package ca.nrc.cadc.auth;

import ca.nrc.cadc.date.DateUtil;
import ca.nrc.cadc.util.PropertiesReader;
import java.io.IOException;
import java.net.URI;
import java.security.InvalidKeyException;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Date;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;

/* loaded from: input_file:ca/nrc/cadc/auth/SSOCookieManager.class */
public class SSOCookieManager {
    public static final String DEFAULT_SSO_COOKIE_NAME = "CADC_SSO";
    public static final int SSO_COOKIE_LIFETIME_HOURS = 48;
    public static final URI SCOPE_URI = URI.create("sso:cadc+canfar");
    public static final String DOMAINS_PROP_FILE = "ac-domains.properties";
    private int offsetExpiryHours = 1;

    public final SignedToken parse(String str) throws InvalidSignedTokenException {
        if (str == null) {
            throw new IllegalArgumentException("value required");
        }
        try {
            return SignedToken.parse(str);
        } catch (Exception e) {
            throw new InvalidSignedTokenException("Bad token." + str);
        }
    }

    public final String generate(HttpPrincipal httpPrincipal) throws InvalidKeyException, IOException {
        HashSet hashSet = new HashSet();
        hashSet.add(httpPrincipal);
        return generate(hashSet);
    }

    public final String generate(Set<Principal> set, URI uri) throws InvalidKeyException, IOException {
        return generate(set, null, uri);
    }

    public final String generate(Set<Principal> set, Date date, URI uri) throws InvalidKeyException, IOException {
        if (date == null) {
            date = getExpirationDate();
        }
        if (uri == null) {
            uri = SCOPE_URI;
        }
        List list = null;
        List<String> propertyValues = new PropertiesReader(DOMAINS_PROP_FILE).getPropertyValues("domains");
        if (propertyValues != null && propertyValues.size() > 0) {
            list = Arrays.asList(propertyValues.get(0).split(" "));
        }
        return SignedToken.format(new SignedToken(set, uri, date, (List<String>) list));
    }

    public final String generate(Set<Principal> set) throws InvalidKeyException, IOException {
        return generate(set, getExpirationDate(), null);
    }

    public Date getExpirationDate() {
        Calendar currentCalendar = getCurrentCalendar();
        currentCalendar.add(10, 48 * this.offsetExpiryHours);
        return currentCalendar.getTime();
    }

    public Calendar getCurrentCalendar() {
        return Calendar.getInstance(DateUtil.UTC);
    }

    public void setOffsetExpiryHours(int i) {
        this.offsetExpiryHours = i;
    }

    public List<SSOCookieCredential> getSSOCookieCredentials(String str) throws InvalidSignedTokenException {
        ArrayList arrayList = new ArrayList();
        SignedToken parse = SignedToken.parse(str);
        Iterator<String> it = parse.getDomains().iterator();
        while (it.hasNext()) {
            arrayList.add(new SSOCookieCredential(str, it.next(), parse.getExpiryTime()));
        }
        return arrayList;
    }
}
