package com.atlassian.seraph.service.rememberme;

import com.atlassian.security.utils.ConstantTimeComparison;
import com.atlassian.seraph.ioc.ApplicationServicesRegistry;
import com.atlassian.seraph.spi.rememberme.RememberMeConfiguration;
import com.atlassian.seraph.spi.rememberme.RememberMeTokenDao;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.util.concurrent.TimeUnit;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:META-INF/lib/atlassian-seraph-4.2.5.jar:com/atlassian/seraph/service/rememberme/DefaultRememberMeService.class */
public class DefaultRememberMeService implements RememberMeService {
    private static final Logger log = LoggerFactory.getLogger(DefaultRememberMeService.class);
    private final RememberMeConfiguration rememberMeConfiguration;
    private final RememberMeTokenDao rememberMeTokenDao;
    private final RememberMeTokenGenerator rememberMeTokenGenerator;
    private static final String URL_ENCODING = "UTF-8";

    public DefaultRememberMeService(RememberMeConfiguration rememberMeConfiguration, RememberMeTokenDao rememberMeTokenDao, RememberMeTokenGenerator rememberMeTokenGenerator) {
        this.rememberMeConfiguration = rememberMeConfiguration;
        this.rememberMeTokenDao = rememberMeTokenDao;
        this.rememberMeTokenGenerator = rememberMeTokenGenerator;
        ApplicationServicesRegistry.setRememberMeService(this);
    }

    @Override // com.atlassian.seraph.service.rememberme.RememberMeService
    public String getRememberMeCookieAuthenticatedUsername(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        RememberMeToken cookieValue = getCookieValue(httpServletRequest);
        if (cookieValue == null) {
            return null;
        }
        RememberMeToken findById = this.rememberMeTokenDao.findById(cookieValue.getId());
        if (findById != null && ConstantTimeComparison.isEqual(cookieValue.getRandomString(), findById.getRandomString()) && !isExpired(findById)) {
            return findById.getUserName();
        }
        if (httpServletResponse == null) {
            return null;
        }
        removeRememberMeCookie(httpServletRequest, httpServletResponse);
        return null;
    }

    private boolean isExpired(RememberMeToken rememberMeToken) {
        return rememberMeToken.getCreatedTime() + TimeUnit.SECONDS.toMillis((long) this.rememberMeConfiguration.getCookieMaxAgeInSeconds()) < System.currentTimeMillis();
    }

    @Override // com.atlassian.seraph.service.rememberme.RememberMeService
    public void addRememberMeCookie(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        RememberMeToken save = this.rememberMeTokenDao.save(this.rememberMeTokenGenerator.generateToken(str));
        String cookieName = this.rememberMeConfiguration.getCookieName();
        Cookie findRememberCookie = findRememberCookie(httpServletRequest, cookieName);
        if (findRememberCookie == null) {
            findRememberCookie = new Cookie(cookieName, save.getRandomString());
        }
        setValuesIntoCookie(httpServletRequest, findRememberCookie, toCookieValue(save), this.rememberMeConfiguration.getCookieMaxAgeInSeconds(), this.rememberMeConfiguration.getCookieDomain(httpServletRequest), this.rememberMeConfiguration.getCookiePath(httpServletRequest), this.rememberMeConfiguration.isInsecureCookieAlwaysUsed());
        setRememberMeCookie(httpServletRequest, httpServletResponse, findRememberCookie);
    }

    @Override // com.atlassian.seraph.service.rememberme.RememberMeService
    public void removeRememberMeCookie(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Cookie findRememberCookie = findRememberCookie(httpServletRequest, this.rememberMeConfiguration.getCookieName());
        if (findRememberCookie != null) {
            RememberMeToken parseIntoToken = parseIntoToken(findRememberCookie);
            setValuesIntoCookie(httpServletRequest, findRememberCookie, "", 0, this.rememberMeConfiguration.getCookieDomain(httpServletRequest), this.rememberMeConfiguration.getCookiePath(httpServletRequest), this.rememberMeConfiguration.isInsecureCookieAlwaysUsed());
            setRememberMeCookie(httpServletRequest, httpServletResponse, findRememberCookie);
            if (parseIntoToken != null) {
                this.rememberMeTokenDao.remove(parseIntoToken.getId());
            }
        }
    }

    private void setValuesIntoCookie(HttpServletRequest httpServletRequest, Cookie cookie, String str, int i, String str2, String str3, boolean z) {
        if (StringUtils.isNotBlank(str2)) {
            cookie.setDomain(str2);
        }
        if (StringUtils.isNotBlank(str3)) {
            cookie.setPath(str3);
        }
        if (!z) {
            cookie.setSecure(httpServletRequest.isSecure());
        }
        cookie.setMaxAge(i);
        cookie.setValue(escapeInvalidCookieCharacters(str));
    }

    private void setRememberMeCookie(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Cookie cookie) {
        if (this.rememberMeConfiguration.isCookieHttpOnly(httpServletRequest)) {
            cookie.setHttpOnly(true);
        }
        httpServletResponse.addCookie(cookie);
    }

    private String toCookieValue(RememberMeToken rememberMeToken) {
        return rememberMeToken.getId() + ":" + rememberMeToken.getRandomString();
    }

    private RememberMeToken getCookieValue(HttpServletRequest httpServletRequest) {
        Cookie findRememberCookie = findRememberCookie(httpServletRequest, this.rememberMeConfiguration.getCookieName());
        if (findRememberCookie != null) {
            return parseIntoToken(findRememberCookie);
        }
        return null;
    }

    private RememberMeToken parseIntoToken(Cookie cookie) {
        int indexOf;
        String unescapeInvalidCookieCharacters = unescapeInvalidCookieCharacters(cookie.getValue());
        if (StringUtils.isBlank(unescapeInvalidCookieCharacters) || (indexOf = unescapeInvalidCookieCharacters.indexOf(58)) <= 0 || indexOf == unescapeInvalidCookieCharacters.length() - 1) {
            return null;
        }
        try {
            return DefaultRememberMeToken.builder(Long.valueOf(Long.parseLong(unescapeInvalidCookieCharacters.substring(0, indexOf))), unescapeInvalidCookieCharacters.substring(indexOf + 1)).build();
        } catch (NumberFormatException e) {
            return null;
        }
    }

    private Cookie findRememberCookie(HttpServletRequest httpServletRequest, String str) {
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies == null) {
            return null;
        }
        for (Cookie cookie : cookies) {
            if (str.equalsIgnoreCase(cookie.getName())) {
                return cookie;
            }
        }
        return null;
    }

    private static String escapeInvalidCookieCharacters(String str) {
        try {
            return URLEncoder.encode(str, URL_ENCODING);
        } catch (UnsupportedEncodingException e) {
            throw new AssertionError(e);
        }
    }

    private static String unescapeInvalidCookieCharacters(String str) {
        try {
            return URLDecoder.decode(str, URL_ENCODING);
        } catch (UnsupportedEncodingException e) {
            log.error("UTF-8 encoding unsupported !!?!! How is that possible in java?", e);
            throw new AssertionError(e);
        }
    }
}
