package org.zowe.apiml.gateway.security.service.schema;

import com.netflix.appinfo.InstanceInfo;
import com.netflix.zuul.context.RequestContext;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import java.util.Optional;
import lombok.Generated;
import org.apache.commons.configuration.tree.DefaultExpressionEngine;
import org.apache.http.Header;
import org.apache.http.HttpRequest;
import org.apache.http.message.BasicHeader;
import org.springframework.security.web.server.ServerHttpBasicAuthenticationConverter;
import org.springframework.stereotype.Component;
import org.zowe.apiml.auth.Authentication;
import org.zowe.apiml.auth.AuthenticationScheme;
import org.zowe.apiml.gateway.security.service.PassTicketException;
import org.zowe.apiml.gateway.security.service.schema.source.AuthSource;
import org.zowe.apiml.gateway.security.service.schema.source.AuthSourceService;
import org.zowe.apiml.passticket.IRRPassTicketGenerationException;
import org.zowe.apiml.passticket.PassTicketService;
import org.zowe.apiml.security.common.config.AuthConfigurationProperties;
import org.zowe.apiml.util.CookieUtil;

@Component
/* loaded from: input_file:BOOT-INF/classes/org/zowe/apiml/gateway/security/service/schema/HttpBasicPassTicketScheme.class */
public class HttpBasicPassTicketScheme implements AbstractAuthenticationScheme {
    private final PassTicketService passTicketService;
    private final AuthSourceService authSourceService;
    private final AuthConfigurationProperties authConfigurationProperties;
    private final String cookieName;

    /* loaded from: input_file:BOOT-INF/classes/org/zowe/apiml/gateway/security/service/schema/HttpBasicPassTicketScheme$PassTicketCommand.class */
    public static final class PassTicketCommand extends AuthenticationCommand {
        private static final long serialVersionUID = 3941300386857998443L;
        private static final String COOKIE_HEADER = "cookie";
        private final String authorizationValue;
        private final String cookieName;
        private final long expireAt;

        @Override // org.zowe.apiml.gateway.security.service.schema.AuthenticationCommand
        public void apply(InstanceInfo instanceInfo) {
            RequestContext currentContext = RequestContext.getCurrentContext();
            currentContext.addZuulRequestHeader("Authorization", this.authorizationValue);
            currentContext.addZuulRequestHeader("cookie", CookieUtil.removeCookie(currentContext.getZuulRequestHeaders().get("cookie"), this.cookieName));
        }

        @Override // org.zowe.apiml.gateway.security.service.schema.AuthenticationCommand
        public void applyToRequest(HttpRequest httpRequest) {
            httpRequest.setHeader(new BasicHeader("Authorization", this.authorizationValue));
            Header firstHeader = httpRequest.getFirstHeader("cookie");
            if (firstHeader != null) {
                httpRequest.setHeader("cookie", CookieUtil.removeCookie(firstHeader.getValue(), this.cookieName));
            }
        }

        @Override // org.zowe.apiml.gateway.security.service.schema.AuthenticationCommand, org.zowe.apiml.cache.EntryExpiration
        public boolean isExpired() {
            return System.currentTimeMillis() > this.expireAt;
        }

        @Override // org.zowe.apiml.gateway.security.service.schema.AuthenticationCommand
        public boolean isRequiredValidSource() {
            return true;
        }

        @Generated
        public PassTicketCommand(String str, String str2, long j) {
            this.authorizationValue = str;
            this.cookieName = str2;
            this.expireAt = j;
        }

        @Generated
        public String getAuthorizationValue() {
            return this.authorizationValue;
        }

        @Generated
        public String getCookieName() {
            return this.cookieName;
        }

        @Generated
        public long getExpireAt() {
            return this.expireAt;
        }

        @Generated
        public String toString() {
            return "HttpBasicPassTicketScheme.PassTicketCommand(authorizationValue=" + getAuthorizationValue() + ", cookieName=" + getCookieName() + ", expireAt=" + getExpireAt() + DefaultExpressionEngine.DEFAULT_INDEX_END;
        }

        @Generated
        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof PassTicketCommand)) {
                return false;
            }
            PassTicketCommand passTicketCommand = (PassTicketCommand) obj;
            if (!passTicketCommand.canEqual(this) || getExpireAt() != passTicketCommand.getExpireAt()) {
                return false;
            }
            String authorizationValue = getAuthorizationValue();
            String authorizationValue2 = passTicketCommand.getAuthorizationValue();
            if (authorizationValue == null) {
                if (authorizationValue2 != null) {
                    return false;
                }
            } else if (!authorizationValue.equals(authorizationValue2)) {
                return false;
            }
            String cookieName = getCookieName();
            String cookieName2 = passTicketCommand.getCookieName();
            return cookieName == null ? cookieName2 == null : cookieName.equals(cookieName2);
        }

        @Generated
        protected boolean canEqual(Object obj) {
            return obj instanceof PassTicketCommand;
        }

        @Generated
        public int hashCode() {
            long expireAt = getExpireAt();
            int i = (1 * 59) + ((int) ((expireAt >>> 32) ^ expireAt));
            String authorizationValue = getAuthorizationValue();
            int hashCode = (i * 59) + (authorizationValue == null ? 43 : authorizationValue.hashCode());
            String cookieName = getCookieName();
            return (hashCode * 59) + (cookieName == null ? 43 : cookieName.hashCode());
        }
    }

    public HttpBasicPassTicketScheme(PassTicketService passTicketService, AuthSourceService authSourceService, AuthConfigurationProperties authConfigurationProperties) {
        this.passTicketService = passTicketService;
        this.authSourceService = authSourceService;
        this.authConfigurationProperties = authConfigurationProperties;
        this.cookieName = authConfigurationProperties.getCookieProperties().getCookieName();
    }

    @Override // org.zowe.apiml.gateway.security.service.schema.AbstractAuthenticationScheme
    public AuthenticationScheme getScheme() {
        return AuthenticationScheme.HTTP_BASIC_PASSTICKET;
    }

    @Override // org.zowe.apiml.gateway.security.service.schema.AbstractAuthenticationScheme
    public AuthenticationCommand createCommand(Authentication authentication, AuthSource authSource) {
        long currentTimeMillis = System.currentTimeMillis();
        AuthSource.Parsed parse = this.authSourceService.parse(authSource);
        if (authSource == null || parse == null) {
            return AuthenticationCommand.EMPTY;
        }
        String applid = authentication.getApplid();
        String userId = parse.getUserId();
        try {
            return new PassTicketCommand(ServerHttpBasicAuthenticationConverter.BASIC + Base64.getEncoder().encodeToString((userId + ":" + this.passTicketService.generate(userId, applid)).getBytes(StandardCharsets.UTF_8)), this.cookieName, Math.min(currentTimeMillis + (this.authConfigurationProperties.getPassTicket().getTimeout().intValue() * 1000), parse.getExpiration().getTime()));
        } catch (IRRPassTicketGenerationException e) {
            throw new PassTicketException(String.format("Could not generate PassTicket for user ID %s and APPLID %s", userId, applid), e);
        }
    }

    @Override // org.zowe.apiml.gateway.security.service.schema.AbstractAuthenticationScheme
    public Optional<AuthSource> getAuthSource() {
        return this.authSourceService.getAuthSourceFromRequest();
    }
}
