package eu.etaxonomy.cdm.api.security;

import eu.etaxonomy.cdm.api.security.AbstractRequestToken;
import java.security.SecureRandom;
import java.util.Base64;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.stream.Collectors;
import org.apache.commons.lang3.StringUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:lib/cdmlib-services-5.42.0.jar:eu/etaxonomy/cdm/api/security/AbstractRequestTokenStore.class */
public abstract class AbstractRequestTokenStore<T extends AbstractRequestToken, X> implements IAbstractRequestTokenStore<T, X> {
    private static final Logger logger;
    public static final int TOKEN_LENGTH = 50;
    private Map<String, T> tokenList = new HashMap();
    private Integer tokenLifetimeMinutes = null;
    static final /* synthetic */ boolean $assertionsDisabled;

    @Override // eu.etaxonomy.cdm.api.security.IAbstractRequestTokenStore
    public T create(String str, X x) {
        clearExpiredTokens();
        if (!$assertionsDisabled && !StringUtils.isNotBlank(str)) {
            throw new AssertionError();
        }
        T createNewToken = createNewToken(str, x, generateRandomToken(), getTokenLifetimeMinutes());
        this.tokenList.put(createNewToken.getToken(), createNewToken);
        return createNewToken;
    }

    protected String generateRandomToken() {
        byte[] bArr = new byte[50];
        new SecureRandom().nextBytes(bArr);
        return Base64.getUrlEncoder().withoutPadding().encodeToString(bArr);
    }

    @Override // eu.etaxonomy.cdm.api.security.IAbstractRequestTokenStore
    public Optional<T> findRequest(String str) {
        clearExpiredTokens();
        T t = this.tokenList.get(str);
        return isEligibleResetRequest(t) ? Optional.of(t) : Optional.empty();
    }

    @Override // eu.etaxonomy.cdm.api.security.IAbstractRequestTokenStore
    public boolean isEligibleToken(String str) {
        clearExpiredTokens();
        return isEligibleResetRequest(this.tokenList.get(str));
    }

    protected boolean isEligibleResetRequest(T t) {
        if (t == null) {
            logger.info("isEligibleToken() : PasswordResetRequest must not be null");
            return false;
        }
        if (!t.getExpiryDate().before(new Date())) {
            return true;
        }
        this.tokenList.remove(t.getToken());
        logger.info("isEligibleToken() : Token is expired, and has been deleted now.");
        return false;
    }

    protected int clearExpiredTokens() {
        Date date = new Date();
        List list = (List) this.tokenList.values().stream().filter(abstractRequestToken -> {
            return abstractRequestToken.getExpiryDate().before(date);
        }).map(abstractRequestToken2 -> {
            return abstractRequestToken2.getToken();
        }).collect(Collectors.toList());
        list.stream().forEach(str -> {
            this.tokenList.remove(str);
        });
        return list.size();
    }

    @Override // eu.etaxonomy.cdm.api.security.IAbstractRequestTokenStore
    public boolean remove(String str) {
        clearExpiredTokens();
        return this.tokenList.remove(str) != null;
    }

    public int getTokenLifetimeMinutes() {
        if (this.tokenLifetimeMinutes != null) {
            return this.tokenLifetimeMinutes.intValue();
        }
        return 360;
    }

    @Override // eu.etaxonomy.cdm.api.security.IAbstractRequestTokenStore
    public void setTokenLifetimeMinutes(int i) {
        this.tokenLifetimeMinutes = Integer.valueOf(i);
    }

    static {
        $assertionsDisabled = !AbstractRequestTokenStore.class.desiredAssertionStatus();
        logger = LogManager.getLogger();
    }
}
