package com.aurel.track.prop;

import com.aurel.track.ApplicationStarter;
import com.aurel.track.admin.user.person.PersonBL;
import com.aurel.track.beans.TPersonBean;
import com.aurel.track.dao.DAOFactory;
import com.aurel.track.item.recurrence.DateConversionUtil;
import com.aurel.track.user.TpPasswordEncoder;
import com.trackplus.track.rest.endpoints.Authentication;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jws;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import java.time.LocalDate;
import java.util.Calendar;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.exception.ExceptionUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.apache.struts2.ServletActionContext;

/* loaded from: input_file:lib/tp-core-5.6.0.jar:com/aurel/track/prop/RememberMeBL.class */
public class RememberMeBL {
    private javax.servlet.http.Cookie authCookie;
    private javax.servlet.http.Cookie rememberMeCookie;
    private HttpServletRequest request;
    private HttpServletResponse response;
    private TpPasswordEncoder passwordEncoder = new TpPasswordEncoder();
    private static final int ONE_YEAR_IN_SECONDS = 31536000;
    private static final String KEY = "zv5CJtPKJWsXo9xCxtCvzr6SyyPdsinjpkrF4Y+jCyuWhP83j3mdO0FtCVI7plhgN2oKHZzXuHQ2MJyhZXC5TA==";
    private static final Logger LOGGER = LogManager.getLogger((Class<?>) RememberMeBL.class);
    private static Map<String, Date> invalidTokens = new HashMap();

    public RememberMeBL(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        this.request = httpServletRequest;
        this.response = httpServletResponse;
        setupCookies();
    }

    private void setupCookies() {
        javax.servlet.http.Cookie[] cookies = this.request.getCookies();
        if (cookies == null || cookies.length <= 0) {
            LOGGER.debug("The request object does not contain any cookie item!");
            return;
        }
        for (javax.servlet.http.Cookie cookie : cookies) {
            String name = cookie.getName();
            if (Cookie.REMEMBER_ME.getName().equals(name)) {
                LOGGER.debug("remember me cookie found!");
                this.rememberMeCookie = cookie;
            }
            if (Cookie.AUTH_TOKEN.getName().equals(name)) {
                LOGGER.debug("authToken cookie found!");
                this.authCookie = cookie;
            }
        }
    }

    public void afterLoginSucceeded(TPersonBean tPersonBean) {
        LOGGER.debug("Executing operations after the user loged in successfully. ");
        if (this.rememberMeCookie == null || !this.rememberMeCookie.getValue().equalsIgnoreCase("true")) {
            LOGGER.debug("The rememberMe cookie is null or false, the authToken cookie and the token is invalidated if exists.");
            if (tPersonBean == null) {
                LOGGER.debug("The personBean is null the system can't invalidate the token!");
                return;
            }
            LOGGER.debug("Invalidating the personBean token!");
            tPersonBean.setTokenPasswd(null);
            tPersonBean.setTokenExpDate(DateConversionUtil.localDateToDate(LocalDate.now().plusYears(50L)));
            PersonBL.save(tPersonBean);
            invalidateCookieAndToken();
            return;
        }
        LOGGER.debug("The remember me cookie is set!");
        String generateAuthToken = generateAuthToken(tPersonBean.getLoginName());
        tPersonBean.setTokenPasswd(this.passwordEncoder.encodePassword1(generateAuthToken));
        tPersonBean.setTokenExpDate(DateConversionUtil.localDateToDate(LocalDate.now().plusYears(50L)));
        PersonBL.save(tPersonBean);
        LOGGER.debug("Generating new token, and saving it in TPersonBean.");
        if (this.authCookie == null) {
            LOGGER.debug("The authToken cookie does not exist, the system creates a new!");
            this.authCookie = new javax.servlet.http.Cookie(Cookie.AUTH_TOKEN.getName(), generateAuthToken);
        } else {
            LOGGER.debug("The authToken cookie exists!");
            this.authCookie.setValue(generateAuthToken);
        }
        this.authCookie.setPath(getContextPath());
        this.authCookie.setDomain(getDomain());
        this.authCookie.setHttpOnly(true);
        this.authCookie.setMaxAge(ONE_YEAR_IN_SECONDS);
        this.response.addCookie(this.authCookie);
        LOGGER.debug("The authToken cookie was updated and it was added into response.");
    }

    public TPersonBean loginWithAuthToken(Map<String, Object> map) {
        TPersonBean isAuthTokenValid = isAuthTokenValid();
        Boolean bool = (Boolean) ServletActionContext.getServletContext().getAttribute(ApplicationStarter.READY);
        if (bool == null || !bool.booleanValue()) {
            LOGGER.debug("The system startup procedure is not yet completed thus the login procedure is not started");
            return null;
        }
        if (isAuthTokenValid == null) {
            LOGGER.debug("The user authToken cookie is NOT valid, the user is not allowed to log in automatically!");
            return null;
        }
        LoginBL.login("false", false, isAuthTokenValid.getLoginName(), AuthenticationType.CLIENT_AUTH_TOKEN, null, null, false, null, isAuthTokenValid.getLocale(), false);
        LOGGER.debug("The user authToken cookie is valid, so the user is logged in, loginName is: " + isAuthTokenValid.getLoginName());
        if (((TPersonBean) map.get("user")) == null) {
            LOGGER.debug("Adding person to the session");
            map.put("user", isAuthTokenValid);
        }
        return isAuthTokenValid;
    }

    private TPersonBean isAuthTokenValid() {
        Jws parseClaimsJws;
        LOGGER.debug("Checking if the authToken cookie is valid.");
        String str = null;
        if (isRememberMeOn() && isAuthCookieSet()) {
            String value = this.authCookie.getValue();
            try {
                parseClaimsJws = Jwts.parser().setSigningKey(LoginBL.getJwtsSigningKey()).parseClaimsJws(value);
            } catch (Exception e) {
                LOGGER.debug(ExceptionUtils.getStackTrace(e));
            }
            if (Authentication.invalidTokens.containsKey(value)) {
                LOGGER.debug("The provided  token it was invalidated, in a prvious log out procedure.");
                return null;
            }
            if (parseClaimsJws != null) {
                str = ((Claims) parseClaimsJws.getBody()).getSubject();
            }
            if (str != null) {
                TPersonBean loadByLoginName = PersonBL.loadByLoginName(str);
                if (loadByLoginName != null && loadByLoginName.getTokenPasswd() != null) {
                    boolean equals = this.passwordEncoder.encodePassword1(this.authCookie.getValue()).equals(loadByLoginName.getTokenPasswd());
                    LOGGER.debug("The authToken cookie and the hashed token value is equal: " + equals);
                    if (equals) {
                        return loadByLoginName;
                    }
                    return null;
                }
                LOGGER.debug("The user object obtained from authToken cookie is null!");
            } else {
                LOGGER.debug("The userName obtained from cookie is null!");
            }
        }
        LOGGER.debug("The remember me or the autToken cookie is null;");
        return null;
    }

    private String generateAuthToken(String str) {
        LOGGER.debug("Generating new token!");
        return Jwts.builder().setSubject(str).setExpiration(getTokenExp()).signWith(SignatureAlgorithm.HS512, LoginBL.getJwtsSigningKey()).compact();
    }

    public void logout(TPersonBean tPersonBean) {
        LOGGER.debug("The system executed the log out procedure rememberMe part.");
        invalidateCookieAndToken();
        removeInvalidTokens();
        if (tPersonBean != null) {
            tPersonBean.setTokenPasswd(null);
            DAOFactory.getFactory().getPersonDAO().save(tPersonBean);
        }
    }

    private void invalidateCookieAndToken() {
        try {
            if (isAuthCookieSet()) {
                invalidTokens.put(this.authCookie.getValue(), ((Claims) Jwts.parser().setSigningKey(LoginBL.getJwtsSigningKey()).parseClaimsJws(this.authCookie.getValue()).getBody()).getExpiration());
                if (invalidateAuthCookie()) {
                    invalidateAuthCookie();
                    this.response.addCookie(this.authCookie);
                } else {
                    LOGGER.debug("The authToken cookie was not invalidated!");
                }
            }
        } catch (Exception e) {
            LOGGER.debug(e);
        }
    }

    private boolean invalidateAuthCookie() {
        if (!isAuthCookieSet()) {
            return false;
        }
        this.authCookie.setPath(getContextPath());
        this.authCookie.setDomain(getDomain());
        this.authCookie.setHttpOnly(true);
        this.authCookie.setMaxAge(0);
        this.authCookie.setValue("");
        LOGGER.debug("The system invalidated the authToken cookie.");
        return true;
    }

    private Date getTokenExp() {
        Calendar calendar = Calendar.getInstance();
        calendar.setTime(new Date());
        calendar.add(13, ONE_YEAR_IN_SECONDS);
        return calendar.getTime();
    }

    private boolean isRememberMeOn() {
        return this.rememberMeCookie != null && "true".equalsIgnoreCase(this.rememberMeCookie.getValue());
    }

    private boolean isAuthCookieSet() {
        return (this.authCookie == null || this.authCookie.getValue() == null || this.authCookie.getValue().isEmpty()) ? false : true;
    }

    private static void removeInvalidTokens() {
        LOGGER.debug("Removing invalid tokens.");
        if (invalidTokens == null || invalidTokens.isEmpty()) {
            return;
        }
        Date date = new Date();
        Iterator<Map.Entry<String, Date>> it = invalidTokens.entrySet().iterator();
        while (it.hasNext()) {
            if (date.compareTo(it.next().getValue()) > 0) {
                it.remove();
                LOGGER.debug("An expired invalid token has been removed.");
            }
        }
    }

    private String getDomain() {
        String serverName = this.request.getServerName();
        LOGGER.debug("The server name is: " + serverName);
        return serverName;
    }

    private String getContextPath() {
        String contextPath = this.request.getContextPath();
        LOGGER.debug("The server context path is: " + contextPath);
        return contextPath;
    }
}
