package com.github.biegleux.gae.oauth.tokenstore;

import com.github.biegleux.gae.oauth.tokenstore.persistence.GaeOAuthAccessTokenRepository;
import com.github.biegleux.gae.oauth.tokenstore.persistence.GaeOAuthRefreshTokenRepository;
import com.github.biegleux.gae.oauth.tokenstore.persistence.model.GaeOAuthAccessToken;
import com.github.biegleux.gae.oauth.tokenstore.persistence.model.GaeOAuthRefreshToken;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import javax.jdo.JDOException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.common.OAuth2RefreshToken;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.token.AuthenticationKeyGenerator;
import org.springframework.security.oauth2.provider.token.DefaultAuthenticationKeyGenerator;
import org.springframework.security.oauth2.provider.token.TokenStore;

/* loaded from: input_file:com/github/biegleux/gae/oauth/tokenstore/GaeTokenStore.class */
public class GaeTokenStore implements TokenStore {
    private static final Log LOG = LogFactory.getLog(GaeTokenStore.class);
    private AuthenticationKeyGenerator authenticationKeyGenerator = new DefaultAuthenticationKeyGenerator();
    private final GaeOAuthAccessTokenRepository accessTokens = new GaeOAuthAccessTokenRepository();
    private final GaeOAuthRefreshTokenRepository refreshTokens = new GaeOAuthRefreshTokenRepository();

    public void setAuthenticationKeyGenerator(AuthenticationKeyGenerator authenticationKeyGenerator) {
        this.authenticationKeyGenerator = authenticationKeyGenerator;
    }

    public OAuth2AccessToken getAccessToken(OAuth2Authentication oAuth2Authentication) {
        OAuth2AccessToken oAuth2AccessToken = null;
        String extractKey = this.authenticationKeyGenerator.extractKey(oAuth2Authentication);
        try {
            GaeOAuthAccessToken findByAuthenticationId = this.accessTokens.findByAuthenticationId(extractKey);
            if (findByAuthenticationId != null) {
                oAuth2AccessToken = findByAuthenticationId.getToken();
            } else if (LOG.isDebugEnabled()) {
                LOG.debug("Failed to find access token for authentication " + oAuth2Authentication);
            }
        } catch (JDOException e) {
            LOG.error("Could not extract access token for authentication " + oAuth2Authentication, e);
        }
        if (oAuth2AccessToken != null && !extractKey.equals(this.authenticationKeyGenerator.extractKey(readAuthentication(oAuth2AccessToken.getValue())))) {
            removeAccessToken(oAuth2AccessToken.getValue());
            storeAccessToken(oAuth2AccessToken, oAuth2Authentication);
        }
        return oAuth2AccessToken;
    }

    public void storeAccessToken(OAuth2AccessToken oAuth2AccessToken, OAuth2Authentication oAuth2Authentication) {
        String str = null;
        if (oAuth2AccessToken.getRefreshToken() != null) {
            str = oAuth2AccessToken.getRefreshToken().getValue();
        }
        if (readAccessToken(oAuth2AccessToken.getValue()) != null) {
            removeAccessToken(oAuth2AccessToken.getValue());
        }
        GaeOAuthAccessToken gaeOAuthAccessToken = new GaeOAuthAccessToken();
        gaeOAuthAccessToken.setTokenId(extractTokenKey(oAuth2AccessToken.getValue()));
        gaeOAuthAccessToken.setToken(oAuth2AccessToken);
        gaeOAuthAccessToken.setAuthenticationId(this.authenticationKeyGenerator.extractKey(oAuth2Authentication));
        gaeOAuthAccessToken.setUsername(oAuth2Authentication.isClientOnly() ? null : oAuth2Authentication.getName());
        gaeOAuthAccessToken.setClientId(oAuth2Authentication.getOAuth2Request().getClientId());
        gaeOAuthAccessToken.setAuthentication(oAuth2Authentication);
        gaeOAuthAccessToken.setRefreshToken(extractTokenKey(str));
        this.accessTokens.save(gaeOAuthAccessToken);
    }

    public OAuth2AccessToken readAccessToken(String str) {
        OAuth2AccessToken oAuth2AccessToken = null;
        try {
            GaeOAuthAccessToken findByTokenId = this.accessTokens.findByTokenId(extractTokenKey(str));
            if (findByTokenId != null) {
                oAuth2AccessToken = findByTokenId.getToken();
            } else if (LOG.isInfoEnabled()) {
                LOG.info("Failed to find access token for token " + str);
            }
        } catch (JDOException e) {
            LOG.warn("Failed to deserialize access token for " + str, e);
            removeAccessToken(str);
        }
        return oAuth2AccessToken;
    }

    public void removeAccessToken(OAuth2AccessToken oAuth2AccessToken) {
        removeAccessToken(oAuth2AccessToken.getValue());
    }

    public void removeAccessToken(String str) {
        GaeOAuthAccessToken findByTokenId = this.accessTokens.findByTokenId(extractTokenKey(str));
        if (findByTokenId != null) {
            this.accessTokens.delete(findByTokenId);
        }
    }

    public OAuth2Authentication readAuthentication(OAuth2AccessToken oAuth2AccessToken) {
        return readAuthentication(oAuth2AccessToken.getValue());
    }

    public OAuth2Authentication readAuthentication(String str) {
        OAuth2Authentication oAuth2Authentication = null;
        try {
            GaeOAuthAccessToken findByTokenId = this.accessTokens.findByTokenId(extractTokenKey(str));
            if (findByTokenId != null) {
                oAuth2Authentication = findByTokenId.getAuthentication();
            } else if (LOG.isInfoEnabled()) {
                LOG.info("Failed to find access token for token " + str);
            }
        } catch (JDOException e) {
            LOG.warn("Failed to deserialize authentication for " + str, e);
            removeAccessToken(str);
        }
        return oAuth2Authentication;
    }

    public void storeRefreshToken(OAuth2RefreshToken oAuth2RefreshToken, OAuth2Authentication oAuth2Authentication) {
        GaeOAuthRefreshToken gaeOAuthRefreshToken = new GaeOAuthRefreshToken();
        gaeOAuthRefreshToken.setTokenId(extractTokenKey(oAuth2RefreshToken.getValue()));
        gaeOAuthRefreshToken.setToken(oAuth2RefreshToken);
        gaeOAuthRefreshToken.setAuthentication(oAuth2Authentication);
        this.refreshTokens.save(gaeOAuthRefreshToken);
    }

    public OAuth2RefreshToken readRefreshToken(String str) {
        OAuth2RefreshToken oAuth2RefreshToken = null;
        try {
            GaeOAuthRefreshToken findByTokenId = this.refreshTokens.findByTokenId(extractTokenKey(str));
            if (findByTokenId != null) {
                oAuth2RefreshToken = findByTokenId.getToken();
            } else if (LOG.isInfoEnabled()) {
                LOG.info("Failed to find refresh token for token " + str);
            }
        } catch (JDOException e) {
            LOG.warn("Failed to deserialize refresh token for token " + str, e);
            removeRefreshToken(str);
        }
        return oAuth2RefreshToken;
    }

    public void removeRefreshToken(OAuth2RefreshToken oAuth2RefreshToken) {
        removeRefreshToken(oAuth2RefreshToken.getValue());
    }

    public void removeRefreshToken(String str) {
        GaeOAuthRefreshToken findByTokenId = this.refreshTokens.findByTokenId(extractTokenKey(str));
        if (findByTokenId != null) {
            this.refreshTokens.delete(findByTokenId);
        }
    }

    public OAuth2Authentication readAuthenticationForRefreshToken(OAuth2RefreshToken oAuth2RefreshToken) {
        return readAuthenticationForRefreshToken(oAuth2RefreshToken.getValue());
    }

    public OAuth2Authentication readAuthenticationForRefreshToken(String str) {
        OAuth2Authentication oAuth2Authentication = null;
        try {
            GaeOAuthRefreshToken findByTokenId = this.refreshTokens.findByTokenId(extractTokenKey(str));
            if (findByTokenId != null) {
                oAuth2Authentication = findByTokenId.getAuthentication();
            } else if (LOG.isInfoEnabled()) {
                LOG.info("Failed to find access token for token " + str);
            }
        } catch (JDOException e) {
            LOG.warn("Failed to deserialize access token for " + str, e);
            removeRefreshToken(str);
        }
        return oAuth2Authentication;
    }

    public void removeAccessTokenUsingRefreshToken(OAuth2RefreshToken oAuth2RefreshToken) {
        removeAccessTokenUsingRefreshToken(oAuth2RefreshToken.getValue());
    }

    public void removeAccessTokenUsingRefreshToken(String str) {
        this.accessTokens.deleteAll(this.accessTokens.findByRefreshToken(extractTokenKey(str)));
    }

    public Collection<OAuth2AccessToken> findTokensByClientId(String str) {
        List<OAuth2AccessToken> arrayList = new ArrayList<>();
        List<GaeOAuthAccessToken> findByClientId = this.accessTokens.findByClientId(str);
        if (findByClientId.isEmpty() && LOG.isInfoEnabled()) {
            LOG.info("Failed to find access token for clientId " + str);
        }
        for (GaeOAuthAccessToken gaeOAuthAccessToken : findByClientId) {
            try {
                arrayList.add(gaeOAuthAccessToken.getToken());
            } catch (JDOException e) {
                this.accessTokens.delete(gaeOAuthAccessToken);
            }
        }
        return removeNulls(arrayList);
    }

    public Collection<OAuth2AccessToken> findTokensByClientIdAndUserName(String str, String str2) {
        List<OAuth2AccessToken> arrayList = new ArrayList<>();
        List<GaeOAuthAccessToken> findByUsernameAndClientId = this.accessTokens.findByUsernameAndClientId(str2, str);
        if (findByUsernameAndClientId.isEmpty() && LOG.isInfoEnabled()) {
            LOG.info("Failed to find access token for userName " + str2);
        }
        for (GaeOAuthAccessToken gaeOAuthAccessToken : findByUsernameAndClientId) {
            try {
                arrayList.add(gaeOAuthAccessToken.getToken());
            } catch (JDOException e) {
                this.accessTokens.delete(gaeOAuthAccessToken);
            }
        }
        return removeNulls(arrayList);
    }

    private List<OAuth2AccessToken> removeNulls(List<OAuth2AccessToken> list) {
        ArrayList arrayList = new ArrayList();
        for (OAuth2AccessToken oAuth2AccessToken : list) {
            if (oAuth2AccessToken != null) {
                arrayList.add(oAuth2AccessToken);
            }
        }
        return arrayList;
    }

    protected String extractTokenKey(String str) {
        if (str == null) {
            return null;
        }
        try {
            try {
                return String.format("%032x", new BigInteger(1, MessageDigest.getInstance("MD5").digest(str.getBytes("UTF-8"))));
            } catch (UnsupportedEncodingException e) {
                throw new IllegalStateException("UTF-8 encoding not available.  Fatal (should be in the JDK).");
            }
        } catch (NoSuchAlgorithmException e2) {
            throw new IllegalStateException("MD5 algorithm not available.  Fatal (should be in the JDK).");
        }
    }
}
