package net.shibboleth.idp.cas.ticket.impl;

import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import net.shibboleth.idp.cas.ticket.ProxyGrantingTicket;
import net.shibboleth.idp.cas.ticket.ProxyTicket;
import net.shibboleth.idp.cas.ticket.ServiceTicket;
import net.shibboleth.idp.cas.ticket.Ticket;
import net.shibboleth.idp.cas.ticket.TicketState;
import net.shibboleth.utilities.java.support.annotation.ParameterName;
import net.shibboleth.utilities.java.support.annotation.constraint.NotEmpty;
import net.shibboleth.utilities.java.support.logic.Constraint;
import net.shibboleth.utilities.java.support.security.DataSealer;
import org.joda.time.Instant;
import org.opensaml.storage.StorageService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/shibboleth/idp/cas/ticket/impl/EncodingTicketService.class */
public class EncodingTicketService extends AbstractTicketService {
    public static final String SERVICE_TICKET_PREFIX = "ST";
    public static final String PROXY_TICKET_PREFIX = "PT";
    private static final String NOT_USED = "na";
    private final Logger log;

    @Nonnull
    private final DataSealer dataSealer;

    @NotEmpty
    private String serviceTicketPrefix;

    @NotEmpty
    private String proxyTicketPrefix;

    public EncodingTicketService(@Nonnull @ParameterName(name = "service") StorageService storageService, @Nonnull @ParameterName(name = "sealer") DataSealer dataSealer) {
        super(storageService);
        this.log = LoggerFactory.getLogger(EncodingTicketService.class);
        this.serviceTicketPrefix = "ST";
        this.proxyTicketPrefix = "PT";
        this.dataSealer = (DataSealer) Constraint.isNotNull(dataSealer, "DataSealer cannot be null");
    }

    public void setServiceTicketPrefix(String str) {
        this.serviceTicketPrefix = Constraint.isNotEmpty(str, "Prefix cannot be null or empty");
    }

    public void setProxyTicketPrefix(String str) {
        this.proxyTicketPrefix = Constraint.isNotEmpty(str, "Prefix cannot be null or empty");
    }

    @Nonnull
    public ServiceTicket createServiceTicket(@Nonnull String str, @Nonnull Instant instant, @Nonnull String str2, @Nullable TicketState ticketState, boolean z) {
        Constraint.isNotNull(ticketState, "State cannot be null");
        ServiceTicket serviceTicket = new ServiceTicket((String) Constraint.isNotNull(str, "ID cannot be null"), (String) Constraint.isNotNull(str2, "Service cannot be null"), (Instant) Constraint.isNotNull(instant, "Expiry cannot be null"), z);
        serviceTicket.setTicketState(ticketState);
        return encode(ServiceTicket.class, serviceTicket, this.serviceTicketPrefix);
    }

    @Nullable
    public ServiceTicket removeServiceTicket(@Nonnull String str) {
        Constraint.isNotNull(str, "Id cannot be null");
        return decode(ServiceTicket.class, str, this.serviceTicketPrefix);
    }

    @Nonnull
    public ProxyTicket createProxyTicket(@Nonnull String str, @Nonnull Instant instant, @Nonnull ProxyGrantingTicket proxyGrantingTicket, @Nonnull String str2) {
        Constraint.isNotNull(proxyGrantingTicket, "ProxyGrantingTicket cannot be null");
        ProxyTicket proxyTicket = new ProxyTicket(NOT_USED, (String) Constraint.isNotNull(str2, "Service cannot be null"), (Instant) Constraint.isNotNull(instant, "Expiry cannot be null"), proxyGrantingTicket.getId());
        proxyTicket.setTicketState(proxyGrantingTicket.getTicketState());
        return encode(ProxyTicket.class, proxyTicket, this.proxyTicketPrefix);
    }

    @Nullable
    public ProxyTicket removeProxyTicket(@Nonnull String str) {
        return decode(ProxyTicket.class, str, this.proxyTicketPrefix);
    }

    private <T extends Ticket> T encode(Class<T> cls, T t, String str) {
        try {
            return cls.cast(t.clone(str + '-' + this.dataSealer.wrap(serializer(cls).serialize(t), t.getExpirationInstant().getMillis())));
        } catch (Exception e) {
            throw new RuntimeException("Ticket encoding failed", e);
        }
    }

    private <T extends Ticket> T decode(Class<T> cls, String str, String str2) {
        try {
            return (T) serializer(cls).deserialize(0L, NOT_USED, str, this.dataSealer.unwrap(str.substring(str2.length() + 1)), 0L);
        } catch (Exception e) {
            this.log.warn("Ticket decoding failed with error: " + e.getMessage());
            this.log.debug("Ticket decoding failed", e);
            return null;
        }
    }
}
