package org.jasig.cas.ticket.registry;

import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.TimeUnit;
import javax.annotation.PostConstruct;
import javax.annotation.PreDestroy;
import javax.cache.Cache;
import javax.cache.expiry.CreatedExpiryPolicy;
import javax.cache.expiry.Duration;
import javax.net.ssl.TrustManager;
import javax.validation.constraints.NotNull;
import org.apache.commons.lang3.BooleanUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.builder.ToStringBuilder;
import org.apache.ignite.Ignite;
import org.apache.ignite.IgniteCache;
import org.apache.ignite.IgniteState;
import org.apache.ignite.Ignition;
import org.apache.ignite.cache.CachePeekMode;
import org.apache.ignite.cache.query.ScanQuery;
import org.apache.ignite.configuration.CacheConfiguration;
import org.apache.ignite.configuration.IgniteConfiguration;
import org.apache.ignite.lang.IgniteBiPredicate;
import org.apache.ignite.ssl.SslContextFactory;
import org.jasig.cas.ticket.ServiceTicket;
import org.jasig.cas.ticket.Ticket;
import org.jasig.cas.ticket.TicketGrantingTicket;
import org.jasig.cas.ticket.registry.encrypt.AbstractCrypticTicketRegistry;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;

@Component("igniteTicketRegistry")
/* loaded from: input_file:org/jasig/cas/ticket/registry/IgniteTicketRegistry.class */
public final class IgniteTicketRegistry extends AbstractCrypticTicketRegistry {

    @Autowired
    @NotNull
    @Value("${ignite.ticketsCache.name:serviceTicketsCache}")
    private String servicesCacheName;

    @NotNull
    @Value("${ignite.ticketsCache.name:ticketGrantingTicketsCache}")
    private String ticketsCacheName;

    @Value("${ignite.keyStoreType:}")
    private String keyStoreType;

    @Value("${ignite.keyStoreFilePath:}")
    private String keyStoreFilePath;

    @Value("${ignite.keyStorePassword:}")
    private String keyStorePassword;

    @Value("${ignite.trustStoreType:}")
    private String trustStoreType;

    @Value("${ignite.protocol:}")
    private String protocol;

    @Value("${ignite.keyAlgorithm:}")
    private String keyAlgorithm;

    @Value("${ignite.trustStoreFilePath:}")
    private String trustStoreFilePath;

    @Value("${ignite.trustStorePassword:}")
    private String trustStorePassword;

    @Autowired
    @NotNull
    @Qualifier("igniteConfiguration")
    private IgniteConfiguration igniteConfiguration;
    private IgniteCache<String, ServiceTicket> serviceTicketsCache;
    private IgniteCache<String, TicketGrantingTicket> ticketGrantingTicketsCache;
    private Ignite ignite;

    @Value("${tgt.maxTimeToLiveInSeconds:28800}")
    private long ticketGrantingTicketTimeoutInSeconds = 28800;

    @Value("${st.timeToKillInSeconds:10}")
    private long serviceTicketTimeoutInSeconds = 10;
    private boolean supportRegistryState = true;

    public void addTicket(Ticket ticket) {
        ServiceTicket encodeTicket = encodeTicket(ticket);
        if (encodeTicket instanceof ServiceTicket) {
            this.logger.debug("Adding service ticket {} to the cache {}", encodeTicket.getId(), this.serviceTicketsCache.getName());
            this.serviceTicketsCache.put(encodeTicket.getId(), encodeTicket);
        } else {
            if (!(encodeTicket instanceof TicketGrantingTicket)) {
                throw new IllegalArgumentException("Invalid ticket type " + encodeTicket);
            }
            this.logger.debug("Adding ticket granting ticket {} to the cache {}", encodeTicket.getId(), this.ticketGrantingTicketsCache.getName());
            this.ticketGrantingTicketsCache.put(encodeTicket.getId(), (TicketGrantingTicket) encodeTicket);
        }
    }

    public boolean deleteSingleTicket(String str) {
        Ticket ticket = getTicket(str);
        if (ticket == null) {
            this.logger.debug("Ticket {} cannot be retrieved from the cache", str);
            return true;
        }
        if (this.ticketGrantingTicketsCache.remove(ticket.getId())) {
            this.logger.debug("Ticket {} is removed", ticket.getId());
        }
        if (!this.serviceTicketsCache.remove(ticket.getId())) {
            return true;
        }
        this.logger.debug("Ticket {} is removed", ticket.getId());
        return true;
    }

    public Ticket getTicket(String str) {
        String encodeTicketId = encodeTicketId(str);
        if (encodeTicketId == null) {
            return null;
        }
        Ticket ticket = (Ticket) this.serviceTicketsCache.get(encodeTicketId);
        if (ticket == null) {
            ticket = (Ticket) this.ticketGrantingTicketsCache.get(encodeTicketId);
        }
        if (ticket != null) {
            return getProxiedTicketInstance(decodeTicket(ticket));
        }
        this.logger.debug("No ticket by id [{}] is found in the registry", encodeTicketId);
        return null;
    }

    public Collection<Ticket> getTickets() {
        IgniteBiPredicate<String, Ticket> igniteBiPredicate = new IgniteBiPredicate<String, Ticket>() { // from class: org.jasig.cas.ticket.registry.IgniteTicketRegistry.1
            public boolean apply(String str, Ticket ticket) {
                return !ticket.isExpired();
            }
        };
        List all = this.ticketGrantingTicketsCache.query(new ScanQuery(igniteBiPredicate)).getAll();
        List all2 = this.serviceTicketsCache.query(new ScanQuery(igniteBiPredicate)).getAll();
        HashSet hashSet = new HashSet(all2.size() + all.size());
        Iterator it = all2.iterator();
        while (it.hasNext()) {
            hashSet.add(getProxiedTicketInstance((Ticket) ((Cache.Entry) it.next()).getValue()));
        }
        Iterator it2 = all.iterator();
        while (it2.hasNext()) {
            hashSet.add(getProxiedTicketInstance((Ticket) ((Cache.Entry) it2.next()).getValue()));
        }
        return decodeTickets(hashSet);
    }

    public void setServiceTicketsCache(IgniteCache<String, ServiceTicket> igniteCache) {
        this.serviceTicketsCache = igniteCache;
    }

    public void setTicketGrantingTicketsCache(IgniteCache<String, TicketGrantingTicket> igniteCache) {
        this.ticketGrantingTicketsCache = igniteCache;
    }

    public void setIgniteConfiguration(IgniteConfiguration igniteConfiguration) {
        this.igniteConfiguration = igniteConfiguration;
    }

    public IgniteConfiguration getIgniteConfiguration() {
        return this.igniteConfiguration;
    }

    public String toString() {
        return new ToStringBuilder(this).append("ticketGrantingTicketsCache", this.ticketGrantingTicketsCache).append("serviceTicketsCache", this.serviceTicketsCache).toString();
    }

    protected void updateTicket(Ticket ticket) {
        addTicket(ticket);
    }

    protected boolean needsCallback() {
        return false;
    }

    public void setSupportRegistryState(boolean z) {
        this.supportRegistryState = z;
    }

    private void configureSecureTransport() {
        if (StringUtils.isNotBlank(this.keyStoreFilePath) && StringUtils.isNotBlank(this.keyStorePassword) && StringUtils.isNotBlank(this.trustStoreFilePath) && StringUtils.isNotBlank(this.trustStorePassword)) {
            SslContextFactory sslContextFactory = new SslContextFactory();
            sslContextFactory.setKeyStoreFilePath(this.keyStoreFilePath);
            sslContextFactory.setKeyStorePassword(this.keyStorePassword.toCharArray());
            if ("NULL".equals(this.trustStoreFilePath) && "NULL".equals(this.trustStorePassword)) {
                sslContextFactory.setTrustManagers(new TrustManager[]{SslContextFactory.getDisabledTrustManager()});
            } else {
                sslContextFactory.setTrustStoreFilePath(this.trustStoreFilePath);
                sslContextFactory.setTrustStorePassword(this.trustStorePassword.toCharArray());
            }
            if (StringUtils.isNotBlank(this.keyAlgorithm)) {
                sslContextFactory.setKeyAlgorithm(this.keyAlgorithm);
            }
            if (StringUtils.isNotBlank(this.protocol)) {
                sslContextFactory.setProtocol(this.protocol);
            }
            if (StringUtils.isNotBlank(this.trustStoreType)) {
                sslContextFactory.setTrustStoreType(this.trustStoreType);
            }
            if (StringUtils.isNotBlank(this.keyStoreType)) {
                sslContextFactory.setKeyStoreType(this.keyStoreType);
            }
            this.igniteConfiguration.setSslContextFactory(sslContextFactory);
        }
    }

    @PostConstruct
    public void init() {
        this.logger.info("Setting up Ignite Ticket Registry...");
        configureSecureTransport();
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("igniteConfiguration.cacheConfiguration={}", this.igniteConfiguration.getCacheConfiguration());
            this.logger.debug("igniteConfiguration.getDiscoverySpi={}", this.igniteConfiguration.getDiscoverySpi());
            this.logger.debug("igniteConfiguration.getSslContextFactory={}", this.igniteConfiguration.getSslContextFactory());
            this.logger.debug("Ticket-granting ticket timeout: [{}s]", Long.valueOf(this.ticketGrantingTicketTimeoutInSeconds));
            this.logger.debug("Service ticket timeout: [{}s]", Long.valueOf(this.serviceTicketTimeoutInSeconds));
        }
        if (Ignition.state() == IgniteState.STOPPED) {
            this.ignite = Ignition.start(this.igniteConfiguration);
        } else if (Ignition.state() == IgniteState.STARTED) {
            this.ignite = Ignition.ignite();
        }
        this.serviceTicketsCache = this.ignite.getOrCreateCache(this.servicesCacheName);
        this.serviceTicketsCache.getConfiguration(CacheConfiguration.class).setExpiryPolicyFactory(CreatedExpiryPolicy.factoryOf(new Duration(TimeUnit.SECONDS, this.serviceTicketTimeoutInSeconds)));
        this.ticketGrantingTicketsCache = this.ignite.getOrCreateCache(this.ticketsCacheName);
        this.ticketGrantingTicketsCache.getConfiguration(CacheConfiguration.class).setExpiryPolicyFactory(CreatedExpiryPolicy.factoryOf(new Duration(TimeUnit.SECONDS, this.ticketGrantingTicketTimeoutInSeconds)));
    }

    public int sessionCount() {
        return BooleanUtils.toInteger(this.supportRegistryState, this.ticketGrantingTicketsCache.size(new CachePeekMode[]{CachePeekMode.ALL}), super.sessionCount());
    }

    public int serviceTicketCount() {
        return BooleanUtils.toInteger(this.supportRegistryState, this.serviceTicketsCache.size(new CachePeekMode[]{CachePeekMode.ALL}), super.serviceTicketCount());
    }

    @PreDestroy
    public void shutdown() {
        Ignition.stopAll(true);
    }

    public String getTicketsCacheName() {
        return this.ticketsCacheName;
    }

    public void setTicketsCacheName(String str) {
        this.ticketsCacheName = str;
    }

    public String getServicesCacheName() {
        return this.servicesCacheName;
    }

    public void setServicesCacheName(String str) {
        this.servicesCacheName = str;
    }
}
