implements TokenStore {
    private static final Logger logger = LoggerFactory.getLogger(CassandraTokenStore.class);

    @Autowired
    private AuthenticationRepository authenticationRepository;

    @Autowired
    private AccessTokenRepository accessTokenRepository;

    @Autowired
    private RefreshTokenRepository refreshTokenRepository;

    @Autowired
    private RefreshTokenAuthenticationRepository refreshTokenAuthenticationRepository;

    @Autowired
    private AuthenticationToAccessTokenRepository authenticationToAccessTokenRepository;

    @Autowired
    private UsernameToAccessTokenRepository usernameToAccessTokenRepository;

    @Autowired
    private ClientIdToAccessTokenRepository clientIdToAccessTokenRepository;

    @Autowired
    private RefreshTokenToAccessTokenRepository refreshTokenToAccessTokenRepository;

    @Autowired
    private CassandraTemplate cassandraTemplate;

    @Autowired
    private CassandraMappingContext cassandraMappingContext;

    @Autowired
    private AuthenticationKeyGenerator authenticationKeyGenerator;

    public OAuth2Authentication readAuthentication(OAuth2AccessToken oAuth2AccessToken) {
        return readAuthentication(oAuth2AccessToken.getValue());
    }

    public OAuth2Authentication readAuthentication(String str) {
        Authentication authentication = (Authentication) this.authenticationRepository.findOne(str);
        if (authentication == null) {
            return null;
        }
        ByteBuffer byteBuffer = authentication.getoAuth2Authentication();
        byte[] bArr = new byte[byteBuffer.remaining()];
        byteBuffer.get(bArr);
        return (OAuth2Authentication) SerializationUtils.deserialize(bArr);
    }

    public void storeAccessToken(OAuth2AccessToken oAuth2AccessToken, OAuth2Authentication oAuth2Authentication) {
        Date expiration;
        ArrayList arrayList = new ArrayList();
        String serializeOAuth2AccessToken = OAuthUtil.serializeOAuth2AccessToken(oAuth2AccessToken);
        ByteBuffer wrap = ByteBuffer.wrap(SerializationUtils.serialize(oAuth2Authentication));
        WriteOptions writeOptions = new WriteOptions();
        if (oAuth2AccessToken.getExpiration() != null) {
            writeOptions.setTtl(Integer.valueOf(oAuth2AccessToken.getExpiresIn()));
        }
        arrayList.add(CassandraTemplate.createInsertQuery(AccessToken.TABLE, new AccessToken(oAuth2AccessToken.getValue(), serializeOAuth2AccessToken), writeOptions, this.cassandraTemplate.getConverter()));
        arrayList.add(CassandraTemplate.createInsertQuery(Authentication.TABLE, new Authentication(oAuth2AccessToken.getValue(), wrap), writeOptions, this.cassandraTemplate.getConverter()));
        arrayList.add(CassandraTemplate.createInsertQuery(AuthenticationToAccessToken.TABLE, new AuthenticationToAccessToken(this.authenticationKeyGenerator.extractKey(oAuth2Authentication), serializeOAuth2AccessToken), writeOptions, this.cassandraTemplate.getConverter()));
        arrayList.add(CassandraTemplate.createInsertQuery(UsernameToAccessToken.TABLE, new UsernameToAccessToken(OAuthUtil.getApprovalKey(oAuth2Authentication), serializeOAuth2AccessToken), writeOptions, this.cassandraTemplate.getConverter()));
        arrayList.add(CassandraTemplate.createInsertQuery(ClientIdToAccessToken.TABLE, new ClientIdToAccessToken(oAuth2Authentication.getOAuth2Request().getClientId(), serializeOAuth2AccessToken), writeOptions, this.cassandraTemplate.getConverter()));
        ExpiringOAuth2RefreshToken refreshToken = oAuth2AccessToken.getRefreshToken();
        if (refreshToken != null && refreshToken.getValue() != null) {
            WriteOptions writeOptions2 = new WriteOptions();
            if ((refreshToken instanceof ExpiringOAuth2RefreshToken) && (expiration = refreshToken.getExpiration()) != null) {
                writeOptions2.setTtl(Integer.valueOf(Long.valueOf((expiration.getTime() - System.currentTimeMillis()) / 1000).intValue()));
            }
            arrayList.add(CassandraTemplate.createInsertQuery(RefreshTokenToAccessToken.TABLE, new RefreshTokenToAccessToken(oAuth2AccessToken.getRefreshToken().getValue(), oAuth2AccessToken.getValue()), writeOptions2, this.cassandraTemplate.getConverter()));
        }
        this.cassandraTemplate.execute(QueryBuilder.batch((RegularStatement[]) arrayList.toArray(new RegularStatement[arrayList.size()])));
    }

    public OAuth2AccessToken readAccessToken(String str) {
        AccessToken accessToken = (AccessToken) this.accessTokenRepository.findOne(str);
        if (accessToken != null) {
            return OAuthUtil.deserializeOAuth2AccessToken(accessToken.getoAuth2AccessToken());
        }
        return null;
    }

    public void removeAccessToken(OAuth2AccessToken oAuth2AccessToken) {
        List<RegularStatement> prepareRemoveAccessTokenStatements = prepareRemoveAccessTokenStatements(oAuth2AccessToken);
        this.cassandraTemplate.execute(QueryBuilder.batch((RegularStatement[]) prepareRemoveAccessTokenStatements.toArray(new RegularStatement[prepareRemoveAccessTokenStatements.size()])));
    }

    private List<RegularStatement> prepareRemoveAccessTokenStatements(OAuth2AccessToken oAuth2AccessToken) {
        String value = oAuth2AccessToken.getValue();
        String serializeOAuth2AccessToken = OAuthUtil.serializeOAuth2AccessToken(oAuth2AccessToken);
        ArrayList arrayList = new ArrayList();
        arrayList.add(prepareDeleteByPrimaryKeyRegularStatement(AccessToken.class, value));
        Authentication authentication = (Authentication) this.authenticationRepository.findOne(value);
        if (authentication != null) {
            ByteBuffer byteBuffer = authentication.getoAuth2Authentication();
            byte[] bArr = new byte[byteBuffer.remaining()];
            byteBuffer.get(bArr);
            OAuth2Authentication oAuth2Authentication = (OAuth2Authentication) SerializationUtils.deserialize(bArr);
            String clientId = oAuth2Authentication.getOAuth2Request().getClientId();
            arrayList.add(prepareDeleteByPrimaryKeyRegularStatement(Authentication.class, value));
            arrayList.add(prepareDeleteByPrimaryKeyRegularStatement(AuthenticationToAccessToken.class, this.authenticationKeyGenerator.extractKey(oAuth2Authentication)));
            this.usernameToAccessTokenRepository.findByKeyAndOAuth2AccessToken(OAuthUtil.getApprovalKey(clientId, oAuth2Authentication.getName()), serializeOAuth2AccessToken).ifPresent(usernameToAccessToken -> {
                arrayList.add(CassandraTemplate.createDeleteQuery(UsernameToAccessToken.TABLE, usernameToAccessToken, (QueryOptions) null, this.cassandraTemplate.getConverter()));
            });
            this.clientIdToAccessTokenRepository.findByKeyAndOAuth2AccessToken(clientId, serializeOAuth2AccessToken).ifPresent(clientIdToAccessToken -> {
                arrayList.add(CassandraTemplate.createDeleteQuery(ClientIdToAccessToken.TABLE, clientIdToAccessToken, (QueryOptions) null, this.cassandraTemplate.getConverter()));
            });
        }
        return arrayList;
    }

    public void storeRefreshToken(OAuth2RefreshToken oAuth2RefreshToken, OAuth2Authentication oAuth2Authentication) {
        Date expiration;
        ArrayList arrayList = new ArrayList();
        ByteBuffer wrap = ByteBuffer.wrap(SerializationUtils.serialize(oAuth2RefreshToken));
        ByteBuffer wrap2 = ByteBuffer.wrap(SerializationUtils.serialize(oAuth2Authentication));
        WriteOptions writeOptions = new WriteOptions();
        if ((oAuth2RefreshToken instanceof ExpiringOAuth2RefreshToken) && (expiration = ((ExpiringOAuth2RefreshToken) oAuth2RefreshToken).getExpiration()) != null) {
            writeOptions.setTtl(Integer.valueOf(Long.valueOf((expiration.getTime() - System.currentTimeMillis()) / 1000).intValue()));
        }
        arrayList.add(CassandraTemplate.createInsertQuery(RefreshToken.TABLE, new RefreshToken(oAuth2RefreshToken.getValue(), wrap), writeOptions, this.cassandraTemplate.getConverter()));
        arrayList.add(CassandraTemplate.createInsertQuery(RefreshTokenAuthentication.TABLE, new RefreshTokenAuthentication(oAuth2RefreshToken.getValue(), wrap2), writeOptions, this.cassandraTemplate.getConverter()));
        this.cassandraTemplate.execute(QueryBuilder.batch((RegularStatement[]) arrayList.toArray(new RegularStatement[arrayList.size()])));
    }

    public OAuth2RefreshToken readRefreshToken(String str) {
        RefreshToken refreshToken = (RefreshToken) this.refreshTokenRepository.findOne(str);
        if (refreshToken == null) {
            return null;
        }
        ByteBuffer byteBuffer = refreshToken.getoAuth2RefreshToken();
        byte[] bArr = new byte[byteBuffer.remaining()];
        byteBuffer.get(bArr);
        return (OAuth2RefreshToken) SerializationUtils.deserialize(bArr);
    }

    public OAuth2Authentication readAuthenticationForRefreshToken(OAuth2RefreshToken oAuth2RefreshToken) {
        RefreshTokenAuthentication refreshTokenAuthentication = (RefreshTokenAuthentication) this.refreshTokenAuthenticationRepository.findOne(oAuth2RefreshToken.getValue());
        if (refreshTokenAuthentication == null) {
            return null;
        }
        ByteBuffer byteBuffer = refreshTokenAuthentication.getoAuth2Authentication();
        byte[] bArr = new byte[byteBuffer.remaining()];
        byteBuffer.get(bArr);
        return (OAuth2Authentication) SerializationUtils.deserialize(bArr);
    }

    public void removeRefreshToken(OAuth2RefreshToken oAuth2RefreshToken) {
        String value = oAuth2RefreshToken.getValue();
        ArrayList arrayList = new ArrayList();
        arrayList.add(prepareDeleteByPrimaryKeyRegularStatement(RefreshToken.class, value));
        arrayList.add(prepareDeleteByPrimaryKeyRegularStatement(RefreshTokenAuthentication.class, value));
        arrayList.add(prepareDeleteByPrimaryKeyRegularStatement(RefreshTokenToAccessToken.class, value));
        this.cassandraTemplate.execute(QueryBuilder.batch((RegularStatement[]) arrayList.toArray(new RegularStatement[arrayList.size()])));
    }

    private RegularStatement prepareDeleteByPrimaryKeyRegularStatement(Class<?> cls, String str) {
        try {
            return QueryBuilder.delete().from(cls.getDeclaredField("TABLE").get(null).toString()).where(QueryBuilder.eq(this.cassandraMappingContext.getPersistentEntity(cls).getIdProperty().getColumnName().toCql(), str));
        } catch (IllegalAccessException | IllegalArgumentException | NoSuchFieldException | SecurityException e) {
            logger.error("Error preparing delete statement for repository {}.", cls.getSimpleName());
            throw new RuntimeException(e);
        }
    }

    public void removeAccessTokenUsingRefreshToken(OAuth2RefreshToken oAuth2RefreshToken) {
        RefreshTokenToAccessToken refreshTokenToAccessToken = (RefreshTokenToAccessToken) this.refreshTokenToAccessTokenRepository.findOne(oAuth2RefreshToken.getValue());
        if (refreshTokenToAccessToken != null) {
            AccessToken accessToken = (AccessToken) this.accessTokenRepository.findOne(refreshTokenToAccessToken.getAccessTokenKey());
            if (accessToken == null) {
                return;
            }
            List<RegularStatement> prepareRemoveAccessTokenStatements = prepareRemoveAccessTokenStatements(OAuthUtil.deserializeOAuth2AccessToken(accessToken.getoAuth2AccessToken()));
            prepareRemoveAccessTokenStatements.add(CassandraTemplate.createDeleteQuery(RefreshTokenToAccessToken.TABLE, refreshTokenToAccessToken, (QueryOptions) null, this.cassandraTemplate.getConverter()));
            this.cassandraTemplate.execute(QueryBuilder.batch((RegularStatement[]) prepareRemoveAccessTokenStatements.toArray(new RegularStatement[prepareRemoveAccessTokenStatements.size()])));
        }
    }

    public OAuth2AccessToken getAccessToken(OAuth2Authentication oAuth2Authentication) {
        String extractKey = this.authenticationKeyGenerator.extractKey(oAuth2Authentication);
        AuthenticationToAccessToken authenticationToAccessToken = (AuthenticationToAccessToken) this.authenticationToAccessTokenRepository.findOne(extractKey);
        if (authenticationToAccessToken == null) {
            return null;
        }
        OAuth2AccessToken deserializeOAuth2AccessToken = OAuthUtil.deserializeOAuth2AccessToken(authenticationToAccessToken.getoAuth2AccessToken());
        if (deserializeOAuth2AccessToken != null && !extractKey.equals(this.authenticationKeyGenerator.extractKey(readAuthentication(deserializeOAuth2AccessToken.getValue())))) {
            storeAccessToken(deserializeOAuth2AccessToken, oAuth2Authentication);
        }
        return deserializeOAuth2AccessToken;
    }

    public Collection<OAuth2AccessToken> findTokensByClientIdAndUserName(String str, String str2) {
        Optional<List<UsernameToAccessToken>> findByKey = this.usernameToAccessTokenRepository.findByKey(OAuthUtil.getApprovalKey(str, str2));
        HashSet hashSet = new HashSet();
        findByKey.ifPresent(list -> {
            list.forEach(usernameToAccessToken -> {
                hashSet.add(OAuthUtil.deserializeOAuth2AccessToken(usernameToAccessToken.getOAuth2AccessToken()));
            });
        });
        return hashSet;
    }

    public Collection<OAuth2AccessToken> findTokensByClientId(String str) {
        Optional<List<ClientIdToAccessToken>> findByKey = this.clientIdToAccessTokenRepository.findByKey(str);
        HashSet hashSet = new HashSet();
        findByKey.ifPresent(list -> {
            list.forEach(clientIdToAccessToken -> {
                hashSet.add(OAuthUtil.deserializeOAuth2AccessToken(clientIdToAccessToken.getOAuth2AccessToken()));
            });
        });
        return hashSet;
    }
}
