package com.helger.photon.security.token.user;

import com.helger.commons.ValueEnforcer;
import com.helger.commons.annotation.Nonempty;
import com.helger.commons.annotation.ReturnsMutableCopy;
import com.helger.commons.annotation.ReturnsMutableObject;
import com.helger.commons.callback.CallbackList;
import com.helger.commons.collection.CollectionHelper;
import com.helger.commons.microdom.IMicroDocument;
import com.helger.commons.microdom.IMicroElement;
import com.helger.commons.microdom.MicroDocument;
import com.helger.commons.microdom.convert.MicroTypeConverter;
import com.helger.commons.state.EChange;
import com.helger.commons.string.StringHelper;
import com.helger.photon.basic.app.dao.impl.AbstractSimpleDAO;
import com.helger.photon.basic.app.dao.impl.DAOException;
import com.helger.photon.basic.audit.AuditHelper;
import com.helger.photon.security.object.ObjectHelper;
import com.helger.photon.security.token.accesstoken.AccessToken;
import com.helger.photon.security.token.accesstoken.IAccessToken;
import com.helger.photon.security.token.app.IAppToken;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.annotation.concurrent.GuardedBy;
import org.joda.time.LocalDateTime;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/ph-oton-security-6.2.0.jar:com/helger/photon/security/token/user/UserTokenManager.class */
public final class UserTokenManager extends AbstractSimpleDAO {
    private static final Logger s_aLogger = LoggerFactory.getLogger((Class<?>) UserTokenManager.class);
    private static final String ELEMENT_ROOT = "usertokens";
    private static final String ELEMENT_ITEM = "usertoken";

    @GuardedBy("m_aRWLock")
    private final Map<String, UserToken> m_aMap;
    private final CallbackList<IUserTokenModificationCallback> m_aCallbacks;

    public UserTokenManager(@Nonnull @Nonempty String str) throws DAOException {
        super(str);
        this.m_aMap = new HashMap();
        this.m_aCallbacks = new CallbackList<>();
        initialRead();
    }

    @Override // com.helger.photon.basic.app.dao.impl.AbstractSimpleDAO
    @Nonnull
    protected EChange onRead(@Nonnull IMicroDocument iMicroDocument) {
        Iterator<IMicroElement> it = iMicroDocument.getDocumentElement().getAllChildElements(ELEMENT_ITEM).iterator();
        while (it.hasNext()) {
            _addUserToken((UserToken) MicroTypeConverter.convertToNative(it.next(), UserToken.class));
        }
        return EChange.UNCHANGED;
    }

    @Override // com.helger.photon.basic.app.dao.impl.AbstractSimpleDAO
    @Nonnull
    protected IMicroDocument createWriteData() {
        MicroDocument microDocument = new MicroDocument();
        IMicroElement appendElement = microDocument.appendElement(ELEMENT_ROOT);
        Iterator it = CollectionHelper.getSortedByKey(this.m_aMap).values().iterator();
        while (it.hasNext()) {
            appendElement.appendChild(MicroTypeConverter.convertToMicroElement((UserToken) it.next(), ELEMENT_ITEM));
        }
        return microDocument;
    }

    @Nonnull
    @ReturnsMutableObject("design")
    public CallbackList<IUserTokenModificationCallback> getUserTokenModificationCallbacks() {
        return this.m_aCallbacks;
    }

    private void _addUserToken(@Nonnull UserToken userToken) {
        ValueEnforcer.notNull(userToken, "UserToken");
        String id = userToken.getID();
        if (this.m_aMap.containsKey(id)) {
            throw new IllegalArgumentException("UserToken ID '" + id + "' is already in use!");
        }
        this.m_aMap.put(id, userToken);
    }

    @Nonnull
    public UserToken createUserToken(@Nullable String str, @Nullable Map<String, String> map, @Nonnull IAppToken iAppToken, @Nonnull @Nonempty String str2) {
        UserToken userToken = new UserToken(str, map, iAppToken, str2);
        this.m_aRWLock.writeLock().lock();
        try {
            _addUserToken(userToken);
            markAsChanged();
            this.m_aRWLock.writeLock().unlock();
            AuditHelper.onAuditCreateSuccess(UserToken.OT, userToken.getID(), map, iAppToken.getID(), str2);
            Iterator<IUserTokenModificationCallback> it = this.m_aCallbacks.getAllCallbacks().iterator();
            while (it.hasNext()) {
                try {
                    it.next().onUserTokenCreated(userToken);
                } catch (Throwable th) {
                    s_aLogger.error("Failed to invoke onUserTokenCreated callback on " + userToken.toString(), th);
                }
            }
            return userToken;
        } catch (Throwable th2) {
            this.m_aRWLock.writeLock().unlock();
            throw th2;
        }
    }

    @Nonnull
    public EChange updateUserToken(@Nullable String str, @Nullable Map<String, String> map, @Nonnull @Nonempty String str2) {
        UserToken _getUserTokenOfID = _getUserTokenOfID(str);
        if (_getUserTokenOfID == null) {
            AuditHelper.onAuditModifyFailure(UserToken.OT, str, "no-such-id");
            return EChange.UNCHANGED;
        }
        this.m_aRWLock.writeLock().lock();
        try {
            if (EChange.UNCHANGED.or(_getUserTokenOfID.setUserName(str2)).or(_getUserTokenOfID.getMutableAttributes2().clear()).or(_getUserTokenOfID.getMutableAttributes2().setAttributes(map)).isUnchanged()) {
                EChange eChange = EChange.UNCHANGED;
                this.m_aRWLock.writeLock().unlock();
                return eChange;
            }
            ObjectHelper.setLastModificationNow(_getUserTokenOfID);
            markAsChanged();
            this.m_aRWLock.writeLock().unlock();
            AuditHelper.onAuditModifySuccess(UserToken.OT, str, map, str2);
            Iterator<IUserTokenModificationCallback> it = this.m_aCallbacks.getAllCallbacks().iterator();
            while (it.hasNext()) {
                try {
                    it.next().onUserTokenUpdated(_getUserTokenOfID);
                } catch (Throwable th) {
                    s_aLogger.error("Failed to invoke onUserTokenUpdated callback on " + _getUserTokenOfID.toString(), th);
                }
            }
            return EChange.CHANGED;
        } catch (Throwable th2) {
            this.m_aRWLock.writeLock().unlock();
            throw th2;
        }
    }

    @Nonnull
    public EChange deleteUserToken(@Nullable String str) {
        UserToken _getUserTokenOfID = _getUserTokenOfID(str);
        if (_getUserTokenOfID == null) {
            AuditHelper.onAuditDeleteFailure(UserToken.OT, "no-such-id", str);
            return EChange.UNCHANGED;
        }
        this.m_aRWLock.writeLock().lock();
        try {
            if (ObjectHelper.setDeletionNow(_getUserTokenOfID).isUnchanged()) {
                AuditHelper.onAuditDeleteFailure(UserToken.OT, "already-deleted", _getUserTokenOfID.getID());
                EChange eChange = EChange.UNCHANGED;
                this.m_aRWLock.writeLock().unlock();
                return eChange;
            }
            markAsChanged();
            this.m_aRWLock.writeLock().unlock();
            AuditHelper.onAuditDeleteSuccess(UserToken.OT, _getUserTokenOfID.getID());
            Iterator<IUserTokenModificationCallback> it = this.m_aCallbacks.getAllCallbacks().iterator();
            while (it.hasNext()) {
                try {
                    it.next().onUserTokenDeleted(_getUserTokenOfID);
                } catch (Throwable th) {
                    s_aLogger.error("Failed to invoke onUserTokenDeleted callback on " + _getUserTokenOfID.toString(), th);
                }
            }
            return EChange.CHANGED;
        } catch (Throwable th2) {
            this.m_aRWLock.writeLock().unlock();
            throw th2;
        }
    }

    @Nonnull
    public EChange createNewAccessToken(@Nullable String str, @Nonnull @Nonempty String str2, @Nonnull LocalDateTime localDateTime, @Nonnull @Nonempty String str3, @Nullable String str4) {
        UserToken _getUserTokenOfID = _getUserTokenOfID(str);
        if (_getUserTokenOfID == null) {
            AuditHelper.onAuditModifyFailure(UserToken.OT, "no-such-id", str);
            return EChange.UNCHANGED;
        }
        this.m_aRWLock.writeLock().lock();
        try {
            _getUserTokenOfID.revokeActiveAccessToken(str2, localDateTime, str3);
            AccessToken createNewAccessToken = _getUserTokenOfID.createNewAccessToken(str4);
            ObjectHelper.setLastModificationNow(_getUserTokenOfID);
            markAsChanged();
            this.m_aRWLock.writeLock().unlock();
            AuditHelper.onAuditModifySuccess(UserToken.OT, "create-new-access-token", _getUserTokenOfID.getID(), str2, localDateTime, str3, str4);
            Iterator<IUserTokenModificationCallback> it = this.m_aCallbacks.getAllCallbacks().iterator();
            while (it.hasNext()) {
                try {
                    it.next().onUserTokenCreateAccessToken(_getUserTokenOfID, createNewAccessToken);
                } catch (Throwable th) {
                    s_aLogger.error("Failed to invoke onUserTokenCreateAccessToken callback on " + _getUserTokenOfID.toString() + " and " + createNewAccessToken.toString(), th);
                }
            }
            return EChange.CHANGED;
        } catch (Throwable th2) {
            this.m_aRWLock.writeLock().unlock();
            throw th2;
        }
    }

    @Nonnull
    public EChange revokeAccessToken(@Nullable String str, @Nonnull @Nonempty String str2, @Nonnull LocalDateTime localDateTime, @Nonnull @Nonempty String str3) {
        UserToken _getUserTokenOfID = _getUserTokenOfID(str);
        if (_getUserTokenOfID == null) {
            AuditHelper.onAuditModifyFailure(UserToken.OT, "no-such-id", str);
            return EChange.UNCHANGED;
        }
        this.m_aRWLock.writeLock().lock();
        try {
            if (_getUserTokenOfID.revokeActiveAccessToken(str2, localDateTime, str3).isUnchanged()) {
                AuditHelper.onAuditModifyFailure(UserToken.OT, "already-revoked", str);
                EChange eChange = EChange.UNCHANGED;
                this.m_aRWLock.writeLock().unlock();
                return eChange;
            }
            ObjectHelper.setLastModificationNow(_getUserTokenOfID);
            markAsChanged();
            this.m_aRWLock.writeLock().unlock();
            AuditHelper.onAuditModifySuccess(UserToken.OT, "revoke-access-token", _getUserTokenOfID.getID(), str2, localDateTime, str3);
            Iterator<IUserTokenModificationCallback> it = this.m_aCallbacks.getAllCallbacks().iterator();
            while (it.hasNext()) {
                try {
                    it.next().onUserTokenRevokeAccessToken(_getUserTokenOfID);
                } catch (Throwable th) {
                    s_aLogger.error("Failed to invoke onUserTokenRevokeAccessToken callback on " + _getUserTokenOfID.toString(), th);
                }
            }
            return EChange.CHANGED;
        } catch (Throwable th2) {
            this.m_aRWLock.writeLock().unlock();
            throw th2;
        }
    }

    @Nonnull
    @ReturnsMutableCopy
    public Collection<? extends UserToken> getAllUserTokens() {
        this.m_aRWLock.readLock().lock();
        try {
            return CollectionHelper.newList((Collection) this.m_aMap.values());
        } finally {
            this.m_aRWLock.readLock().unlock();
        }
    }

    @Nonnull
    @ReturnsMutableCopy
    public Collection<? extends UserToken> getAllActiveUserTokens() {
        this.m_aRWLock.readLock().lock();
        try {
            ArrayList arrayList = new ArrayList();
            for (UserToken userToken : this.m_aMap.values()) {
                if (!userToken.isDeleted()) {
                    arrayList.add(userToken);
                }
            }
            return arrayList;
        } finally {
            this.m_aRWLock.readLock().unlock();
        }
    }

    @Nullable
    private UserToken _getUserTokenOfID(@Nullable String str) {
        if (StringHelper.hasNoText(str)) {
            return null;
        }
        this.m_aRWLock.readLock().lock();
        try {
            return this.m_aMap.get(str);
        } finally {
            this.m_aRWLock.readLock().unlock();
        }
    }

    @Nullable
    public IUserToken getUserTokenOfID(@Nullable String str) {
        return _getUserTokenOfID(str);
    }

    public boolean containsUserTokenWithID(@Nullable String str) {
        if (StringHelper.hasNoText(str)) {
            return false;
        }
        this.m_aRWLock.readLock().lock();
        try {
            return this.m_aMap.containsKey(str);
        } finally {
            this.m_aRWLock.readLock().unlock();
        }
    }

    @Nullable
    public IUserToken getUserTokenOfTokenString(@Nullable String str) {
        if (StringHelper.hasNoText(str)) {
            return null;
        }
        this.m_aRWLock.readLock().lock();
        try {
            for (UserToken userToken : this.m_aMap.values()) {
                IAccessToken activeAccessToken = userToken.getActiveAccessToken();
                if (activeAccessToken != null && activeAccessToken.getTokenString().equals(str)) {
                    return userToken;
                }
            }
            this.m_aRWLock.readLock().unlock();
            return null;
        } finally {
            this.m_aRWLock.readLock().unlock();
        }
    }

    public boolean isAccessTokenUsed(@Nullable String str) {
        if (StringHelper.hasNoText(str)) {
            return false;
        }
        this.m_aRWLock.readLock().lock();
        try {
            Iterator<UserToken> it = this.m_aMap.values().iterator();
            while (it.hasNext()) {
                Iterator<? extends IAccessToken> it2 = it.next().getAllAccessTokens().iterator();
                while (it2.hasNext()) {
                    if (it2.next().getTokenString().equals(str)) {
                        return true;
                    }
                }
            }
            this.m_aRWLock.readLock().unlock();
            return false;
        } finally {
            this.m_aRWLock.readLock().unlock();
        }
    }
}
