package org.molgenis.security.token;

import java.util.Date;
import java.util.Objects;
import org.apache.commons.lang3.time.DateUtils;
import org.molgenis.auth.Token;
import org.molgenis.auth.TokenFactory;
import org.molgenis.auth.TokenMetaData;
import org.molgenis.auth.User;
import org.molgenis.auth.UserMetaData;
import org.molgenis.data.DataService;
import org.molgenis.security.core.runas.RunAsSystem;
import org.molgenis.security.core.token.TokenService;
import org.molgenis.security.core.token.UnknownTokenException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.transaction.annotation.Transactional;

/* loaded from: input_file:WEB-INF/lib/molgenis-security-3.0.1.jar:org/molgenis/security/token/DataServiceTokenService.class */
public class DataServiceTokenService implements TokenService {
    private final TokenGenerator tokenGenerator;
    private final DataService dataService;
    private final UserDetailsService userDetailsService;
    private final TokenFactory tokenFactory;

    public DataServiceTokenService(TokenGenerator tokenGenerator, DataService dataService, UserDetailsService userDetailsService, TokenFactory tokenFactory) {
        this.tokenGenerator = (TokenGenerator) Objects.requireNonNull(tokenGenerator);
        this.dataService = (DataService) Objects.requireNonNull(dataService);
        this.userDetailsService = (UserDetailsService) Objects.requireNonNull(userDetailsService);
        this.tokenFactory = (TokenFactory) Objects.requireNonNull(tokenFactory);
    }

    @Override // org.molgenis.security.core.token.TokenService
    @RunAsSystem
    @Transactional(readOnly = true)
    public UserDetails findUserByToken(String str) throws UnknownTokenException {
        return this.userDetailsService.loadUserByUsername(getMolgenisToken(str).getUser().getUsername());
    }

    @Override // org.molgenis.security.core.token.TokenService
    @RunAsSystem
    @Transactional
    public String generateAndStoreToken(String str, String str2) {
        User user = (User) this.dataService.query(UserMetaData.USER, User.class).eq("username", str).findOne();
        if (user == null) {
            throw new IllegalArgumentException(String.format("Unknown username [%s]", str));
        }
        String generateToken = this.tokenGenerator.generateToken();
        Token create = this.tokenFactory.create();
        create.setUser(user);
        create.setToken(generateToken);
        create.setDescription(str2);
        create.setExpirationDate(DateUtils.addHours(new Date(), 2));
        this.dataService.add(TokenMetaData.TOKEN, create);
        return generateToken;
    }

    @Override // org.molgenis.security.core.token.TokenService
    @RunAsSystem
    @Transactional
    public void removeToken(String str) throws UnknownTokenException {
        this.dataService.delete(TokenMetaData.TOKEN, getMolgenisToken(str));
    }

    private Token getMolgenisToken(String str) throws UnknownTokenException {
        Token token = (Token) this.dataService.query(TokenMetaData.TOKEN, Token.class).eq(TokenMetaData.TOKEN_ATTR, str).findOne();
        if (token == null || (token.getExpirationDate() != null && new Date().after(token.getExpirationDate()))) {
            throw new UnknownTokenException("Invalid token");
        }
        return token;
    }
}
