package sk.mimac.slideshow.http;

import G.a;
import j$.util.concurrent.ConcurrentHashMap;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.SecureRandom;
import java.sql.SQLException;
import java.util.Iterator;
import java.util.Map;
import java.util.Random;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.mina.util.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import sk.mimac.slideshow.database.dao.AccessUserDao;
import sk.mimac.slideshow.database.entity.AccessUser;
import sk.mimac.slideshow.enums.UserRole;
import sk.mimac.slideshow.ftp.ShaPasswordEncryptor;
import sk.mimac.slideshow.settings.SystemSettings;
import sk.mimac.slideshow.settings.UserSettings;
import sk.mimac.slideshow.utils.HashBase64;

/* loaded from: classes5.dex */
public class Authenticator {
    public static final String COOKIE_NAME = "__SESSION_ID__";
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) Authenticator.class);
    private static final int LONG_COOKIE_AGE = 5184000;
    private static final long LONG_SESSION_AGE = 2592000000L;
    private static final int SHORT_COOKIE_AGE = 172800;
    private static final long SHORT_SESSION_AGE = 3600000;
    public static final String SYSTEM_USER = "__SYSTEM_USER__";
    public static final String TUNNEL_COOKIE_NAME = "__TUNNEL_SESSION_ID__";
    private final byte[] secretKey = SystemSettings.getInternalPassword().getBytes(StandardCharsets.UTF_8);
    private final Map<String, Session> sessions = new ConcurrentHashMap();
    private final Random random = new SecureRandom();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes5.dex */
    public static class Session {
        private final AccessUser accessUser;
        private final long maxAge;
        private long timestamp;

        private Session(AccessUser accessUser, long j2, long j3) {
            this.accessUser = accessUser;
            this.timestamp = j2;
            this.maxAge = j3;
        }
    }

    private Session decryptSession(String str) {
        AccessUser accessUser;
        try {
            String[] split = new String(getCipher(2).doFinal(Base64.decodeBase64(str.getBytes())), StandardCharsets.UTF_8).split("\\.");
            if (split.length == 5 && split[1].equals("x") && (accessUser = AccessUserDao.getInstance().get(Long.valueOf(Long.parseLong(split[2])))) != null) {
                return new Session(accessUser, Long.parseLong(split[3]), Long.parseLong(split[4]));
            }
            return null;
        } catch (Exception unused) {
        }
        return null;
    }

    private String encryptSession(String str) {
        try {
            return new String(Base64.encodeBase64(getCipher(1).doFinal(str.getBytes(StandardCharsets.UTF_8))));
        } catch (Exception e) {
            throw new RuntimeException("Can't encrypt password", e);
        }
    }

    private Cipher getCipher(int i) {
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        cipher.init(i, new SecretKeySpec(this.secretKey, "AES"), new IvParameterSpec(new byte[cipher.getBlockSize()]));
        return cipher;
    }

    public static String getSystemUserPassword() {
        String string = UserSettings.COMMUNICATION_SERVER_CODE.getString();
        if (string == null || string.isEmpty()) {
            return null;
        }
        StringBuilder t2 = a.t(string);
        t2.append(SystemSettings.getInternalPassword());
        return HashBase64.encodeBase64(DigestUtils.sha384(t2.toString()));
    }

    private AccessUser loginBasic(String str) {
        String[] parseString = parseString(str);
        if (parseString.length == 2) {
            try {
                if (parseString[0].equals(SYSTEM_USER)) {
                    String systemUserPassword = getSystemUserPassword();
                    if (systemUserPassword != null && systemUserPassword.equals(parseString[1])) {
                        return new AccessUser("System user", "system-user", null, UserRole.ADMIN);
                    }
                } else {
                    AccessUser byUsername = AccessUserDao.getInstance().getByUsername(parseString[0]);
                    if (byUsername != null && ShaPasswordEncryptor.INSTANCE.matches(parseString[1], byUsername.getPassword())) {
                        return byUsername;
                    }
                }
            } catch (SQLException e) {
                LOG.warn("Can't get user '{}' from database", parseString[0], e);
            }
        }
        return null;
    }

    private AccessUser loginCookies(String str) {
        Session session = this.sessions.get(str);
        if (session == null) {
            session = decryptSession(str);
        }
        if (session == null) {
            return null;
        }
        long currentTimeMillis = System.currentTimeMillis();
        if (currentTimeMillis < session.timestamp || currentTimeMillis > session.timestamp + session.maxAge) {
            this.sessions.remove(str);
            return null;
        }
        session.timestamp = currentTimeMillis;
        return session.accessUser;
    }

    private String[] parseString(String str) {
        return !str.startsWith("Basic ") ? new String[0] : new String(Base64.decodeBase64(str.substring(6).getBytes()), StandardCharsets.UTF_8).split(":");
    }

    public AccessUser authenticate(String str, String str2) {
        if (str2 != null) {
            return loginCookies(str2);
        }
        if (str != null) {
            return loginBasic(str);
        }
        return null;
    }

    public void clearOldSessions() {
        long currentTimeMillis = System.currentTimeMillis();
        Iterator<Session> it = this.sessions.values().iterator();
        while (it.hasNext()) {
            Session next = it.next();
            if (currentTimeMillis < next.timestamp || currentTimeMillis > next.timestamp + next.maxAge) {
                it.remove();
            }
        }
    }

    public HttpCookie generateCookie(String str, String str2, boolean z2, boolean z3) {
        String bigInteger;
        try {
            if (this.sessions.size() > 15) {
                clearOldSessions();
            }
            AccessUser byUsername = AccessUserDao.getInstance().getByUsername(str);
            if (byUsername == null || !ShaPasswordEncryptor.INSTANCE.matches(str2, byUsername.getPassword())) {
                return null;
            }
            long currentTimeMillis = System.currentTimeMillis();
            long j2 = LONG_SESSION_AGE;
            if (z2) {
                bigInteger = encryptSession(new BigInteger(32, this.random).toString(36) + ".x." + byUsername.getId() + "." + currentTimeMillis + "." + LONG_SESSION_AGE);
            } else {
                bigInteger = new BigInteger(264, this.random).add(BigInteger.valueOf(2000000000L)).toString(36);
            }
            Map<String, Session> map = this.sessions;
            if (!z2) {
                j2 = 3600000;
            }
            map.put(bigInteger, new Session(byUsername, currentTimeMillis, j2));
            LOG.trace("User '{}' logged in to web interface", str);
            return new HttpCookie(z3 ? TUNNEL_COOKIE_NAME : COOKIE_NAME, bigInteger, z2 ? LONG_COOKIE_AGE : SHORT_COOKIE_AGE);
        } catch (SQLException e) {
            LOG.warn("Can't get user '{}' from database", str, e);
            return null;
        }
    }

    public void logout(String str) {
        if (str != null) {
            this.sessions.remove(str);
        }
    }
}
