package oracle.kv.impl.security.login;

import java.util.Collections;
import java.util.HashSet;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.Subject;
import oracle.kv.AuthenticationRequiredException;
import oracle.kv.impl.security.KVStoreRolePrincipal;
import oracle.kv.impl.security.login.LoginSession;
import oracle.kv.impl.security.login.SessionId;
import oracle.kv.impl.topo.ResourceId;

/* loaded from: input_file:oracle/kv/impl/security/login/TrustedLoginHandler.class */
public class TrustedLoginHandler {
    private static final int CAPACITY = 10000;
    private static final int SESSION_ID_RANDOM_BYTES = 16;
    private final LoginTable sessMgr;
    private final ResourceId ownerId;
    private final boolean localId;
    private volatile long sessionLifetime;

    public TrustedLoginHandler(ResourceId resourceId, boolean z) {
        this(resourceId, z, 0L, 10000);
    }

    public TrustedLoginHandler(ResourceId resourceId, boolean z, long j, int i) {
        this.ownerId = resourceId;
        this.localId = z;
        this.sessionLifetime = j;
        this.sessMgr = new LoginTable(i, new byte[0], 16);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public LoginResult loginInternal(String str) {
        LoginSession createSession = this.sessMgr.createSession(makeInternalSubject(), str, this.sessionLifetime == 0 ? 0L : System.currentTimeMillis() + this.sessionLifetime);
        return new LoginResult(new LoginToken(new SessionId(createSession.getId().getValue(), this.localId ? SessionId.IdScope.LOCAL : SessionId.IdScope.STORE, this.ownerId), createSession.getExpireTime()));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Subject validateLoginToken(LoginToken loginToken, Logger logger) {
        if (loginToken == null) {
            logMessage(logger, Level.INFO, "Passing an invalid internal login token");
            return null;
        }
        LoginSession lookupSession = this.sessMgr.lookupSession(new LoginSession.Id(loginToken.getSessionId().getIdValue()));
        if (lookupSession == null) {
            logMessage(logger, Level.INFO, "Failed to find the internal session for login token " + loginToken.hashId());
            return null;
        }
        if (!lookupSession.isExpired()) {
            return lookupSession.getSubject();
        }
        logMessage(logger, Level.INFO, "Internal login token " + loginToken.hashId() + " is expired");
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void logout(LoginToken loginToken) {
        if (loginToken == null) {
            throw new AuthenticationRequiredException("LoginToken is null", true);
        }
        LoginSession lookupSession = this.sessMgr.lookupSession(new LoginSession.Id(loginToken.getSessionId().getIdValue()));
        if (lookupSession == null || lookupSession.isExpired()) {
            throw new AuthenticationRequiredException("session is not valid", true);
        }
        this.sessMgr.logoutSession(lookupSession.getId());
    }

    public boolean updateSessionLimit(int i) {
        return this.sessMgr.updateSessionLimit(i);
    }

    public boolean updateSessionLifetime(long j) {
        if (j == this.sessionLifetime) {
            return false;
        }
        this.sessionLifetime = j;
        return true;
    }

    private Subject makeInternalSubject() {
        return new Subject(true, Collections.singleton(KVStoreRolePrincipal.INTERNAL), new HashSet(), new HashSet());
    }

    private void logMessage(Logger logger, Level level, String str) {
        if (logger != null) {
            logger.log(level, str);
        }
    }
}
