package org.glassfish.common.util.admin;

import com.sun.enterprise.util.LocalStringManagerImpl;
import com.sun.logging.LogDomains;
import java.security.SecureRandom;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.jvnet.hk2.annotations.Scoped;
import org.jvnet.hk2.annotations.Service;
import org.jvnet.hk2.component.Singleton;

@Service
@Scoped(Singleton.class)
/* loaded from: input_file:org/glassfish/common/util/admin/AuthTokenManager.class */
public class AuthTokenManager {
    public static final String AUTH_TOKEN_OPTION_NAME = "_authtoken";
    private static final String SUPPRESSED_TOKEN_OUTPUT = "????";
    private static final int TOKEN_SIZE = 10;
    private static final long TOKEN_EXPIRATION_IN_MS = 60000;
    private final SecureRandom rng = new SecureRandom();
    private final Map<String, TokenInfo> liveTokens = new HashMap();
    private final Logger logger = LogDomains.getLogger(AuthTokenManager.class, LogDomains.ADMIN_LOGGER);
    private static final char REUSE_TOKEN_MARKER = '+';
    private static final LocalStringManagerImpl localStrings = new LocalStringManagerImpl(AuthTokenManager.class);
    private static final char[] hex = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'};

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/glassfish/common/util/admin/AuthTokenManager$TokenInfo.class */
    public class TokenInfo {
        private final String token;
        private int usesRemaining;
        private long expiration;

        private TokenInfo(String str) {
            this.usesRemaining = 2;
            this.expiration = System.currentTimeMillis() + 60000;
            this.token = str;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public synchronized boolean use(boolean z, long j) {
            if (!isUsedUp(j)) {
                if (!z) {
                    this.usesRemaining--;
                }
                AuthTokenManager.this.logger.log(Level.FINER, "Use of auth token {0} OK; isBeingReused = {2}; remaining uses = {1,number,integer}", new Object[]{this.token, new Integer(this.usesRemaining), Boolean.toString(z)});
                this.expiration += 60000;
                return true;
            }
            LocalStringManagerImpl localStringManagerImpl = AuthTokenManager.localStrings;
            Object[] objArr = new Object[3];
            objArr[0] = new Integer(this.usesRemaining);
            objArr[1] = Boolean.toString(this.expiration <= j);
            objArr[2] = AuthTokenManager.this.logger.isLoggable(Level.FINER) ? this.token : AuthTokenManager.SUPPRESSED_TOKEN_OUTPUT;
            localStringManagerImpl.getLocalString("AuthTokenInvalid", "Use of auth token {2} attempted but token is invalid; usesRemaining = {0,number,integer}, expired = {1}", objArr);
            return false;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public boolean isUsedUp(long j) {
            return this.usesRemaining <= 0 || this.expiration <= j;
        }
    }

    public String createToken() {
        byte[] bArr = new byte[TOKEN_SIZE];
        this.rng.nextBytes(bArr);
        String hex2 = toHex(bArr);
        this.liveTokens.put(hex2, new TokenInfo(hex2));
        this.logger.log(Level.FINER, "Auth token {0} created", hex2);
        return hex2;
    }

    public boolean consumeToken(String str) {
        long currentTimeMillis = System.currentTimeMillis();
        int indexOf = str.indexOf(REUSE_TOKEN_MARKER);
        boolean z = indexOf != -1;
        String substring = z ? str.substring(0, indexOf) : str;
        TokenInfo tokenInfo = this.liveTokens.get(substring);
        if (tokenInfo == null) {
            Logger logger = this.logger;
            Level level = Level.WARNING;
            LocalStringManagerImpl localStringManagerImpl = localStrings;
            Object[] objArr = new Object[1];
            objArr[0] = this.logger.isLoggable(Level.FINER) ? substring : SUPPRESSED_TOKEN_OUTPUT;
            logger.log(level, localStringManagerImpl.getLocalString("AuthTokenNonexistent", "Attempt to use non-existent auth token {0}", objArr));
        }
        boolean z2 = tokenInfo != null && tokenInfo.use(z, currentTimeMillis);
        retireExpiredTokens(currentTimeMillis);
        return z2;
    }

    public static String markTokenForReuse(String str) {
        return str + '+';
    }

    private synchronized void retireExpiredTokens(long j) {
        Iterator<Map.Entry<String, TokenInfo>> it = this.liveTokens.entrySet().iterator();
        while (it.hasNext()) {
            Map.Entry<String, TokenInfo> next = it.next();
            if (next.getValue().isUsedUp(j)) {
                this.logger.log(Level.FINER, "Auth token {0} being retired during scan", next.getValue().token);
                it.remove();
            }
        }
    }

    private static String toHex(byte[] bArr) {
        char[] cArr = new char[bArr.length * 2];
        int i = 0;
        for (byte b : bArr) {
            int i2 = i;
            int i3 = i + 1;
            cArr[i2] = hex[(b >> 4) & 15];
            i = i3 + 1;
            cArr[i3] = hex[b & 15];
        }
        return new String(cArr);
    }
}
