package uk.ac.ceh.components.userstore.springsecurity;

import com.google.common.collect.Collections2;
import java.nio.charset.Charset;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.binary.Base64;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.RememberMeAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.RememberMeServices;
import org.springframework.security.web.authentication.logout.LogoutHandler;
import org.springframework.web.util.CookieGenerator;
import org.springframework.web.util.WebUtils;
import uk.ac.ceh.components.tokengeneration.ExpiredTokenException;
import uk.ac.ceh.components.tokengeneration.InvalidTokenException;
import uk.ac.ceh.components.tokengeneration.Token;
import uk.ac.ceh.components.tokengeneration.TokenGenerator;
import uk.ac.ceh.components.userstore.GroupStore;
import uk.ac.ceh.components.userstore.UnknownUserException;
import uk.ac.ceh.components.userstore.User;
import uk.ac.ceh.components.userstore.UserStore;

/* loaded from: input_file:uk/ac/ceh/components/userstore/springsecurity/TokenRememberMeServices.class */
public class TokenRememberMeServices<U extends User> implements RememberMeServices, LogoutHandler {
    private static final Charset MESSAGE_CHARSET = Charset.forName("UTF-8");
    private final TokenGenerator tokenGenerator;
    private final String key;
    private final UserStore<U> userStore;
    private final GroupStore<U> groupStore;
    private final CookieGenerator cookieGenerator;

    public TokenRememberMeServices(String str, UserStore<U> userStore, GroupStore<U> groupStore, TokenGenerator tokenGenerator, CookieGenerator cookieGenerator) {
        this.tokenGenerator = tokenGenerator;
        this.userStore = userStore;
        this.groupStore = groupStore;
        this.key = str;
        this.cookieGenerator = cookieGenerator;
    }

    public Authentication autoLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Cookie cookie = WebUtils.getCookie(httpServletRequest, this.cookieGenerator.getCookieName());
        if (cookie == null) {
            return null;
        }
        try {
            User user = this.userStore.getUser(new String(this.tokenGenerator.getMessage(new Token(Base64.decodeBase64(cookie.getValue()))), MESSAGE_CHARSET));
            return new RememberMeAuthenticationToken(this.key, user, Collections2.transform(this.groupStore.getGroups(user), new TransformGroupToSimpleGrantedAuthority()));
        } catch (RuntimeException e) {
            throw new AuthenticationServiceException("Failed to communicate with user/group store", e);
        } catch (InvalidTokenException | ExpiredTokenException | UnknownUserException e2) {
            this.cookieGenerator.removeCookie(httpServletResponse);
            return null;
        }
    }

    public void loginSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) {
        this.cookieGenerator.addCookie(httpServletResponse, Base64.encodeBase64URLSafeString(this.tokenGenerator.generateToken(((User) authentication.getPrincipal()).getUsername().getBytes(MESSAGE_CHARSET), this.cookieGenerator.getCookieMaxAge().intValue() * 1000).getBytes()));
    }

    public void logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) {
        this.cookieGenerator.removeCookie(httpServletResponse);
    }

    public void loginFail(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
    }
}
