package de.gwdg.cdstar.auth.realm;

import de.gwdg.cdstar.auth.Credentials;
import de.gwdg.cdstar.auth.Principal;
import de.gwdg.cdstar.auth.Session;
import de.gwdg.cdstar.auth.TokenCredentials;
import de.gwdg.cdstar.runtime.Config;
import de.gwdg.cdstar.runtime.ConfigException;
import de.gwdg.cdstar.runtime.Plugin;
import java.time.Duration;
import java.time.Instant;
import java.time.temporal.TemporalAmount;
import java.util.Map;
import java.util.UUID;
import java.util.concurrent.ConcurrentHashMap;

@Plugin
/* loaded from: input_file:de/gwdg/cdstar/auth/realm/InMemorySessionStore.class */
public class InMemorySessionStore implements SessionStore, Authenticator {
    private final String name;
    private final Map<String, TokenSession> tokenStore;
    private Duration defaultTTL;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:de/gwdg/cdstar/auth/realm/InMemorySessionStore$TokenSession.class */
    public class TokenSession implements Session {
        private final String id;
        private final Instant expireAfter;
        private final Principal principal;

        public TokenSession(InMemorySessionStore inMemorySessionStore, Principal principal) {
            this(principal, null);
        }

        public TokenSession(Principal principal, Instant instant) {
            this.id = UUID.randomUUID().toString();
            this.principal = principal;
            this.expireAfter = instant;
        }

        public String getId() {
            return this.id;
        }

        public boolean isExpired(Instant instant) {
            return this.expireAfter != null && this.expireAfter.isBefore(instant);
        }

        @Override // de.gwdg.cdstar.auth.Session
        public boolean isRemembered() {
            return true;
        }

        @Override // de.gwdg.cdstar.auth.Session
        public Authenticator getAuthenticator() {
            return InMemorySessionStore.this;
        }

        @Override // de.gwdg.cdstar.auth.Session
        public Principal getPrincipal() {
            return this.principal;
        }
    }

    public InMemorySessionStore() {
        this("token-authorizer");
    }

    public InMemorySessionStore(Config config) throws ConfigException {
        this(config.get("_name"));
        config.setDefault("ttl", "86400");
        setTimeout(Duration.ofSeconds(config.getInt("ttl")));
    }

    private void setTimeout(Duration duration) {
        this.defaultTTL = duration;
    }

    public InMemorySessionStore(String str) {
        this.tokenStore = new ConcurrentHashMap();
        this.name = "token-authorizer";
    }

    @Override // de.gwdg.cdstar.auth.realm.SessionStore
    public String remember(Session session) {
        TokenSession tokenSession = new TokenSession(session.getPrincipal(), this.defaultTTL == null ? null : Instant.now().plus((TemporalAmount) this.defaultTTL));
        this.tokenStore.put(tokenSession.getId(), tokenSession);
        if (this.tokenStore.size() > 1024 && tokenSession.getId().hashCode() % 16 == 0) {
            expireAll();
        }
        return tokenSession.getId();
    }

    @Override // de.gwdg.cdstar.auth.realm.Realm
    public String getName() {
        return this.name;
    }

    @Override // de.gwdg.cdstar.auth.realm.Authenticator
    public Session login(Credentials credentials) {
        TokenSession tokenSession;
        if (!(credentials instanceof TokenCredentials) || (tokenSession = this.tokenStore.get(((TokenCredentials) credentials).getToken())) == null) {
            return null;
        }
        if (!tokenSession.isExpired(Instant.now())) {
            return tokenSession;
        }
        this.tokenStore.remove(tokenSession.getId());
        return null;
    }

    void expireAll() {
        Instant now = Instant.now();
        this.tokenStore.values().removeIf(tokenSession -> {
            return tokenSession.isExpired(now);
        });
    }

    @Override // de.gwdg.cdstar.auth.realm.Authenticator
    public void logout(Session session) {
        if (session instanceof TokenSession) {
            this.tokenStore.remove(((TokenSession) session).getId());
        }
    }
}
