package org.apache.shiro.mgt;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.RememberMeAuthenticationToken;
import org.apache.shiro.crypto.AesCipherService;
import org.apache.shiro.crypto.CipherService;
import org.apache.shiro.io.DefaultSerializer;
import org.apache.shiro.io.Serializer;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.subject.SubjectContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/shiro/mgt/AbstractRememberMeManager.class */
public abstract class AbstractRememberMeManager implements RememberMeManager {
    private static final Logger log = LoggerFactory.getLogger(AbstractRememberMeManager.class);
    private Serializer<PrincipalCollection> serializer = new DefaultSerializer();
    private CipherService cipherService;
    private byte[] encryptionCipherKey;
    private byte[] decryptionCipherKey;

    public AbstractRememberMeManager() {
        AesCipherService aesCipherService = new AesCipherService();
        this.cipherService = aesCipherService;
        setCipherKey(aesCipherService.generateNewKey().getEncoded());
    }

    public Serializer<PrincipalCollection> getSerializer() {
        return this.serializer;
    }

    public void setSerializer(Serializer<PrincipalCollection> serializer) {
        this.serializer = serializer;
    }

    public CipherService getCipherService() {
        return this.cipherService;
    }

    public void setCipherService(CipherService cipherService) {
        this.cipherService = cipherService;
    }

    public byte[] getEncryptionCipherKey() {
        return this.encryptionCipherKey;
    }

    public void setEncryptionCipherKey(byte[] bArr) {
        this.encryptionCipherKey = bArr;
    }

    public byte[] getDecryptionCipherKey() {
        return this.decryptionCipherKey;
    }

    public void setDecryptionCipherKey(byte[] bArr) {
        this.decryptionCipherKey = bArr;
    }

    public byte[] getCipherKey() {
        return getEncryptionCipherKey();
    }

    public void setCipherKey(byte[] bArr) {
        setEncryptionCipherKey(bArr);
        setDecryptionCipherKey(bArr);
    }

    protected abstract void forgetIdentity(Subject subject);

    protected boolean isRememberMe(AuthenticationToken authenticationToken) {
        return authenticationToken != null && (authenticationToken instanceof RememberMeAuthenticationToken) && ((RememberMeAuthenticationToken) authenticationToken).isRememberMe();
    }

    @Override // org.apache.shiro.mgt.RememberMeManager
    public void onSuccessfulLogin(Subject subject, AuthenticationToken authenticationToken, AuthenticationInfo authenticationInfo) {
        forgetIdentity(subject);
        if (isRememberMe(authenticationToken)) {
            rememberIdentity(subject, authenticationToken, authenticationInfo);
        } else if (log.isDebugEnabled()) {
            log.debug("AuthenticationToken did not indicate RememberMe is requested.  RememberMe functionality will not be executed for corresponding account.");
        }
    }

    public void rememberIdentity(Subject subject, AuthenticationToken authenticationToken, AuthenticationInfo authenticationInfo) {
        rememberIdentity(subject, getIdentityToRemember(subject, authenticationInfo));
    }

    protected PrincipalCollection getIdentityToRemember(Subject subject, AuthenticationInfo authenticationInfo) {
        return authenticationInfo.getPrincipals();
    }

    protected void rememberIdentity(Subject subject, PrincipalCollection principalCollection) {
        rememberSerializedIdentity(subject, convertPrincipalsToBytes(principalCollection));
    }

    protected byte[] convertPrincipalsToBytes(PrincipalCollection principalCollection) {
        byte[] serialize = serialize(principalCollection);
        if (getCipherService() != null) {
            serialize = encrypt(serialize);
        }
        return serialize;
    }

    protected abstract void rememberSerializedIdentity(Subject subject, byte[] bArr);

    @Override // org.apache.shiro.mgt.RememberMeManager
    public PrincipalCollection getRememberedPrincipals(SubjectContext subjectContext) {
        PrincipalCollection principalCollection = null;
        try {
            byte[] rememberedSerializedIdentity = getRememberedSerializedIdentity(subjectContext);
            if (rememberedSerializedIdentity != null && rememberedSerializedIdentity.length > 0) {
                principalCollection = convertBytesToPrincipals(rememberedSerializedIdentity, subjectContext);
            }
        } catch (RuntimeException e) {
            principalCollection = onRememberedPrincipalFailure(e, subjectContext);
        }
        return principalCollection;
    }

    protected abstract byte[] getRememberedSerializedIdentity(SubjectContext subjectContext);

    protected PrincipalCollection convertBytesToPrincipals(byte[] bArr, SubjectContext subjectContext) {
        if (getCipherService() != null) {
            bArr = decrypt(bArr);
        }
        return deserialize(bArr);
    }

    protected PrincipalCollection onRememberedPrincipalFailure(RuntimeException runtimeException, SubjectContext subjectContext) {
        if (log.isDebugEnabled()) {
            log.debug("There was a failure while trying to retrieve remembered principals.  This could be due to a configuration problem or corrupted principals.  This could also be due to a recently changed encryption key.  The remembered identity will be forgotten and not used for this request.", (Throwable) runtimeException);
        }
        forgetIdentity(subjectContext);
        throw runtimeException;
    }

    protected byte[] encrypt(byte[] bArr) {
        byte[] bArr2 = bArr;
        CipherService cipherService = getCipherService();
        if (cipherService != null) {
            bArr2 = cipherService.encrypt(bArr, getEncryptionCipherKey()).getBytes();
        }
        return bArr2;
    }

    protected byte[] decrypt(byte[] bArr) {
        byte[] bArr2 = bArr;
        CipherService cipherService = getCipherService();
        if (cipherService != null) {
            bArr2 = cipherService.decrypt(bArr, getDecryptionCipherKey()).getBytes();
        }
        return bArr2;
    }

    protected byte[] serialize(PrincipalCollection principalCollection) {
        return getSerializer().serialize(principalCollection);
    }

    protected PrincipalCollection deserialize(byte[] bArr) {
        return getSerializer().deserialize(bArr);
    }

    @Override // org.apache.shiro.mgt.RememberMeManager
    public void onFailedLogin(Subject subject, AuthenticationToken authenticationToken, AuthenticationException authenticationException) {
        forgetIdentity(subject);
    }

    @Override // org.apache.shiro.mgt.RememberMeManager
    public void onLogout(Subject subject) {
        forgetIdentity(subject);
    }
}
