package org.overlord.gadgets.web.server;

import java.io.File;
import java.io.IOException;
import java.util.HashMap;
import org.apache.commons.io.FileUtils;
import org.apache.shindig.auth.AbstractSecurityToken;
import org.apache.shindig.auth.BlobCrypterSecurityToken;
import org.apache.shindig.auth.SecurityToken;
import org.apache.shindig.auth.SecurityTokenException;
import org.apache.shindig.common.crypto.BasicBlobCrypter;
import org.apache.shindig.common.crypto.BlobCrypter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/classes/org/overlord/gadgets/web/server/EncryptedBlobSecurityTokenService.class */
public class EncryptedBlobSecurityTokenService implements SecurityTokenService {
    private static Logger logger = LoggerFactory.getLogger(EncryptedBlobSecurityTokenService.class);
    public static final String EMBEDDED_KEY_PREFIX = "embedded:";
    public static final String CLASSPATH_KEY_PREFIX = "classpath:";
    private String container;
    private String domain;
    private BlobCrypter blobCrypter;

    public EncryptedBlobSecurityTokenService(String str, String str2, String str3) {
        this.container = str;
        this.domain = str2;
        try {
            this.blobCrypter = new BasicBlobCrypter(FileUtils.readFileToString(new File(str3), "UTF-8"));
        } catch (IOException e) {
            throw new SecurityException("Unable to load encryption key from file: " + str3);
        }
    }

    @Override // org.overlord.gadgets.web.server.SecurityTokenService
    public SecurityToken getSecurityToken(String str, String str2, String str3) throws SecurityTokenException {
        return getBlobCrypterSecurityToken(str, str2, str3);
    }

    @Override // org.overlord.gadgets.web.server.SecurityTokenService
    public String getEncryptedSecurityToken(String str, String str2, String str3) throws SecurityTokenException {
        try {
            return encryptSecurityToken(getBlobCrypterSecurityToken(str, str2, str3));
        } catch (Exception e) {
            throw new SecurityTokenException("Error creating security token from regionWidget", e);
        }
    }

    @Override // org.overlord.gadgets.web.server.SecurityTokenService
    public SecurityToken decryptSecurityToken(String str) throws SecurityTokenException {
        try {
            if (logger.isTraceEnabled()) {
                logger.trace("Decrypting security token: " + str);
            }
            str = str.substring((this.container + ":").length());
            return new BlobCrypterSecurityToken(this.container, this.domain, null, this.blobCrypter.unwrap(str));
        } catch (Exception e) {
            throw new SecurityTokenException("Error creating security token from encrypted string: " + str, e);
        }
    }

    @Override // org.overlord.gadgets.web.server.SecurityTokenService
    public String refreshEncryptedSecurityToken(String str) throws SecurityTokenException {
        SecurityToken decryptSecurityToken = decryptSecurityToken(str);
        if (decryptSecurityToken.getViewerId().equalsIgnoreCase(null)) {
            return getEncryptedSecurityToken(decryptSecurityToken.getAppUrl(), String.valueOf(decryptSecurityToken.getModuleId()), decryptSecurityToken.getViewerId());
        }
        throw new SecurityTokenException("Illegal attempt by user " + ((String) null) + " to refresh security token with a viewerId of " + decryptSecurityToken.getViewerId());
    }

    private BlobCrypterSecurityToken getBlobCrypterSecurityToken(String str, String str2, String str3) throws SecurityTokenException {
        HashMap hashMap = new HashMap();
        hashMap.put(AbstractSecurityToken.Keys.APP_URL.getKey(), str);
        hashMap.put(AbstractSecurityToken.Keys.MODULE_ID.getKey(), str2);
        hashMap.put(AbstractSecurityToken.Keys.OWNER.getKey(), str3);
        hashMap.put(AbstractSecurityToken.Keys.VIEWER.getKey(), str3);
        hashMap.put(AbstractSecurityToken.Keys.TRUSTED_JSON.getKey(), "");
        BlobCrypterSecurityToken blobCrypterSecurityToken = new BlobCrypterSecurityToken(this.container, this.domain, null, hashMap);
        if (logger.isTraceEnabled()) {
            logger.trace("Token created for regionWidget " + str + " and user " + str3);
        }
        return blobCrypterSecurityToken;
    }

    private String encryptSecurityToken(BlobCrypterSecurityToken blobCrypterSecurityToken) throws SecurityTokenException {
        try {
            String str = this.container + ":" + this.blobCrypter.wrap(blobCrypterSecurityToken.toMap());
            if (logger.isTraceEnabled()) {
                logger.trace("Encrypted token created from security token: " + blobCrypterSecurityToken.toString() + " -- encrypted token is: " + str);
            }
            return str;
        } catch (Exception e) {
            throw new SecurityTokenException("Error creating security token from person gadget", e);
        }
    }
}
