package com.techempower.gemini.pyxis;

import com.techempower.cache.EntityStore;
import com.techempower.gemini.Context;
import com.techempower.gemini.GeminiApplicationInterface;
import com.techempower.scheduler.DailyEvent;
import java.security.SecureRandom;
import java.time.LocalDateTime;
import java.time.ZoneId;
import java.util.Base64;
import java.util.Date;
import java.util.Random;

/* loaded from: input_file:com/techempower/gemini/pyxis/JsonWebTokenCreator.class */
public class JsonWebTokenCreator implements TokenCreator {
    private final GeminiApplicationInterface application;
    private final EntityStore store;
    private final Random random = new SecureRandom();

    /* loaded from: input_file:com/techempower/gemini/pyxis/JsonWebTokenCreator$LoginPurgeEvent.class */
    private class LoginPurgeEvent extends DailyEvent {
        public LoginPurgeEvent(String str, String str2, int i, int i2) {
            super(str, str2, i, i2);
        }

        @Override // com.techempower.scheduler.DailyEvent
        protected void doIt() {
            for (Login login : JsonWebTokenCreator.this.store.list(Login.class)) {
                if (LocalDateTime.ofInstant(login.getCreated().toInstant(), ZoneId.systemDefault()).isBefore(LocalDateTime.now().minusDays(JsonWebTokenCreator.this.application.getSecurity().getSettings().getAuthTokenExpiryDays()))) {
                    JsonWebTokenCreator.this.store.remove(login);
                }
            }
        }
    }

    public JsonWebTokenCreator(GeminiApplicationInterface geminiApplicationInterface) {
        this.application = geminiApplicationInterface;
        this.store = geminiApplicationInterface.getStore();
        this.application.getScheduler().scheduleEvent(new LoginPurgeEvent("LoginPurgeEvent", "Daily event for purging expired Logins", 0, 0));
    }

    @Override // com.techempower.gemini.pyxis.TokenCreator
    public JsonWebToken create(Context context, PyxisUser pyxisUser) {
        Login login = new Login();
        byte[] bArr = new byte[32];
        this.random.nextBytes(bArr);
        login.setValidationHash(Base64.getEncoder().encodeToString(bArr));
        login.setCreated(new Date());
        login.setIpAddress(context.getClientId());
        this.store.put(login);
        this.application.getSecurity().addUserLogin(pyxisUser.getId(), login);
        return new JsonWebToken(this.application, pyxisUser, login.getCreated().getTime(), login.getValidationHash());
    }
}
