package org.iplass.mtp.impl.auth.oauth.token.opaque;

import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Base64;
import java.util.List;
import org.iplass.mtp.auth.oauth.AccessTokenInfo;
import org.iplass.mtp.impl.auth.authenticate.token.AuthToken;
import org.iplass.mtp.impl.auth.authenticate.token.AuthTokenService;
import org.iplass.mtp.impl.auth.oauth.MetaOAuthClient;
import org.iplass.mtp.impl.auth.oauth.OAuthAuthorizationService;
import org.iplass.mtp.impl.auth.oauth.token.AccessToken;
import org.iplass.mtp.impl.auth.oauth.token.OAuthAccessTokenStore;
import org.iplass.mtp.impl.auth.oauth.token.RefreshToken;
import org.iplass.mtp.impl.core.ExecuteContext;
import org.iplass.mtp.spi.Config;
import org.iplass.mtp.spi.ServiceConfigrationException;
import org.iplass.mtp.spi.ServiceInitListener;
import org.iplass.mtp.spi.ServiceRegistry;

/* loaded from: input_file:org/iplass/mtp/impl/auth/oauth/token/opaque/OpaqueOAuthAccessTokenStore.class */
public class OpaqueOAuthAccessTokenStore implements OAuthAccessTokenStore, ServiceInitListener<OAuthAuthorizationService> {
    private String authTokenType = AccessTokenHandler.TYPE_OAUTH_DEFAULT;
    private String seriesHashSalt = "iPLAss#OAT2018";
    private String seriesHashAlgorithm = "SHA-256";
    private TokenCreationStrategy tokenCreationStrategy;
    private AccessTokenHandler accessTokenHandler;

    public String getAuthTokenType() {
        return this.authTokenType;
    }

    public void setAuthTokenType(String str) {
        this.authTokenType = str;
    }

    public TokenCreationStrategy getTokenCreationStrategy() {
        return this.tokenCreationStrategy;
    }

    public void setTokenCreationStrategy(TokenCreationStrategy tokenCreationStrategy) {
        this.tokenCreationStrategy = tokenCreationStrategy;
    }

    public String getSeriesHashSalt() {
        return this.seriesHashSalt;
    }

    public void setSeriesHashSalt(String str) {
        this.seriesHashSalt = str;
    }

    public String getSeriesHashAlgorithm() {
        return this.seriesHashAlgorithm;
    }

    public void setSeriesHashAlgorithm(String str) {
        this.seriesHashAlgorithm = str;
    }

    @Override // org.iplass.mtp.impl.auth.oauth.token.OAuthAccessTokenStore
    public AccessToken getAccessTokenByUserOid(MetaOAuthClient.OAuthClientRuntime oAuthClientRuntime, String str) {
        AuthToken bySeries = this.accessTokenHandler.authTokenStore().getBySeries(ExecuteContext.getCurrentContext().getClientTenantId(), this.accessTokenHandler.getType(), toSeriesString(oAuthClientRuntime, str));
        if (bySeries == null) {
            return null;
        }
        return new OpaqueAccessToken(oAuthClientRuntime, (AccessTokenMement) bySeries.getDetails(), bySeries.getSeries(), null, bySeries.getStartDate().getTime(), null);
    }

    @Override // org.iplass.mtp.impl.auth.oauth.token.OAuthAccessTokenStore
    public AccessToken getAccessToken(String str) {
        AuthToken authToken = new AuthToken(str);
        String token = authToken.getToken();
        AuthToken bySeries = this.accessTokenHandler.authTokenStore().getBySeries(ExecuteContext.getCurrentContext().getClientTenantId(), authToken.getType(), authToken.getSeries());
        if (bySeries == null || !this.accessTokenHandler.checkTokenValid(token, bySeries)) {
            return null;
        }
        AccessTokenMement accessTokenMement = (AccessTokenMement) bySeries.getDetails();
        return new OpaqueAccessToken(OAuthServiceHolder.client.getRuntimeById(accessTokenMement.getClientMetaDataId()), accessTokenMement, bySeries.getSeries(), null, bySeries.getStartDate().getTime(), null);
    }

    @Override // org.iplass.mtp.impl.auth.oauth.token.OAuthAccessTokenStore
    public AccessToken createAccessToken(MetaOAuthClient.OAuthClientRuntime oAuthClientRuntime, RefreshToken refreshToken) {
        AuthToken create = this.tokenCreationStrategy.create(oAuthClientRuntime, this.accessTokenHandler, (OpaqueRefreshToken) refreshToken);
        if (create == null) {
            return null;
        }
        return new OpaqueAccessToken(oAuthClientRuntime, (AccessTokenMement) create.getDetails(), create.getSeries(), create.encodeToken(), create.getStartDate().getTime(), null);
    }

    @Override // org.iplass.mtp.impl.auth.oauth.token.OAuthAccessTokenStore
    public AccessToken createAccessToken(MetaOAuthClient.OAuthClientRuntime oAuthClientRuntime, String str, List<String> list) {
        AccessTokenInfo accessTokenInfo = new AccessTokenInfo();
        accessTokenInfo.setClientName(oAuthClientRuntime.m32getMetaData().getName());
        accessTokenInfo.setGrantedScopes(list);
        accessTokenInfo.setType(this.accessTokenHandler.getType());
        AuthToken create = this.tokenCreationStrategy.create(oAuthClientRuntime, this.accessTokenHandler, str, accessTokenInfo);
        AccessTokenMement accessTokenMement = (AccessTokenMement) create.getDetails();
        OpaqueRefreshToken opaqueRefreshToken = null;
        if (accessTokenMement.getRefreshToken() != null) {
            opaqueRefreshToken = new OpaqueRefreshToken(oAuthClientRuntime, (RefreshTokenMement) accessTokenMement.getRefreshToken().getDetails(), accessTokenMement.getRefreshToken().getSeries(), accessTokenMement.getRefreshToken().encodeToken());
        }
        return new OpaqueAccessToken(oAuthClientRuntime, (AccessTokenMement) create.getDetails(), create.getSeries(), create.encodeToken(), create.getStartDate().getTime(), opaqueRefreshToken);
    }

    public void inited(OAuthAuthorizationService oAuthAuthorizationService, Config config) {
        this.accessTokenHandler = (AccessTokenHandler) ServiceRegistry.getRegistry().getService(AuthTokenService.class).getHandler(this.authTokenType);
        try {
            MessageDigest.getInstance(this.seriesHashAlgorithm);
        } catch (NoSuchAlgorithmException e) {
            throw new ServiceConfigrationException("invalid messageDigestAlgorithm", e);
        }
    }

    public void destroyed() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String toSeriesString(MetaOAuthClient.OAuthClientRuntime oAuthClientRuntime, String str) {
        try {
            return Base64.getUrlEncoder().withoutPadding().encodeToString(MessageDigest.getInstance(this.seriesHashAlgorithm).digest((str + "-" + oAuthClientRuntime.m32getMetaData().getId() + "-" + ExecuteContext.getCurrentContext().getClientTenantId() + "-" + this.seriesHashSalt).getBytes("UTF-8")));
        } catch (UnsupportedEncodingException | NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    }

    @Override // org.iplass.mtp.impl.auth.oauth.token.OAuthAccessTokenStore
    public RefreshToken getRefreshToken(String str) {
        AuthToken authToken = new AuthToken(str);
        String token = authToken.getToken();
        AuthToken bySeries = this.accessTokenHandler.refreshTokenHandler().authTokenStore().getBySeries(ExecuteContext.getCurrentContext().getClientTenantId(), authToken.getType(), authToken.getSeries());
        if (bySeries == null || !this.accessTokenHandler.refreshTokenHandler().checkTokenValid(token, bySeries)) {
            return null;
        }
        RefreshTokenMement refreshTokenMement = (RefreshTokenMement) bySeries.getDetails();
        return new OpaqueRefreshToken(OAuthServiceHolder.client.getRuntimeById(refreshTokenMement.getClientMetaDataId()), refreshTokenMement, bySeries.getSeries(), null);
    }

    @Override // org.iplass.mtp.impl.auth.oauth.token.OAuthAccessTokenStore
    public void revokeToken(MetaOAuthClient.OAuthClientRuntime oAuthClientRuntime, String str, String str2) {
        AuthToken authToken = new AuthToken(str);
        String type = authToken.getType();
        if (type.equals(this.accessTokenHandler.getType())) {
            if (!getAccessToken(str).getClientId().equals(oAuthClientRuntime.m32getMetaData().getName())) {
                return;
            }
        } else if (!type.equals(this.accessTokenHandler.getRefreshTokenType()) || !getRefreshToken(str).getClientId().equals(oAuthClientRuntime.m32getMetaData().getName())) {
            return;
        }
        this.accessTokenHandler.authTokenStore().deleteBySeries(ExecuteContext.getCurrentContext().getClientTenantId(), authToken.getType(), authToken.getSeries());
    }

    @Override // org.iplass.mtp.impl.auth.oauth.token.OAuthAccessTokenStore
    public void revokeTokenByUserOid(String str) {
        this.accessTokenHandler.authTokenStore().delete(ExecuteContext.getCurrentContext().getClientTenantId(), this.accessTokenHandler.getType(), str);
    }
}
