package org.springframework.security.oauth2.provider.token.store.redis;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import org.springframework.data.redis.connection.RedisConnection;
import org.springframework.data.redis.connection.RedisConnectionFactory;
import org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.common.OAuth2RefreshToken;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.token.AuthenticationKeyGenerator;
import org.springframework.security.oauth2.provider.token.DefaultAuthenticationKeyGenerator;
import org.springframework.security.oauth2.provider.token.TokenStore;

/* loaded from: input_file:BOOT-INF/lib/spring-security-oauth2-2.0.14.RELEASE.jar:org/springframework/security/oauth2/provider/token/store/redis/RedisTokenStore.class */
public class RedisTokenStore implements TokenStore {
    private static final String ACCESS = "access:";
    private static final String AUTH_TO_ACCESS = "auth_to_access:";
    private static final String AUTH = "auth:";
    private static final String REFRESH_AUTH = "refresh_auth:";
    private static final String ACCESS_TO_REFRESH = "access_to_refresh:";
    private static final String REFRESH = "refresh:";
    private static final String REFRESH_TO_ACCESS = "refresh_to_access:";
    private static final String CLIENT_ID_TO_ACCESS = "client_id_to_access:";
    private static final String UNAME_TO_ACCESS = "uname_to_access:";
    private final RedisConnectionFactory connectionFactory;
    private AuthenticationKeyGenerator authenticationKeyGenerator = new DefaultAuthenticationKeyGenerator();
    private RedisTokenStoreSerializationStrategy serializationStrategy = new JdkSerializationStrategy();
    private String prefix = "";

    public RedisTokenStore(RedisConnectionFactory redisConnectionFactory) {
        this.connectionFactory = redisConnectionFactory;
    }

    public void setAuthenticationKeyGenerator(AuthenticationKeyGenerator authenticationKeyGenerator) {
        this.authenticationKeyGenerator = authenticationKeyGenerator;
    }

    public void setSerializationStrategy(RedisTokenStoreSerializationStrategy redisTokenStoreSerializationStrategy) {
        this.serializationStrategy = redisTokenStoreSerializationStrategy;
    }

    public void setPrefix(String str) {
        this.prefix = str;
    }

    private RedisConnection getConnection() {
        return this.connectionFactory.getConnection();
    }

    private byte[] serialize(Object obj) {
        return this.serializationStrategy.serialize(obj);
    }

    private byte[] serializeKey(String str) {
        return serialize(this.prefix + str);
    }

    private OAuth2AccessToken deserializeAccessToken(byte[] bArr) {
        return (OAuth2AccessToken) this.serializationStrategy.deserialize(bArr, OAuth2AccessToken.class);
    }

    private OAuth2Authentication deserializeAuthentication(byte[] bArr) {
        return (OAuth2Authentication) this.serializationStrategy.deserialize(bArr, OAuth2Authentication.class);
    }

    private OAuth2RefreshToken deserializeRefreshToken(byte[] bArr) {
        return (OAuth2RefreshToken) this.serializationStrategy.deserialize(bArr, OAuth2RefreshToken.class);
    }

    private byte[] serialize(String str) {
        return this.serializationStrategy.serialize(str);
    }

    private String deserializeString(byte[] bArr) {
        return this.serializationStrategy.deserializeString(bArr);
    }

    @Override // org.springframework.security.oauth2.provider.token.TokenStore
    public OAuth2AccessToken getAccessToken(OAuth2Authentication oAuth2Authentication) {
        String extractKey = this.authenticationKeyGenerator.extractKey(oAuth2Authentication);
        byte[] serializeKey = serializeKey(AUTH_TO_ACCESS + extractKey);
        RedisConnection connection = getConnection();
        try {
            byte[] bArr = connection.get(serializeKey);
            connection.close();
            OAuth2AccessToken deserializeAccessToken = deserializeAccessToken(bArr);
            if (deserializeAccessToken != null && !extractKey.equals(this.authenticationKeyGenerator.extractKey(readAuthentication(deserializeAccessToken.getValue())))) {
                storeAccessToken(deserializeAccessToken, oAuth2Authentication);
            }
            return deserializeAccessToken;
        } catch (Throwable th) {
            connection.close();
            throw th;
        }
    }

    @Override // org.springframework.security.oauth2.provider.token.TokenStore
    public OAuth2Authentication readAuthentication(OAuth2AccessToken oAuth2AccessToken) {
        return readAuthentication(oAuth2AccessToken.getValue());
    }

    @Override // org.springframework.security.oauth2.provider.token.TokenStore
    public OAuth2Authentication readAuthentication(String str) {
        RedisConnection connection = getConnection();
        try {
            byte[] bArr = connection.get(serializeKey(AUTH + str));
            connection.close();
            return deserializeAuthentication(bArr);
        } catch (Throwable th) {
            connection.close();
            throw th;
        }
    }

    @Override // org.springframework.security.oauth2.provider.token.TokenStore
    public OAuth2Authentication readAuthenticationForRefreshToken(OAuth2RefreshToken oAuth2RefreshToken) {
        return readAuthenticationForRefreshToken(oAuth2RefreshToken.getValue());
    }

    public OAuth2Authentication readAuthenticationForRefreshToken(String str) {
        RedisConnection connection = getConnection();
        try {
            OAuth2Authentication deserializeAuthentication = deserializeAuthentication(connection.get(serializeKey(REFRESH_AUTH + str)));
            connection.close();
            return deserializeAuthentication;
        } catch (Throwable th) {
            connection.close();
            throw th;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r2v26, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r2v53, types: [byte[], byte[][]] */
    @Override // org.springframework.security.oauth2.provider.token.TokenStore
    public void storeAccessToken(OAuth2AccessToken oAuth2AccessToken, OAuth2Authentication oAuth2Authentication) {
        Date expiration;
        byte[] serialize = serialize(oAuth2AccessToken);
        byte[] serialize2 = serialize(oAuth2Authentication);
        byte[] serializeKey = serializeKey(ACCESS + oAuth2AccessToken.getValue());
        byte[] serializeKey2 = serializeKey(AUTH + oAuth2AccessToken.getValue());
        byte[] serializeKey3 = serializeKey(AUTH_TO_ACCESS + this.authenticationKeyGenerator.extractKey(oAuth2Authentication));
        byte[] serializeKey4 = serializeKey(UNAME_TO_ACCESS + getApprovalKey(oAuth2Authentication));
        byte[] serializeKey5 = serializeKey(CLIENT_ID_TO_ACCESS + oAuth2Authentication.getOAuth2Request().getClientId());
        RedisConnection connection = getConnection();
        try {
            connection.openPipeline();
            connection.set(serializeKey, serialize);
            connection.set(serializeKey2, serialize2);
            connection.set(serializeKey3, serialize);
            if (!oAuth2Authentication.isClientOnly()) {
                connection.rPush(serializeKey4, new byte[]{serialize});
            }
            connection.rPush(serializeKey5, new byte[]{serialize});
            if (oAuth2AccessToken.getExpiration() != null) {
                int expiresIn = oAuth2AccessToken.getExpiresIn();
                connection.expire(serializeKey, expiresIn);
                connection.expire(serializeKey2, expiresIn);
                connection.expire(serializeKey3, expiresIn);
                connection.expire(serializeKey5, expiresIn);
                connection.expire(serializeKey4, expiresIn);
            }
            OAuth2RefreshToken refreshToken = oAuth2AccessToken.getRefreshToken();
            if (refreshToken != null && refreshToken.getValue() != null) {
                byte[] serialize3 = serialize(oAuth2AccessToken.getRefreshToken().getValue());
                byte[] serialize4 = serialize(oAuth2AccessToken.getValue());
                byte[] serializeKey6 = serializeKey(REFRESH_TO_ACCESS + oAuth2AccessToken.getRefreshToken().getValue());
                connection.set(serializeKey6, serialize4);
                byte[] serializeKey7 = serializeKey(ACCESS_TO_REFRESH + oAuth2AccessToken.getValue());
                connection.set(serializeKey7, serialize3);
                if ((refreshToken instanceof ExpiringOAuth2RefreshToken) && (expiration = ((ExpiringOAuth2RefreshToken) refreshToken).getExpiration()) != null) {
                    int intValue = Long.valueOf((expiration.getTime() - System.currentTimeMillis()) / 1000).intValue();
                    connection.expire(serializeKey6, intValue);
                    connection.expire(serializeKey7, intValue);
                }
            }
            connection.closePipeline();
            connection.close();
        } catch (Throwable th) {
            connection.close();
            throw th;
        }
    }

    private static String getApprovalKey(OAuth2Authentication oAuth2Authentication) {
        return getApprovalKey(oAuth2Authentication.getOAuth2Request().getClientId(), oAuth2Authentication.getUserAuthentication() == null ? "" : oAuth2Authentication.getUserAuthentication().getName());
    }

    private static String getApprovalKey(String str, String str2) {
        return str + (str2 == null ? "" : ":" + str2);
    }

    @Override // org.springframework.security.oauth2.provider.token.TokenStore
    public void removeAccessToken(OAuth2AccessToken oAuth2AccessToken) {
        removeAccessToken(oAuth2AccessToken.getValue());
    }

    @Override // org.springframework.security.oauth2.provider.token.TokenStore
    public OAuth2AccessToken readAccessToken(String str) {
        byte[] serializeKey = serializeKey(ACCESS + str);
        RedisConnection connection = getConnection();
        try {
            byte[] bArr = connection.get(serializeKey);
            connection.close();
            return deserializeAccessToken(bArr);
        } catch (Throwable th) {
            connection.close();
            throw th;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r1v15, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r1v17, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r1v19, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r1v37, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r1v41, types: [byte[], byte[][]] */
    public void removeAccessToken(String str) {
        byte[] serializeKey = serializeKey(ACCESS + str);
        byte[] serializeKey2 = serializeKey(AUTH + str);
        byte[] serializeKey3 = serializeKey(ACCESS_TO_REFRESH + str);
        RedisConnection connection = getConnection();
        try {
            connection.openPipeline();
            connection.get(serializeKey);
            connection.get(serializeKey2);
            connection.del(new byte[]{serializeKey});
            connection.del(new byte[]{serializeKey3});
            connection.del(new byte[]{serializeKey2});
            List<Object> closePipeline = connection.closePipeline();
            byte[] bArr = (byte[]) closePipeline.get(0);
            OAuth2Authentication deserializeAuthentication = deserializeAuthentication((byte[]) closePipeline.get(1));
            if (deserializeAuthentication != null) {
                String extractKey = this.authenticationKeyGenerator.extractKey(deserializeAuthentication);
                byte[] serializeKey4 = serializeKey(AUTH_TO_ACCESS + extractKey);
                byte[] serializeKey5 = serializeKey(UNAME_TO_ACCESS + getApprovalKey(deserializeAuthentication));
                byte[] serializeKey6 = serializeKey(CLIENT_ID_TO_ACCESS + deserializeAuthentication.getOAuth2Request().getClientId());
                connection.openPipeline();
                connection.del(new byte[]{serializeKey4});
                connection.lRem(serializeKey5, 1L, bArr);
                connection.lRem(serializeKey6, 1L, bArr);
                connection.del(new byte[]{serialize(ACCESS + extractKey)});
                connection.closePipeline();
            }
        } finally {
            connection.close();
        }
    }

    @Override // org.springframework.security.oauth2.provider.token.TokenStore
    public void storeRefreshToken(OAuth2RefreshToken oAuth2RefreshToken, OAuth2Authentication oAuth2Authentication) {
        Date expiration;
        byte[] serializeKey = serializeKey(REFRESH + oAuth2RefreshToken.getValue());
        byte[] serializeKey2 = serializeKey(REFRESH_AUTH + oAuth2RefreshToken.getValue());
        byte[] serialize = serialize(oAuth2RefreshToken);
        RedisConnection connection = getConnection();
        try {
            connection.openPipeline();
            connection.set(serializeKey, serialize);
            connection.set(serializeKey2, serialize(oAuth2Authentication));
            if ((oAuth2RefreshToken instanceof ExpiringOAuth2RefreshToken) && (expiration = ((ExpiringOAuth2RefreshToken) oAuth2RefreshToken).getExpiration()) != null) {
                int intValue = Long.valueOf((expiration.getTime() - System.currentTimeMillis()) / 1000).intValue();
                connection.expire(serializeKey, intValue);
                connection.expire(serializeKey2, intValue);
            }
            connection.closePipeline();
            connection.close();
        } catch (Throwable th) {
            connection.close();
            throw th;
        }
    }

    @Override // org.springframework.security.oauth2.provider.token.TokenStore
    public OAuth2RefreshToken readRefreshToken(String str) {
        byte[] serializeKey = serializeKey(REFRESH + str);
        RedisConnection connection = getConnection();
        try {
            byte[] bArr = connection.get(serializeKey);
            connection.close();
            return deserializeRefreshToken(bArr);
        } catch (Throwable th) {
            connection.close();
            throw th;
        }
    }

    @Override // org.springframework.security.oauth2.provider.token.TokenStore
    public void removeRefreshToken(OAuth2RefreshToken oAuth2RefreshToken) {
        removeRefreshToken(oAuth2RefreshToken.getValue());
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r1v17, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r1v19, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r1v21, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r1v23, types: [byte[], byte[][]] */
    public void removeRefreshToken(String str) {
        byte[] serializeKey = serializeKey(REFRESH + str);
        byte[] serializeKey2 = serializeKey(REFRESH_AUTH + str);
        byte[] serializeKey3 = serializeKey(REFRESH_TO_ACCESS + str);
        byte[] serializeKey4 = serializeKey(ACCESS_TO_REFRESH + str);
        RedisConnection connection = getConnection();
        try {
            connection.openPipeline();
            connection.del(new byte[]{serializeKey});
            connection.del(new byte[]{serializeKey2});
            connection.del(new byte[]{serializeKey3});
            connection.del(new byte[]{serializeKey4});
            connection.closePipeline();
            connection.close();
        } catch (Throwable th) {
            connection.close();
            throw th;
        }
    }

    @Override // org.springframework.security.oauth2.provider.token.TokenStore
    public void removeAccessTokenUsingRefreshToken(OAuth2RefreshToken oAuth2RefreshToken) {
        removeAccessTokenUsingRefreshToken(oAuth2RefreshToken.getValue());
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r1v6, types: [byte[], byte[][]] */
    private void removeAccessTokenUsingRefreshToken(String str) {
        String deserializeString;
        byte[] serializeKey = serializeKey(REFRESH_TO_ACCESS + str);
        RedisConnection connection = getConnection();
        try {
            connection.openPipeline();
            connection.get(serializeKey);
            connection.del(new byte[]{serializeKey});
            List<Object> closePipeline = connection.closePipeline();
            connection.close();
            if (closePipeline == null || (deserializeString = deserializeString((byte[]) closePipeline.get(0))) == null) {
                return;
            }
            removeAccessToken(deserializeString);
        } catch (Throwable th) {
            connection.close();
            throw th;
        }
    }

    @Override // org.springframework.security.oauth2.provider.token.TokenStore
    public Collection<OAuth2AccessToken> findTokensByClientIdAndUserName(String str, String str2) {
        byte[] serializeKey = serializeKey(UNAME_TO_ACCESS + getApprovalKey(str, str2));
        RedisConnection connection = getConnection();
        try {
            List<byte[]> lRange = connection.lRange(serializeKey, 0L, -1L);
            connection.close();
            if (lRange == null || lRange.size() == 0) {
                return Collections.emptySet();
            }
            ArrayList arrayList = new ArrayList(lRange.size());
            Iterator<byte[]> it2 = lRange.iterator();
            while (it2.hasNext()) {
                arrayList.add(deserializeAccessToken(it2.next()));
            }
            return Collections.unmodifiableCollection(arrayList);
        } catch (Throwable th) {
            connection.close();
            throw th;
        }
    }

    @Override // org.springframework.security.oauth2.provider.token.TokenStore
    public Collection<OAuth2AccessToken> findTokensByClientId(String str) {
        byte[] serializeKey = serializeKey(CLIENT_ID_TO_ACCESS + str);
        RedisConnection connection = getConnection();
        try {
            List<byte[]> lRange = connection.lRange(serializeKey, 0L, -1L);
            connection.close();
            if (lRange == null || lRange.size() == 0) {
                return Collections.emptySet();
            }
            ArrayList arrayList = new ArrayList(lRange.size());
            Iterator<byte[]> it2 = lRange.iterator();
            while (it2.hasNext()) {
                arrayList.add(deserializeAccessToken(it2.next()));
            }
            return Collections.unmodifiableCollection(arrayList);
        } catch (Throwable th) {
            connection.close();
            throw th;
        }
    }
}
