package net.shibboleth.idp.profile.support;

import java.io.IOException;
import java.time.Instant;
import java.util.function.Function;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import net.shibboleth.shared.annotation.constraint.NonnullAfterInit;
import net.shibboleth.shared.component.ComponentInitializationException;
import net.shibboleth.shared.net.CookieManager;
import net.shibboleth.shared.primitive.LoggerFactory;
import org.opensaml.profile.context.ProfileRequestContext;
import org.opensaml.storage.StorageRecord;
import org.opensaml.storage.StorageService;
import org.slf4j.Logger;

/* loaded from: input_file:WEB-INF/lib/idp-profile-impl-5.1.0.jar:net/shibboleth/idp/profile/support/StorageAwareCookieManager.class */
public class StorageAwareCookieManager extends CookieManager {

    @Nonnull
    private Logger log = LoggerFactory.getLogger((Class<?>) StorageAwareCookieManager.class);

    @Nullable
    private StorageService storageService;

    @Nullable
    private Function<ProfileRequestContext, String> usernameLookupStrategy;

    @NonnullAfterInit
    private String storageContext;

    public void setStorageService(@Nullable StorageService storageService) {
        checkSetterPreconditions();
        this.storageService = storageService;
    }

    @NonnullAfterInit
    public String getStorageContext() {
        return this.storageContext;
    }

    public void setUsernameLookupStrategy(@Nullable Function<ProfileRequestContext, String> function) {
        checkSetterPreconditions();
        this.usernameLookupStrategy = function;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.shibboleth.shared.net.CookieManager, net.shibboleth.shared.component.AbstractInitializableComponent
    public void doInitialize() throws ComponentInitializationException {
        super.doInitialize();
        if (this.storageService != null) {
            if (getMaxAge() == -1) {
                throw new ComponentInitializationException("StorageService cannot be used for per-session cookie manager.");
            }
            if (this.usernameLookupStrategy == null) {
                throw new ComponentInitializationException("StorageService use requires a username lookup strategy.");
            }
        }
        StringBuilder sb = new StringBuilder(getClass().getName());
        sb.append('!');
        if (getCookieDomain() != null) {
            sb.append(getCookieDomain());
        }
        sb.append('!');
        if (getCookiePath() != null) {
            sb.append(getCookiePath());
        }
        this.storageContext = sb.toString();
    }

    @Override // net.shibboleth.shared.net.CookieManager
    public void addCookie(@Nonnull String str, @Nonnull String str2) {
        super.addCookie(str, str2);
        Long valueOf = Long.valueOf(Instant.now().plusSeconds(getMaxAge()).toEpochMilli());
        StorageService storageService = this.storageService;
        if (storageService != null) {
            try {
                String partitionedCookieName = getPartitionedCookieName(str);
                if (storageService.create(this.storageContext, partitionedCookieName, str2, valueOf)) {
                    this.log.trace("Created new cookie record {}", partitionedCookieName);
                } else if (storageService.update(this.storageContext, partitionedCookieName, str2, valueOf)) {
                    this.log.trace("Updated cookie record {}", partitionedCookieName);
                }
            } catch (IOException e) {
                this.log.warn("Error creating/updating cookie record in storage service", (Throwable) e);
            }
        }
    }

    @Override // net.shibboleth.shared.net.CookieManager
    public void unsetCookie(@Nonnull String str) {
        super.unsetCookie(str);
        StorageService storageService = this.storageService;
        if (storageService != null) {
            try {
                String partitionedCookieName = getPartitionedCookieName(str);
                storageService.delete(this.storageContext, partitionedCookieName);
                this.log.trace("Deleted cookie record {}", partitionedCookieName);
            } catch (IOException e) {
                this.log.warn("Error deleting cookie record from storage service", (Throwable) e);
            }
        }
    }

    @Override // net.shibboleth.shared.net.CookieManager
    @Nullable
    public String getCookieValue(@Nonnull String str, @Nullable String str2) {
        String cookieValue;
        StorageService storageService = this.storageService;
        if (storageService == null) {
            return super.getCookieValue(str, str2);
        }
        try {
            cookieValue = super.getCookieValue(str, null);
        } catch (IOException e) {
            this.log.warn("Error reading cookie record from storage service", (Throwable) e);
        }
        if (cookieValue != null) {
            return cookieValue;
        }
        String partitionedCookieName = getPartitionedCookieName(str);
        StorageRecord read = storageService.read(this.storageContext, partitionedCookieName);
        if (read != null) {
            this.log.debug("Backfilling/setting missing cookie {} based on stored record", partitionedCookieName);
            Long expiration = read.getExpiration();
            if (expiration != null) {
                super.addCookie(str, read.getValue(), ((int) (expiration.longValue() - Instant.now().toEpochMilli())) / 1000);
            } else {
                super.addCookie(str, read.getValue(), -1);
            }
            return read.getValue();
        }
        return str2;
    }

    @Nonnull
    protected String getPartitionedCookieName(@Nonnull String str) throws IOException {
        Object attribute = getHttpServletRequest().getAttribute(ProfileRequestContext.BINDING_KEY);
        if (!(attribute instanceof ProfileRequestContext)) {
            throw new IOException("ProfileRequestContext was unavailable");
        }
        String apply = this.usernameLookupStrategy != null ? this.usernameLookupStrategy.apply((ProfileRequestContext) attribute) : null;
        if (apply != null) {
            return str + "!" + apply;
        }
        throw new IOException("Username was unavailable");
    }
}
