package org.springframework.security.web.authentication.rememberme;

import java.security.SecureRandom;
import java.util.Arrays;
import java.util.Date;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.dao.DataAccessException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.codec.Base64;
import org.springframework.util.Assert;

/* loaded from: input_file:fk-admin-ui-war-3.0.19.war:WEB-INF/lib/spring-security-web-3.1.1.RELEASE.jar:org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.class */
public class PersistentTokenBasedRememberMeServices extends AbstractRememberMeServices {
    private PersistentTokenRepository tokenRepository;
    private SecureRandom random;
    public static final int DEFAULT_SERIES_LENGTH = 16;
    public static final int DEFAULT_TOKEN_LENGTH = 16;
    private int seriesLength;
    private int tokenLength;

    @Deprecated
    public PersistentTokenBasedRememberMeServices() {
        this.tokenRepository = new InMemoryTokenRepositoryImpl();
        this.seriesLength = 16;
        this.tokenLength = 16;
        this.random = new SecureRandom();
    }

    public PersistentTokenBasedRememberMeServices(String str, UserDetailsService userDetailsService, PersistentTokenRepository persistentTokenRepository) {
        super(str, userDetailsService);
        this.tokenRepository = new InMemoryTokenRepositoryImpl();
        this.seriesLength = 16;
        this.tokenLength = 16;
        this.random = new SecureRandom();
        this.tokenRepository = persistentTokenRepository;
    }

    @Override // org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
    protected UserDetails processAutoLoginCookie(String[] strArr, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (strArr.length != 2) {
            throw new InvalidCookieException("Cookie token did not contain 2 tokens, but contained '" + Arrays.asList(strArr) + "'");
        }
        String str = strArr[0];
        String str2 = strArr[1];
        PersistentRememberMeToken tokenForSeries = this.tokenRepository.getTokenForSeries(str);
        if (tokenForSeries == null) {
            throw new RememberMeAuthenticationException("No persistent token found for series id: " + str);
        }
        if (!str2.equals(tokenForSeries.getTokenValue())) {
            this.tokenRepository.removeUserTokens(tokenForSeries.getUsername());
            throw new CookieTheftException(this.messages.getMessage("PersistentTokenBasedRememberMeServices.cookieStolen", "Invalid remember-me token (Series/token) mismatch. Implies previous cookie theft attack."));
        }
        if (tokenForSeries.getDate().getTime() + (getTokenValiditySeconds() * 1000) < System.currentTimeMillis()) {
            throw new RememberMeAuthenticationException("Remember-me login has expired");
        }
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("Refreshing persistent login token for user '" + tokenForSeries.getUsername() + "', series '" + tokenForSeries.getSeries() + "'");
        }
        PersistentRememberMeToken persistentRememberMeToken = new PersistentRememberMeToken(tokenForSeries.getUsername(), tokenForSeries.getSeries(), generateTokenData(), new Date());
        try {
            this.tokenRepository.updateToken(persistentRememberMeToken.getSeries(), persistentRememberMeToken.getTokenValue(), persistentRememberMeToken.getDate());
            addCookie(persistentRememberMeToken, httpServletRequest, httpServletResponse);
            return getUserDetailsService().loadUserByUsername(tokenForSeries.getUsername());
        } catch (DataAccessException e) {
            this.logger.error("Failed to update token: ", e);
            throw new RememberMeAuthenticationException("Autologin failed due to data access problem");
        }
    }

    @Override // org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
    protected void onLoginSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) {
        String name = authentication.getName();
        this.logger.debug("Creating new persistent login for user " + name);
        PersistentRememberMeToken persistentRememberMeToken = new PersistentRememberMeToken(name, generateSeriesData(), generateTokenData(), new Date());
        try {
            this.tokenRepository.createNewToken(persistentRememberMeToken);
            addCookie(persistentRememberMeToken, httpServletRequest, httpServletResponse);
        } catch (DataAccessException e) {
            this.logger.error("Failed to save persistent token ", e);
        }
    }

    @Override // org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices, org.springframework.security.web.authentication.logout.LogoutHandler
    public void logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) {
        super.logout(httpServletRequest, httpServletResponse, authentication);
        if (authentication != null) {
            this.tokenRepository.removeUserTokens(authentication.getName());
        }
    }

    protected String generateSeriesData() {
        byte[] bArr = new byte[this.seriesLength];
        this.random.nextBytes(bArr);
        return new String(Base64.encode(bArr));
    }

    protected String generateTokenData() {
        byte[] bArr = new byte[this.tokenLength];
        this.random.nextBytes(bArr);
        return new String(Base64.encode(bArr));
    }

    private void addCookie(PersistentRememberMeToken persistentRememberMeToken, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        setCookie(new String[]{persistentRememberMeToken.getSeries(), persistentRememberMeToken.getTokenValue()}, getTokenValiditySeconds(), httpServletRequest, httpServletResponse);
    }

    @Deprecated
    public void setTokenRepository(PersistentTokenRepository persistentTokenRepository) {
        this.tokenRepository = persistentTokenRepository;
    }

    public void setSeriesLength(int i) {
        this.seriesLength = i;
    }

    public void setTokenLength(int i) {
        this.tokenLength = i;
    }

    @Override // org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
    public void setTokenValiditySeconds(int i) {
        Assert.isTrue(i > 0, "tokenValiditySeconds must be positive for this implementation");
        super.setTokenValiditySeconds(i);
    }
}
