package pl.edu.icm.synat.services.security;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.util.Assert;
import pl.edu.icm.synat.api.services.security.ServiceSecurityContextManager;
import pl.edu.icm.synat.api.services.security.ServiceUserAuthenticationToken;

/* loaded from: input_file:WEB-INF/lib/synat-platform-connector-1.20.2.jar:pl/edu/icm/synat/services/security/ServiceSecurityContextManagerImpl.class */
public class ServiceSecurityContextManagerImpl implements ServiceSecurityContextManager, InitializingBean {
    private static final Logger logger = LoggerFactory.getLogger(ServiceSecurityContextManagerImpl.class);
    private static final long DEFAULT_TIME_TO_RELOGIN_IN_SECONDS = 30;
    private ServiceUserAuthenticationToken applicationToken;
    private String username;
    private String password;
    private AuthenticationService authenticationService;
    private ThreadLocal<ServiceUserAuthenticationToken> threadHolder = new ThreadLocal<>();
    private boolean isSecurityEnabled = false;
    private long timeToRelogin = DEFAULT_TIME_TO_RELOGIN_IN_SECONDS;

    @Override // pl.edu.icm.synat.api.services.security.ServiceSecurityContext
    public boolean isSecurityEnabled() {
        return this.isSecurityEnabled;
    }

    @Override // pl.edu.icm.synat.api.services.security.ServiceSecurityContext
    public ServiceUserAuthenticationToken getToken() {
        ServiceUserAuthenticationToken clientToken = getClientToken();
        if (clientToken == null) {
            clientToken = getApplicationToken();
        }
        return clientToken;
    }

    @Override // pl.edu.icm.synat.api.services.security.ServiceSecurityContextManager
    public ServiceUserAuthenticationToken getApplicationToken() {
        if (this.applicationToken == null || hasToRelogin(this.applicationToken)) {
            loginServiceUser();
        }
        return this.applicationToken;
    }

    @Override // pl.edu.icm.synat.api.services.security.ServiceSecurityContextManager
    public void clearApplicationToken() {
        this.applicationToken = null;
    }

    @Override // pl.edu.icm.synat.api.services.security.ServiceSecurityContextManager
    public void setApplicationToken(ServiceUserAuthenticationToken serviceUserAuthenticationToken) {
        Assert.notNull(serviceUserAuthenticationToken, "Only non-null token are permitted");
        this.applicationToken = serviceUserAuthenticationToken;
    }

    @Override // pl.edu.icm.synat.api.services.security.ServiceSecurityContextManager
    public ServiceUserAuthenticationToken getClientToken() {
        ServiceUserAuthenticationToken serviceUserAuthenticationToken = this.threadHolder.get();
        if (serviceUserAuthenticationToken != null && hasToRelogin(serviceUserAuthenticationToken)) {
            loginServiceUser();
            serviceUserAuthenticationToken = this.threadHolder.get();
        }
        return serviceUserAuthenticationToken;
    }

    @Override // pl.edu.icm.synat.api.services.security.ServiceSecurityContextManager
    public void clearClientToken() {
        this.threadHolder.remove();
    }

    @Override // pl.edu.icm.synat.api.services.security.ServiceSecurityContextManager
    public void setClientToken(ServiceUserAuthenticationToken serviceUserAuthenticationToken) {
        Assert.notNull(serviceUserAuthenticationToken, "Only non-null token are permitted");
        this.threadHolder.set(serviceUserAuthenticationToken);
    }

    protected void loginServiceUser() {
        if (!isSecurityEnabled()) {
            logger.debug("Service user [{}] logging in has been omitted because security is not enabled.", this.username);
            return;
        }
        ServiceUserAuthenticationToken login = this.authenticationService.login(this.username, this.password);
        logger.debug("Service user [{}] successfully logged in on authentication server.", this.username);
        setApplicationToken(login);
        ServiceUserAuthenticationToken serviceUserAuthenticationToken = this.threadHolder.get();
        if (serviceUserAuthenticationToken != null) {
            serviceUserAuthenticationToken.setServiceUserTicket(login.getServiceUserTicket());
            setClientToken(serviceUserAuthenticationToken);
        }
    }

    protected boolean hasToRelogin(ServiceUserAuthenticationToken serviceUserAuthenticationToken) {
        return serviceUserAuthenticationToken.getServiceUserTicket().getExpirationTime() - System.currentTimeMillis() < this.timeToRelogin * 1000;
    }

    public void setSecurityEnabled(boolean z) {
        this.isSecurityEnabled = z;
    }

    public void setUsername(String str) {
        this.username = str;
    }

    public void setPassword(String str) {
        this.password = str;
    }

    public void setAuthenticationService(AuthenticationService authenticationService) {
        this.authenticationService = authenticationService;
    }

    public void setTimeToRelogin(long j) {
        this.timeToRelogin = j;
    }

    @Override // org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() throws Exception {
        if (this.isSecurityEnabled) {
            Assert.hasText(this.username, "username required");
            Assert.hasText(this.password, "password required");
            Assert.notNull(this.authenticationService, "authenticationService required");
            Assert.notNull(Long.valueOf(this.timeToRelogin), "timeToRelogin required");
        }
    }
}
