package org.springframework.security.token;

import java.io.UnsupportedEncodingException;
import java.security.SecureRandom;
import java.util.Date;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.binary.Hex;
import org.springframework.aop.framework.autoproxy.target.QuickTargetSourceCreator;
import org.springframework.asm.Opcodes;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.util.Sha512DigestUtils;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;

/* loaded from: input_file:org/springframework/security/token/KeyBasedPersistenceTokenService.class */
public class KeyBasedPersistenceTokenService implements TokenService, InitializingBean {
    private int pseudoRandomNumberBits = Opcodes.ACC_NATIVE;
    private String serverSecret;
    private Integer serverInteger;
    private SecureRandom secureRandom;

    @Override // org.springframework.security.token.TokenService
    public Token allocateToken(String str) {
        Assert.notNull(str, "Must provided non-null extendedInformation (but it can be empty)");
        long time = new Date().getTime();
        String computeServerSecretApplicableAt = computeServerSecretApplicableAt(time);
        String stringBuffer = new StringBuffer().append(new Long(time).toString()).append(QuickTargetSourceCreator.PREFIX_COMMONS_POOL).append(generatePseudoRandomNumber()).append(QuickTargetSourceCreator.PREFIX_COMMONS_POOL).append(str).toString();
        return new DefaultToken(convertToString(Base64.encodeBase64(convertToBytes(new StringBuffer().append(stringBuffer).append(QuickTargetSourceCreator.PREFIX_COMMONS_POOL).append(Sha512DigestUtils.shaHex(new StringBuffer().append(stringBuffer).append(QuickTargetSourceCreator.PREFIX_COMMONS_POOL).append(computeServerSecretApplicableAt).toString())).toString()))), time, str);
    }

    @Override // org.springframework.security.token.TokenService
    public Token verifyToken(String str) {
        if (str == null || "".equals(str)) {
            return null;
        }
        String[] delimitedListToStringArray = StringUtils.delimitedListToStringArray(convertToString(Base64.decodeBase64(convertToBytes(str))), QuickTargetSourceCreator.PREFIX_COMMONS_POOL);
        Assert.isTrue(delimitedListToStringArray.length >= 4, new StringBuffer().append("Expected 4 or more tokens but found ").append(delimitedListToStringArray.length).toString());
        try {
            long longValue = Long.decode(delimitedListToStringArray[0]).longValue();
            String computeServerSecretApplicableAt = computeServerSecretApplicableAt(longValue);
            String str2 = delimitedListToStringArray[1];
            StringBuffer stringBuffer = new StringBuffer();
            for (int i = 2; i < delimitedListToStringArray.length - 1; i++) {
                if (i > 2) {
                    stringBuffer.append(QuickTargetSourceCreator.PREFIX_COMMONS_POOL);
                }
                stringBuffer.append(delimitedListToStringArray[i]);
            }
            Assert.isTrue(Sha512DigestUtils.shaHex(new StringBuffer().append(new StringBuffer().append(new Long(longValue).toString()).append(QuickTargetSourceCreator.PREFIX_COMMONS_POOL).append(str2).append(QuickTargetSourceCreator.PREFIX_COMMONS_POOL).append(stringBuffer.toString()).toString()).append(QuickTargetSourceCreator.PREFIX_COMMONS_POOL).append(computeServerSecretApplicableAt).toString()).equals(delimitedListToStringArray[delimitedListToStringArray.length - 1]), "Key verification failure");
            return new DefaultToken(str, longValue, stringBuffer.toString());
        } catch (NumberFormatException e) {
            throw new IllegalArgumentException(new StringBuffer().append("Expected number but found ").append(delimitedListToStringArray[0]).toString());
        }
    }

    private byte[] convertToBytes(String str) {
        try {
            return str.getBytes("UTF-8");
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }
    }

    private String convertToString(byte[] bArr) {
        try {
            return new String(bArr, "UTF-8");
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private String generatePseudoRandomNumber() {
        byte[] bArr = new byte[this.pseudoRandomNumberBits];
        this.secureRandom.nextBytes(bArr);
        return new String(Hex.encodeHex(bArr));
    }

    private String computeServerSecretApplicableAt(long j) {
        return new StringBuffer().append(this.serverSecret).append(QuickTargetSourceCreator.PREFIX_COMMONS_POOL).append(new Long(j % this.serverInteger.intValue()).intValue()).toString();
    }

    public void setServerSecret(String str) {
        this.serverSecret = str;
    }

    public void setSecureRandom(SecureRandom secureRandom) {
        this.secureRandom = secureRandom;
    }

    public void setPseudoRandomNumberBits(int i) {
        Assert.isTrue(i >= 0, "Must have a positive pseudo random number bit size");
        this.pseudoRandomNumberBits = i;
    }

    public void setServerInteger(Integer num) {
        this.serverInteger = num;
    }

    @Override // org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() throws Exception {
        Assert.hasText(this.serverSecret, "Server secret required");
        Assert.notNull(this.serverInteger, "Server integer required");
        Assert.notNull(this.secureRandom, "SecureRandom instance required");
    }
}
