package com.appiancorp.security.auth.token;

import com.appiancorp.encryption.InternalEncryptionService;
import com.appiancorp.security.auth.SpringSecurityContextHelper;
import com.appiancorp.suite.SuiteConfiguration;
import com.appiancorp.suiteapi.type.TypedValue;
import com.appiancorp.type.AppianTypeLong;
import com.google.common.base.Preconditions;

/* loaded from: input_file:com/appiancorp/security/auth/token/UserTokenService.class */
public class UserTokenService {
    private final InternalEncryptionService encryptionService;
    private final UserTokenValidator userTokenValidator;
    private final SuiteConfiguration suiteConfiguration;

    public UserTokenService(InternalEncryptionService internalEncryptionService, UserTokenValidator userTokenValidator, SuiteConfiguration suiteConfiguration) {
        this.encryptionService = (InternalEncryptionService) Preconditions.checkNotNull(internalEncryptionService);
        this.userTokenValidator = (UserTokenValidator) Preconditions.checkNotNull(userTokenValidator);
        this.suiteConfiguration = (SuiteConfiguration) Preconditions.checkNotNull(suiteConfiguration);
    }

    public String generateEncryptedToken(String str) throws UserTokenException {
        return (String) this.encryptionService.encrypt(UserToken.createTokenForUsername(str, this.suiteConfiguration.getServerAndPort()).getUnencryptedToken()).getValue();
    }

    public String validateEncryptedTokenAndGetUsername(String str) throws Exception {
        UserToken userToken = new UserToken(decryptToken(str));
        this.userTokenValidator.validate(userToken);
        return userToken.getUsername();
    }

    private String decryptToken(String str) throws UserTokenException {
        try {
            TypedValue typedValue = new TypedValue(AppianTypeLong.ENCRYPTED_TEXT, str);
            String str2 = (String) SpringSecurityContextHelper.runAsAdmin(() -> {
                return this.encryptionService.decrypt(typedValue);
            });
            if (str2 == null) {
                throw new UserTokenException("Decrypted token cannot be null");
            }
            return str2;
        } catch (Exception e) {
            throw new UserTokenException("Error decrypting token", e);
        }
    }
}
