package com.appiancorp.security.auth.docviewer;

import com.appiancorp.core.expr.fn.serialization.HexUtils;
import com.appiancorp.core.expr.portable.string.Strings;
import com.appiancorp.encryption.InternalEncryptionService;
import com.appiancorp.ix.ConflictDetectionHaul;
import com.appiancorp.rdbms.util.ConstraintViolationHelper;
import com.appiancorp.security.auth.docviewer.persistence.DocViewerDatabaseService;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import javax.persistence.PersistenceException;
import org.hibernate.exception.ConstraintViolationException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/appiancorp/security/auth/docviewer/DocViewerTokenServiceImpl.class */
public class DocViewerTokenServiceImpl implements DocViewerTokenService {
    private static final Logger LOG = LoggerFactory.getLogger(DocViewerTokenServiceImpl.class);
    private static final String DELIMITER = "%DELIMITER%";
    private static final int RANDOM_LONG_INDEX = 0;
    private static final int CREATION_TIME_INDEX = 1;
    private static final int DOC_ID_INDEX = 2;
    private static final int USERNAME_INDEX = 3;
    private final InternalEncryptionService encryptionService;
    private final DocViewerDatabaseService databaseService;

    public DocViewerTokenServiceImpl(InternalEncryptionService internalEncryptionService, DocViewerDatabaseService docViewerDatabaseService) {
        this.encryptionService = internalEncryptionService;
        this.databaseService = docViewerDatabaseService;
    }

    @Override // com.appiancorp.security.auth.docviewer.DocViewerTokenService
    public String encryptToken(DocViewerToken docViewerToken) throws DocViewerTokenException {
        if (Strings.isNullOrEmpty(docViewerToken.getUsername()) || docViewerToken.getUsername().contains(DELIMITER)) {
            throw new DocViewerTokenException("Invalid username");
        }
        if (docViewerToken.getDocId() == null) {
            throw new DocViewerTokenException("Doc ID is not defined");
        }
        return this.encryptionService.encryptToString(String.join(DELIMITER, String.valueOf(new SecureRandom().nextLong()), String.valueOf(docViewerToken.getCreationTimeMs()), String.valueOf(docViewerToken.getDocId()), docViewerToken.getUsername()));
    }

    @Override // com.appiancorp.security.auth.docviewer.DocViewerTokenService
    public DocViewerToken decryptToken(String str) throws DocViewerTokenException {
        DocViewerToken docViewerToken = null;
        try {
            String decryptFromString = this.encryptionService.decryptFromString(str);
            String[] split = decryptFromString.split(DELIMITER);
            docViewerToken = DocViewerToken.getBuilder().creationTimeMs(Long.valueOf(Long.parseLong(split[1]))).docId(Long.valueOf(Long.parseLong(split[2]))).username(split[3]).build();
            this.databaseService.createToken(new DocViewerDatabaseToken(getTokenHash(decryptFromString.getBytes(StandardCharsets.UTF_8)), docViewerToken.getCreationTimeMs()));
            return docViewerToken;
        } catch (Exception e) {
            if (docViewerToken == null || !isConstraintException(e)) {
                throw new DocViewerTokenException("Could not decrypt token.", e);
            }
            LOG.info("Token has already been decrypted and added to the database", e);
            docViewerToken.markUsed();
            return docViewerToken;
        }
    }

    private boolean isConstraintException(Exception exc) {
        return ((exc instanceof PersistenceException) && ConstraintViolationHelper.isConstraintViolationException((PersistenceException) exc)) || ((exc.getCause() instanceof PersistenceException) && (exc.getCause().getCause() instanceof ConstraintViolationException));
    }

    private String getTokenHash(byte[] bArr) throws NoSuchAlgorithmException {
        return HexUtils.bytesToHexLower(MessageDigest.getInstance(ConflictDetectionHaul.DIFF_ALGORITHM).digest(bArr));
    }
}
