package org.jboss.seam.security;

import java.io.Serializable;
import java.rmi.server.UID;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.Random;
import javax.faces.context.FacesContext;
import org.hibernate.hql.classic.ParserHelper;
import org.jboss.seam.Component;
import org.jboss.seam.ScopeType;
import org.jboss.seam.annotations.Create;
import org.jboss.seam.annotations.Install;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Observer;
import org.jboss.seam.annotations.Scope;
import org.jboss.seam.annotations.intercept.BypassInterceptors;
import org.jboss.seam.faces.Selector;
import org.jboss.seam.security.management.IdentityManager;
import org.jboss.seam.util.Base64;

@Name("org.jboss.seam.security.rememberMe")
@Scope(ScopeType.SESSION)
@Install(precedence = 0, classDependencies = {"javax.faces.context.FacesContext"})
@BypassInterceptors
/* loaded from: input_file:WEB-INF/lib/jboss-seam-2.2.2.Final.jar:org/jboss/seam/security/RememberMe.class */
public class RememberMe implements Serializable {
    private UsernameSelector usernameSelector;
    private TokenSelector tokenSelector;
    private TokenStore tokenStore;
    private boolean enabled;
    private boolean autoLoggedIn;
    private int cookieMaxAge = Selector.DEFAULT_MAX_AGE;
    private Random random = new Random(System.currentTimeMillis());
    private Mode mode = Mode.usernameOnly;

    /* loaded from: input_file:WEB-INF/lib/jboss-seam-2.2.2.Final.jar:org/jboss/seam/security/RememberMe$BoolWrapper.class */
    private class BoolWrapper {
        boolean value;

        private BoolWrapper() {
        }
    }

    /* loaded from: input_file:WEB-INF/lib/jboss-seam-2.2.2.Final.jar:org/jboss/seam/security/RememberMe$DecodedToken.class */
    private class DecodedToken {
        private String username;
        private String value;

        public DecodedToken(String str) {
            if (str != null) {
                try {
                    String str2 = new String(Base64.decode(str));
                    this.username = str2.substring(0, str2.indexOf(58));
                    this.value = str2.substring(str2.indexOf(58) + 1);
                } catch (Exception e) {
                }
            }
        }

        public String getUsername() {
            return this.username;
        }

        public String getValue() {
            return this.value;
        }
    }

    /* loaded from: input_file:WEB-INF/lib/jboss-seam-2.2.2.Final.jar:org/jboss/seam/security/RememberMe$Mode.class */
    public enum Mode {
        disabled,
        usernameOnly,
        autoLogin
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:WEB-INF/lib/jboss-seam-2.2.2.Final.jar:org/jboss/seam/security/RememberMe$TokenSelector.class */
    public class TokenSelector extends UsernameSelector {
        TokenSelector() {
            super();
        }

        @Override // org.jboss.seam.security.RememberMe.UsernameSelector, org.jboss.seam.faces.Selector
        public String getCookieName() {
            return "org.jboss.seam.security.authtoken";
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:WEB-INF/lib/jboss-seam-2.2.2.Final.jar:org/jboss/seam/security/RememberMe$UsernameSelector.class */
    public class UsernameSelector extends Selector {
        UsernameSelector() {
        }

        @Override // org.jboss.seam.faces.Selector
        public String getCookieName() {
            return "org.jboss.seam.security.username";
        }

        @Override // org.jboss.seam.core.AbstractMutable
        public void setDirty() {
            super.setDirty();
        }

        @Override // org.jboss.seam.faces.Selector
        public String getCookieValue() {
            return super.getCookieValue();
        }

        @Override // org.jboss.seam.faces.Selector
        public void clearCookieValue() {
            super.clearCookieValue();
        }

        @Override // org.jboss.seam.faces.Selector
        public void setCookieValueIfEnabled(String str) {
            super.setCookieValueIfEnabled(str);
        }
    }

    public Mode getMode() {
        return this.mode;
    }

    public void setMode(Mode mode) {
        this.mode = mode;
    }

    public boolean isEnabled() {
        return this.enabled;
    }

    public void setEnabled(boolean z) {
        if (this.enabled != z) {
            this.enabled = z;
            if (this.usernameSelector != null && this.mode.equals(Mode.usernameOnly)) {
                this.usernameSelector.setCookieEnabled(z);
                this.usernameSelector.setDirty();
            } else {
                if (this.tokenSelector == null || !this.mode.equals(Mode.autoLogin)) {
                    return;
                }
                this.tokenSelector.setCookieEnabled(z);
                this.tokenSelector.setDirty();
            }
        }
    }

    public int getCookieMaxAge() {
        return this.cookieMaxAge;
    }

    public void setCookieMaxAge(int i) {
        this.cookieMaxAge = i;
    }

    public TokenStore getTokenStore() {
        return this.tokenStore;
    }

    public void setTokenStore(TokenStore tokenStore) {
        this.tokenStore = tokenStore;
    }

    @Create
    public void create() {
        if (this.mode.equals(Mode.usernameOnly)) {
            this.usernameSelector = new UsernameSelector();
            this.usernameSelector.setCookieEnabled(this.enabled);
        } else if (this.mode.equals(Mode.autoLogin)) {
            this.tokenSelector = new TokenSelector();
            this.tokenSelector.setCookieEnabled(this.enabled);
            if (this.tokenStore == null) {
                this.tokenStore = (TokenStore) Component.getInstance((Class<?>) JpaTokenStore.class, true);
            }
        }
    }

    protected String generateTokenValue() {
        return new UID().toString() + ParserHelper.HQL_VARIABLE_PREFIX + this.random.nextLong();
    }

    protected String encodeToken(String str, String str2) {
        return Base64.encodeBytes((str + ParserHelper.HQL_VARIABLE_PREFIX + str2).getBytes(), 8);
    }

    public String getCookiePath() {
        FacesContext currentInstance = FacesContext.getCurrentInstance();
        if (currentInstance != null) {
            return currentInstance.getExternalContext().getRequestContextPath();
        }
        return null;
    }

    @Observer({Credentials.EVENT_INIT_CREDENTIALS})
    public void initCredentials(Credentials credentials) {
        String cookiePath = getCookiePath();
        if (this.mode.equals(Mode.usernameOnly)) {
            if (cookiePath != null) {
                this.usernameSelector.setCookiePath(cookiePath);
            }
            String cookieValue = this.usernameSelector.getCookieValue();
            if (cookieValue != null) {
                setEnabled(true);
                credentials.setUsername(cookieValue);
            }
            this.usernameSelector.setDirty();
            return;
        }
        if (this.mode.equals(Mode.autoLogin)) {
            if (cookiePath != null) {
                this.tokenSelector.setCookiePath(cookiePath);
            }
            String cookieValue2 = this.tokenSelector.getCookieValue();
            if (cookieValue2 != null) {
                setEnabled(true);
                DecodedToken decodedToken = new DecodedToken(cookieValue2);
                if (!this.tokenStore.validateToken(decodedToken.getUsername(), decodedToken.getValue())) {
                    this.tokenStore.invalidateAll(decodedToken.getUsername());
                } else {
                    credentials.setUsername(decodedToken.getUsername());
                    credentials.setPassword(decodedToken.getValue());
                }
            }
        }
    }

    @Observer({Identity.EVENT_QUIET_LOGIN})
    public void quietLogin() {
        Identity instance = Identity.instance();
        if (this.mode.equals(Mode.autoLogin) && isEnabled()) {
            final String username = instance.getCredentials().getUsername();
            final BoolWrapper boolWrapper = new BoolWrapper();
            final ArrayList arrayList = new ArrayList();
            if (this.tokenStore.validateToken(username, instance.getCredentials().getPassword())) {
                new RunAsOperation(true) { // from class: org.jboss.seam.security.RememberMe.1
                    @Override // org.jboss.seam.security.RunAsOperation
                    public void execute() {
                        if (IdentityManager.instance().isUserEnabled(username)) {
                            boolWrapper.value = true;
                            Iterator<String> it = IdentityManager.instance().getImpliedRoles(username).iterator();
                            while (it.hasNext()) {
                                arrayList.add(it.next());
                            }
                        }
                    }
                }.run();
                if (boolWrapper.value) {
                    instance.unAuthenticate();
                    instance.preAuthenticate();
                    Iterator it = arrayList.iterator();
                    while (it.hasNext()) {
                        instance.addRole((String) it.next());
                    }
                    instance.getSubject().getPrincipals().add(new SimplePrincipal(username));
                    instance.postAuthenticate();
                    this.autoLoggedIn = true;
                }
            }
        }
    }

    @Observer({Identity.EVENT_LOGGED_OUT})
    public void loggedOut() {
        if (this.mode.equals(Mode.autoLogin)) {
            this.tokenSelector.clearCookieValue();
        }
    }

    @Observer({Identity.EVENT_POST_AUTHENTICATE})
    public void postAuthenticate(Identity identity) {
        if (this.mode.equals(Mode.usernameOnly)) {
            this.usernameSelector.setDirty();
            if (!this.enabled) {
                this.usernameSelector.clearCookieValue();
                return;
            } else {
                this.usernameSelector.setCookieMaxAge(this.cookieMaxAge);
                this.usernameSelector.setCookieValueIfEnabled(Identity.instance().getCredentials().getUsername());
                return;
            }
        }
        if (this.mode.equals(Mode.autoLogin)) {
            this.tokenSelector.setDirty();
            DecodedToken decodedToken = new DecodedToken(this.tokenSelector.getCookieValue());
            if (decodedToken.getUsername() != null) {
                this.tokenStore.invalidateToken(decodedToken.getUsername(), decodedToken.getValue());
            }
            if (!this.enabled) {
                this.tokenSelector.clearCookieValue();
                return;
            }
            String generateTokenValue = generateTokenValue();
            this.tokenStore.createToken(identity.getPrincipal().getName(), generateTokenValue);
            this.tokenSelector.setCookieEnabled(this.enabled);
            this.tokenSelector.setCookieMaxAge(this.cookieMaxAge);
            this.tokenSelector.setCookieValueIfEnabled(encodeToken(identity.getPrincipal().getName(), generateTokenValue));
        }
    }

    @Observer({Credentials.EVENT_CREDENTIALS_UPDATED})
    public void credentialsUpdated() {
        if (this.mode.equals(Mode.usernameOnly)) {
            this.usernameSelector.setDirty();
        }
    }

    public boolean isAutoLoggedIn() {
        return this.autoLoggedIn;
    }
}
