package net.shibboleth.idp.saml.nameid.impl;

import java.io.IOException;
import java.time.Duration;
import java.time.Instant;
import java.time.temporal.TemporalAmount;
import javax.annotation.Nonnull;
import net.shibboleth.utilities.java.support.annotation.constraint.NonnullAfterInit;
import net.shibboleth.utilities.java.support.annotation.constraint.NotEmpty;
import net.shibboleth.utilities.java.support.annotation.constraint.Positive;
import net.shibboleth.utilities.java.support.component.AbstractIdentifiableInitializableComponent;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import net.shibboleth.utilities.java.support.component.ComponentSupport;
import net.shibboleth.utilities.java.support.logic.Constraint;
import net.shibboleth.utilities.java.support.security.IdentifierGenerationStrategy;
import net.shibboleth.utilities.java.support.security.impl.RandomIdentifierGenerationStrategy;
import org.opensaml.saml.common.SAMLException;
import org.opensaml.storage.StorageService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/idp-saml-impl-4.3.1.jar:net/shibboleth/idp/saml/nameid/impl/StoredTransientIdGenerationStrategy.class */
public class StoredTransientIdGenerationStrategy extends AbstractIdentifiableInitializableComponent implements TransientIdGenerationStrategy {

    @NonnullAfterInit
    private StorageService idStore;

    @NonnullAfterInit
    private IdentifierGenerationStrategy idGenerator;

    @Nonnull
    private final Logger log = LoggerFactory.getLogger((Class<?>) StoredTransientIdGenerationStrategy.class);
    private int idSize = 16;

    @Nonnull
    private Duration idLifetime = Duration.ofHours(4);

    public void setIdStore(@Nonnull StorageService storageService) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        this.idStore = (StorageService) Constraint.isNotNull(storageService, "StorageService cannot be null");
    }

    public void setIdGenerator(@Nonnull IdentifierGenerationStrategy identifierGenerationStrategy) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        this.idGenerator = (IdentifierGenerationStrategy) Constraint.isNotNull(identifierGenerationStrategy, "IdentifierGenerationStrategy cannot be null");
    }

    @Positive
    public int getIdSize() {
        return this.idSize;
    }

    public void setIdSize(@Positive int i) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        this.idSize = Constraint.isGreaterThan(0, i, "ID size must be positive");
    }

    @Nonnull
    public Duration getIdLifetime() {
        return this.idLifetime;
    }

    public void setIdLifetime(@Nonnull Duration duration) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        Constraint.isNotNull(duration, "ID lifetime cannot be null");
        Constraint.isFalse(duration.isNegative() || duration.isZero(), "ID lifetime must be greater than 0");
        this.idLifetime = duration;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.shibboleth.utilities.java.support.component.AbstractIdentifiedInitializableComponent, net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
    public void doInitialize() throws ComponentInitializationException {
        super.doInitialize();
        if (null == this.idStore) {
            throw new ComponentInitializationException("StorageService cannot be null");
        }
        if (this.idGenerator == null) {
            this.idGenerator = new RandomIdentifierGenerationStrategy(this.idSize);
        }
    }

    @Override // net.shibboleth.idp.saml.nameid.impl.TransientIdGenerationStrategy
    @NotEmpty
    @Nonnull
    public String generate(@NotEmpty @Nonnull String str, @NotEmpty @Nonnull String str2) throws SAMLException {
        ComponentSupport.ifNotInitializedThrowUninitializedComponentException(this);
        try {
            String encode = new TransientIdParameters(str, str2).encode();
            String generateIdentifier = this.idGenerator.generateIdentifier();
            this.log.debug("Creating new transient ID '{}'", generateIdentifier);
            Instant plus = Instant.now().plus((TemporalAmount) this.idLifetime);
            for (int i = 0; i < 5; i++) {
                if (this.idStore.create(TransientIdParameters.CONTEXT, generateIdentifier, encode, Long.valueOf(plus.toEpochMilli()))) {
                    return generateIdentifier;
                }
            }
            throw new SAMLException("Exceeded allowable number of collisions");
        } catch (IOException e) {
            throw new SAMLException(e);
        }
    }
}
