package org.xwiki.apps.googleapps.internal;

import com.xpn.xwiki.XWikiContext;
import com.xpn.xwiki.XWikiException;
import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import javax.crypto.Cipher;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.SecretKeySpec;
import javax.inject.Inject;
import javax.servlet.http.Cookie;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.xwiki.apps.googleapps.CookieAuthenticationPersistence;
import org.xwiki.component.annotation.Component;
import org.xwiki.component.annotation.InstantiationStrategy;
import org.xwiki.component.descriptor.ComponentInstantiationStrategy;
import org.xwiki.component.manager.ComponentManager;
import org.xwiki.stability.Unstable;

@InstantiationStrategy(ComponentInstantiationStrategy.PER_LOOKUP)
@Component
/* loaded from: input_file:org/xwiki/apps/googleapps/internal/CookieAuthenticationPersistenceImpl.class */
public class CookieAuthenticationPersistenceImpl implements CookieAuthenticationPersistence {
    private static final String AUTHENTICATION_CONFIG_PREFIX = "xwiki.authentication";
    private static final String COOKIE_PREFIX_PROPERTY = "xwiki.authentication.cookieprefix";
    private static final String COOKIE_PATH_PROPERTY = "xwiki.authentication.cookiepath";
    private static final String COOKIE_DOMAINS_PROPERTY = "xwiki.authentication.cookiedomains";
    private static final String ENCRYPTION_KEY_PROPERTY = "xwiki.authentication.encryptionKey";
    private static final String CIPHER_ALGORITHM = "TripleDES";
    private static final String AUTHENTICATION_COOKIE = "XWIKITRUSTEDAUTH";
    private static final String COOKIE_DOT_PFX = ".";
    private static final String EQUAL_SIGN = "=";
    private static final String UNDERSCORE = "_";

    @Inject
    private Logger logger;
    private XWikiContext context;

    @Inject
    private ComponentManager componentManager;
    private String cookiePfx;
    private String cookiePath;
    private String[] cookieDomains;
    private long cookieMaxAge;
    private Cipher encryptionCipher;
    private Cipher decryptionCipher;

    @Override // org.xwiki.apps.googleapps.CookieAuthenticationPersistence
    @Unstable
    public void initialize(XWikiContext xWikiContext, long j) throws XWikiException {
        this.context = xWikiContext;
        this.cookiePfx = this.context.getWiki().Param(COOKIE_PREFIX_PROPERTY, "");
        this.cookiePath = this.context.getWiki().Param(COOKIE_PATH_PROPERTY, "/");
        String[] split = StringUtils.split(this.context.getWiki().Param(COOKIE_DOMAINS_PROPERTY), ',');
        if (split == null || split.length <= 0) {
            this.cookieDomains = null;
        } else {
            this.cookieDomains = new String[split.length];
            for (int i = 0; i < split.length; i++) {
                this.cookieDomains[i] = conformCookieDomain(split[i]);
            }
        }
        this.cookieMaxAge = j;
        try {
            this.encryptionCipher = getCipher(true);
            this.decryptionCipher = getCipher(false);
        } catch (Exception e) {
            throw new XWikiException("Unable to initialize ciphers", e);
        }
    }

    @Override // org.xwiki.apps.googleapps.CookieAuthenticationPersistence
    @Unstable
    public void clear() {
        this.cookieMaxAge = 0L;
        store(retrieve());
    }

    @Override // org.xwiki.apps.googleapps.CookieAuthenticationPersistence
    @Unstable
    public void store(String str) {
        Cookie cookie = new Cookie(this.cookiePfx + AUTHENTICATION_COOKIE, encryptText(str));
        cookie.setMaxAge((int) this.cookieMaxAge);
        cookie.setPath(this.cookiePath);
        String cookieDomain = getCookieDomain();
        if (cookieDomain != null) {
            cookie.setDomain(cookieDomain);
        }
        if (this.context.getRequest().isSecure()) {
            cookie.setSecure(true);
        }
        this.context.getResponse().addCookie(cookie);
    }

    @Override // org.xwiki.apps.googleapps.CookieAuthenticationPersistence
    @Unstable
    public String retrieve() {
        this.logger.info("retrieve cookie " + this.cookiePfx + AUTHENTICATION_COOKIE);
        String cookieValue = getCookieValue(this.cookiePfx + AUTHENTICATION_COOKIE);
        if (cookieValue != null) {
            return decryptText(cookieValue);
        }
        return null;
    }

    private Cipher getCipher(boolean z) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException {
        Cipher cipher = null;
        String Param = this.context.getWiki().Param(ENCRYPTION_KEY_PROPERTY);
        if (Param != null) {
            SecretKeySpec secretKeySpec = new SecretKeySpec(Param.substring(0, 24).getBytes(), CIPHER_ALGORITHM);
            cipher = Cipher.getInstance(CIPHER_ALGORITHM);
            cipher.init(z ? 1 : 2, secretKeySpec);
        }
        return cipher;
    }

    private String encryptText(String str) {
        try {
            this.logger.info("text to encrypt : " + str);
            String replaceAll = new String(Base64.encodeBase64(this.encryptionCipher.doFinal(str.getBytes()))).replaceAll(EQUAL_SIGN, UNDERSCORE);
            this.logger.info("encrypted text : " + replaceAll);
            return replaceAll;
        } catch (Exception e) {
            this.logger.error("Failed to encrypt text", e);
            return null;
        }
    }

    private String decryptText(String str) {
        try {
            this.logger.info("text to decrypt : " + str);
            String str2 = new String(this.decryptionCipher.doFinal(Base64.decodeBase64(str.replaceAll(UNDERSCORE, EQUAL_SIGN).getBytes(StandardCharsets.ISO_8859_1))));
            this.logger.info("decrypted text : " + str2);
            return str2;
        } catch (Exception e) {
            this.logger.error("Failed to decrypt text", e);
            return null;
        }
    }

    private String getCookieValue(String str) {
        Cookie cookie;
        if (this.context.getRequest() == null || (cookie = this.context.getRequest().getCookie(str)) == null) {
            return null;
        }
        this.logger.info("cookie : " + cookie);
        return cookie.getValue();
    }

    private String getCookieDomain() {
        String str = null;
        if (this.cookieDomains != null) {
            String conformCookieDomain = conformCookieDomain(this.context.getRequest().getServerName());
            String[] strArr = this.cookieDomains;
            int length = strArr.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                String str2 = strArr[i];
                if (conformCookieDomain.endsWith(str2)) {
                    str = str2;
                    break;
                }
                i++;
            }
        }
        this.logger.debug("Cookie domain is:" + str);
        return str;
    }

    private String conformCookieDomain(String str) {
        return (str == null || str.startsWith(COOKIE_DOT_PFX)) ? str : COOKIE_DOT_PFX.concat(str);
    }
}
