package com.adobe.granite.socketio.impl.engine;

import com.adobe.granite.crypto.CryptoException;
import com.adobe.granite.oauth.jwt.JwsBuilderFactory;
import com.adobe.granite.oauth.jwt.JwsValidator;
import java.io.IOException;
import java.security.Principal;
import java.util.Iterator;
import java.util.UUID;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import java.util.concurrent.Executors;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.ScheduledFuture;
import java.util.concurrent.TimeUnit;
import javax.annotation.Nonnull;
import javax.servlet.http.HttpServletRequest;
import org.apache.oltu.oauth2.jwt.JWT;
import org.apache.oltu.oauth2.jwt.io.JWTReader;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Deactivate;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ReferencePolicyOption;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Component(service = {EIOService.class}, property = {"service.vendor=Adobe Systems Incorporated"})
/* loaded from: input_file:com/adobe/granite/socketio/impl/engine/EIOServiceImpl.class */
public class EIOServiceImpl implements EIOService {
    private final Logger log = LoggerFactory.getLogger(EIOServiceImpl.class);
    private final ConcurrentMap<EIOListener, Object> listeners = new ConcurrentHashMap();
    private final ScheduledExecutorService scheduler = Executors.newScheduledThreadPool(1);
    private final ConcurrentHashMap<String, EIOSocket> sockets = new ConcurrentHashMap<>();
    private long pingTimeout = 60000;
    private long pingInterval = 25000;
    private static long DEFAULT_TOKEN_EXPIRATION_TIME = 5000;

    @Reference(policyOption = ReferencePolicyOption.GREEDY)
    private JwsBuilderFactory jwsBuilderFactory;

    @Reference(policyOption = ReferencePolicyOption.GREEDY)
    private JwsValidator jwsValidator;

    @Deactivate
    private void deactivate() {
        Iterator<EIOSocket> it = this.sockets.values().iterator();
        while (it.hasNext()) {
            it.next().close();
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ScheduledFuture<?> schedulePingTimeout(Runnable runnable) {
        return this.scheduler.schedule(runnable, this.pingTimeout + this.pingInterval, TimeUnit.MILLISECONDS);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void onConnect(EIOSocket eIOSocket) {
        Iterator<EIOListener> it = this.listeners.keySet().iterator();
        while (it.hasNext()) {
            it.next().onConnect(eIOSocket);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void onDisconnect(EIOSocket eIOSocket) {
        Iterator<EIOListener> it = this.listeners.keySet().iterator();
        while (it.hasNext()) {
            it.next().onDisconnect(eIOSocket);
        }
        this.sockets.remove(eIOSocket.getId());
        this.log.debug("socket {} removed. size = {}", eIOSocket.getId(), Integer.valueOf(this.sockets.size()));
    }

    @Override // com.adobe.granite.socketio.impl.engine.EIOService
    public EIOSocket getSocket(String str) {
        return this.sockets.get(str);
    }

    @Override // com.adobe.granite.socketio.impl.engine.EIOService
    public EIOSocket createSocket(String str, String str2, Principal principal) {
        if (!isTransportSupported(str2)) {
            throw new IllegalArgumentException("Unsupported transport: " + str2);
        }
        if (str == null) {
            str = UUID.randomUUID().toString();
        }
        if (this.sockets.containsKey(str)) {
            throw new IllegalArgumentException("Socket already exists: " + str);
        }
        EIOSocket eIOSocket = new EIOSocket(str, this, new EIOWebSocketTransport(str), principal);
        this.sockets.put(str, eIOSocket);
        this.log.debug("socket {} created. size = {}", str, Integer.valueOf(this.sockets.size()));
        return eIOSocket;
    }

    @Override // com.adobe.granite.socketio.impl.engine.EIOService
    public boolean isTransportSupported(String str) {
        return EIOWebSocketTransport.NAME.equals(str);
    }

    @Override // com.adobe.granite.socketio.impl.engine.EIOService
    public long getPingTimeout() {
        return this.pingTimeout;
    }

    @Override // com.adobe.granite.socketio.impl.engine.EIOService
    public long getPingInterval() {
        return this.pingInterval;
    }

    @Override // com.adobe.granite.socketio.impl.engine.EIOService
    public void register(EIOListener eIOListener) {
        this.listeners.put(eIOListener, eIOListener);
    }

    @Override // com.adobe.granite.socketio.impl.engine.EIOService
    public void unregister(EIOListener eIOListener) {
        this.listeners.remove(eIOListener);
    }

    @Override // com.adobe.granite.socketio.impl.engine.EIOService
    public String createSessionToken(@Nonnull HttpServletRequest httpServletRequest) throws IOException {
        try {
            String build = this.jwsBuilderFactory.getInstance("HS256").setIssuer(httpServletRequest.getUserPrincipal() == null ? null : httpServletRequest.getUserPrincipal().getName()).setExpiresIn(DEFAULT_TOKEN_EXPIRATION_TIME).setCustomClaimsSetField("jti", UUID.randomUUID().toString()).build();
            this.log.debug("Created new JWT token: {}", build);
            return build;
        } catch (CryptoException e) {
            this.log.error("Error while creating JWT token", e);
            throw new IOException((Throwable) e);
        }
    }

    @Override // com.adobe.granite.socketio.impl.engine.EIOService
    public String validateToken(String str, HttpServletRequest httpServletRequest) {
        if (!this.jwsValidator.validate(str)) {
            this.log.info("provided token not valid: {}", str);
            return null;
        }
        JWT jwt = (JWT) new JWTReader().read(str);
        this.log.debug("received valid token: {}", jwt);
        if (jwt.getClaimsSet().getExpirationTime() > System.currentTimeMillis()) {
            this.log.info("provided token expired: {}", str);
            return null;
        }
        String name = httpServletRequest.getUserPrincipal() == null ? "" : httpServletRequest.getUserPrincipal().getName();
        String issuer = jwt.getClaimsSet().getIssuer();
        if (issuer == null) {
            issuer = "";
        }
        if (!name.equals(issuer)) {
            this.log.info("provided token user mismatch: {} != {}", name, issuer);
            return null;
        }
        String jwdId = jwt.getClaimsSet().getJwdId();
        if (jwdId == null) {
            this.log.info("provided token has no session id: {}", str);
            return null;
        }
        if (!this.sockets.containsKey(jwdId)) {
            return jwdId;
        }
        this.log.warn("provided session id ({}) in jwt token already in use: {}", jwdId, str);
        return null;
    }
}
