package org.springframework.security.ui.rememberme;

import java.util.Arrays;
import java.util.Date;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.digest.DigestUtils;
import org.springframework.security.Authentication;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.util.StringUtils;

/* loaded from: classes.dex */
public class TokenBasedRememberMeServices extends AbstractRememberMeServices {
    private boolean isInstanceOfUserDetails(Authentication authentication) {
        return authentication.getPrincipal() instanceof UserDetails;
    }

    protected int calculateLoginLifetime(HttpServletRequest httpServletRequest, Authentication authentication) {
        return getTokenValiditySeconds();
    }

    protected boolean isTokenExpired(long j) {
        return j < System.currentTimeMillis();
    }

    protected String makeTokenSignature(long j, String str, String str2) {
        return DigestUtils.md5Hex(new StringBuffer().append(str).append(":").append(j).append(":").append(str2).append(":").append(getKey()).toString());
    }

    @Override // org.springframework.security.ui.rememberme.AbstractRememberMeServices
    public void onLoginSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) {
        String retrieveUserName = retrieveUserName(authentication);
        String retrievePassword = retrievePassword(authentication);
        if (StringUtils.hasLength(retrieveUserName) && StringUtils.hasLength(retrievePassword)) {
            int calculateLoginLifetime = calculateLoginLifetime(httpServletRequest, authentication);
            long currentTimeMillis = System.currentTimeMillis() + (1000 * calculateLoginLifetime);
            setCookie(new String[]{retrieveUserName, Long.toString(currentTimeMillis), makeTokenSignature(currentTimeMillis, retrieveUserName, retrievePassword)}, calculateLoginLifetime, httpServletRequest, httpServletResponse);
            if (this.logger.isDebugEnabled()) {
                this.logger.debug(new StringBuffer().append("Added remember-me cookie for user '").append(retrieveUserName).append("', expiry: '").append(new Date(currentTimeMillis)).append("'").toString());
            }
        }
    }

    @Override // org.springframework.security.ui.rememberme.AbstractRememberMeServices
    public UserDetails processAutoLoginCookie(String[] strArr, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (strArr.length != 3) {
            throw new InvalidCookieException(new StringBuffer().append("Cookie token did not contain 2 tokens, but contained '").append(Arrays.asList(strArr)).append("'").toString());
        }
        try {
            long longValue = new Long(strArr[1]).longValue();
            if (isTokenExpired(longValue)) {
                throw new InvalidCookieException(new StringBuffer().append("Cookie token[1] has expired (expired on '").append(new Date(longValue)).append("'; current time is '").append(new Date()).append("')").toString());
            }
            UserDetails loadUserByUsername = getUserDetailsService().loadUserByUsername(strArr[0]);
            String makeTokenSignature = makeTokenSignature(longValue, loadUserByUsername.getUsername(), loadUserByUsername.getPassword());
            if (makeTokenSignature.equals(strArr[2])) {
                return loadUserByUsername;
            }
            throw new InvalidCookieException(new StringBuffer().append("Cookie token[2] contained signature '").append(strArr[2]).append("' but expected '").append(makeTokenSignature).append("'").toString());
        } catch (NumberFormatException e) {
            throw new InvalidCookieException(new StringBuffer().append("Cookie token[1] did not contain a valid number (contained '").append(strArr[1]).append("')").toString());
        }
    }

    protected String retrievePassword(Authentication authentication) {
        return isInstanceOfUserDetails(authentication) ? ((UserDetails) authentication.getPrincipal()).getPassword() : authentication.getCredentials().toString();
    }

    protected String retrieveUserName(Authentication authentication) {
        return isInstanceOfUserDetails(authentication) ? ((UserDetails) authentication.getPrincipal()).getUsername() : authentication.getPrincipal().toString();
    }
}
