package org.glassfish.common.util.admin;

import com.sun.enterprise.util.CULoggerInfo;
import com.sun.enterprise.util.LocalStringManagerImpl;
import jakarta.inject.Singleton;
import java.security.SecureRandom;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.Subject;
import org.jvnet.hk2.annotations.Service;

@Singleton
@Service
/* loaded from: input_file:org/glassfish/common/util/admin/AuthTokenManager.class */
public class AuthTokenManager {
    public static final String AUTH_TOKEN_OPTION_NAME = "_authtoken";
    private static final String SUPPRESSED_TOKEN_OUTPUT = "????";
    private static final int TOKEN_SIZE = 10;
    private static final long DEFAULT_TOKEN_LIFETIME = 60000;
    private final SecureRandom rng = new SecureRandom();
    private final Map<String, TokenInfo> liveTokens = new HashMap();
    private static final char REUSE_TOKEN_MARKER = '+';
    private static final Logger logger = CULoggerInfo.getLogger();
    private static final LocalStringManagerImpl localStrings = new LocalStringManagerImpl(AuthTokenManager.class);
    private static final char[] hex = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'};

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/glassfish/common/util/admin/AuthTokenManager$TokenInfo.class */
    public static class TokenInfo {
        private final String token;
        private int usesRemaining = 2;
        private long expiration;
        private final long lifetime;
        private final Subject subject;

        private TokenInfo(Subject subject, String str, long j) {
            this.subject = subject;
            this.token = str;
            this.lifetime = j;
            this.expiration = System.currentTimeMillis() + j;
        }

        private synchronized boolean isOKTouse(long j) {
            return !isUsedUp(j);
        }

        private synchronized boolean use(boolean z, long j) {
            if (!isUsedUp(j)) {
                if (!z) {
                    this.usesRemaining--;
                }
                if (AuthTokenManager.logger.isLoggable(Level.FINER)) {
                    AuthTokenManager.logger.log(Level.FINER, "Use of auth token {0} OK; isBeingReused = {2}; remaining uses = {1,number,integer}", new Object[]{this.token, Integer.valueOf(this.usesRemaining), Boolean.toString(z)});
                }
                this.expiration += this.lifetime;
                return true;
            }
            if (!AuthTokenManager.logger.isLoggable(Level.FINER)) {
                return false;
            }
            LocalStringManagerImpl localStringManagerImpl = AuthTokenManager.localStrings;
            Object[] objArr = new Object[3];
            objArr[0] = Integer.valueOf(this.usesRemaining);
            objArr[1] = Boolean.toString(this.expiration <= j);
            objArr[2] = this.token;
            AuthTokenManager.logger.log(Level.FINER, localStringManagerImpl.getLocalString("AuthTokenInvalid", "Use of auth token {2} attempted but token is invalid; usesRemaining = {0,number,integer}, expired = {1}", objArr));
            return false;
        }

        private boolean isUsedUp(long j) {
            return this.usesRemaining <= 0 || this.expiration <= j;
        }
    }

    public String createToken(Subject subject, long j) {
        byte[] bArr = new byte[10];
        this.rng.nextBytes(bArr);
        String hex2 = toHex(bArr);
        this.liveTokens.put(hex2, new TokenInfo(subject, hex2, j));
        logger.log(Level.FINER, "Auth token {0} created", hex2);
        return hex2;
    }

    public String createToken() {
        return createToken(60000L);
    }

    public String createToken(Subject subject) {
        return createToken(subject, 60000L);
    }

    public String createToken(long j) {
        return createToken(new Subject(), j);
    }

    public Subject findToken(String str) {
        TokenInfo findTokenInfo = findTokenInfo(str, System.currentTimeMillis());
        if (findTokenInfo != null) {
            return findTokenInfo.subject;
        }
        return null;
    }

    private TokenInfo findTokenInfo(String str, long j) {
        String substring = isReusedToken(str) ? str.substring(0, str.indexOf(43)) : str;
        TokenInfo tokenInfo = this.liveTokens.get(substring);
        if (tokenInfo == null) {
            logger.log(Level.WARNING, CULoggerInfo.useNonexistentToken, logger.isLoggable(Level.FINER) ? substring : SUPPRESSED_TOKEN_OUTPUT);
            return null;
        }
        if (tokenInfo.isOKTouse(j)) {
            return tokenInfo;
        }
        return null;
    }

    public Subject consumeToken(String str) {
        Subject subject = null;
        long currentTimeMillis = System.currentTimeMillis();
        TokenInfo findTokenInfo = findTokenInfo(str, currentTimeMillis);
        if (findTokenInfo != null && findTokenInfo.use(isReusedToken(str), currentTimeMillis)) {
            subject = findTokenInfo.subject;
        }
        retireExpiredTokens(currentTimeMillis);
        return subject;
    }

    private boolean isReusedToken(String str) {
        return str.indexOf(43) != -1;
    }

    public Subject subject(String str) {
        TokenInfo tokenInfo = this.liveTokens.get(str);
        if (tokenInfo != null) {
            return tokenInfo.subject;
        }
        return null;
    }

    public static String markTokenForReuse(String str) {
        return str + "+";
    }

    private synchronized void retireExpiredTokens(long j) {
        Iterator<Map.Entry<String, TokenInfo>> it = this.liveTokens.entrySet().iterator();
        while (it.hasNext()) {
            Map.Entry<String, TokenInfo> next = it.next();
            if (next.getValue().isUsedUp(j)) {
                logger.log(Level.FINER, "Auth token {0} being retired during scan", next.getValue().token);
                it.remove();
            }
        }
    }

    private static String toHex(byte[] bArr) {
        char[] cArr = new char[bArr.length * 2];
        int i = 0;
        for (byte b : bArr) {
            int i2 = i;
            int i3 = i + 1;
            cArr[i2] = hex[(b >> 4) & 15];
            i = i3 + 1;
            cArr[i3] = hex[b & 15];
        }
        return new String(cArr);
    }
}
