package org.apache.rahas;

import java.io.Serializable;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.concurrent.locks.Lock;
import java.util.concurrent.locks.ReadWriteLock;
import java.util.concurrent.locks.ReentrantReadWriteLock;
import javax.xml.namespace.QName;
import org.apache.axiom.om.OMElement;
import org.apache.axis2.context.MessageContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.rahas.impl.AbstractIssuerConfig;
import org.apache.rahas.impl.SAMLTokenIssuerConfig;
import org.apache.ws.security.message.token.Reference;

/* loaded from: input_file:plugins/rampart-trust-1.7.0.wso2v3.jar:org/apache/rahas/SimpleTokenStore.class */
public class SimpleTokenStore implements TokenStorage, Serializable {
    private static final Log log = LogFactory.getLog(SimpleTokenStore.class);
    private static final int DEFAULT_IN_MEMORY_THRESHOLD = 500;
    protected Map tokens = new Hashtable();
    protected volatile transient Boolean tokenStoreDisabled = null;
    protected transient TokenPersister tokenPersister = null;
    protected transient Integer maxInMemoryTokens = null;
    protected List<String> persistedTokenIDList = new ArrayList();
    protected final ReadWriteLock readWriteLock = new ReentrantReadWriteLock();
    protected final Lock readLock = this.readWriteLock.readLock();
    protected final Lock writeLock = this.readWriteLock.writeLock();

    @Override // org.apache.rahas.TokenStorage
    public void add(Token token) throws TrustException {
        if (this.tokenPersister == null) {
            getTokenPersister();
        }
        if (this.tokenPersister == null) {
            if (token == null || "".equals(token.getId()) || token.getId() == null) {
                return;
            }
            this.writeLock.lock();
            try {
                if (this.tokens.keySet().size() != 0 && (this.tokens.keySet().size() <= 0 || this.tokens.keySet().contains(token.getId()))) {
                    throw new TrustException("tokenAlreadyExists", new String[]{token.getId()});
                }
                this.tokens.put(token.getId(), token);
                return;
            } finally {
            }
        }
        getThreshold();
        if (token == null || "".equals(token.getId()) || token.getId() == null) {
            return;
        }
        if (this.tokens.keySet().size() == 0 && this.persistedTokenIDList.size() == 0) {
            populatePersistedTokenIDs();
        }
        this.writeLock.lock();
        try {
            if (this.tokens.keySet().size() == 0 || (this.tokens.keySet().size() > 0 && this.tokens.keySet().size() < this.maxInMemoryTokens.intValue() && !isTokenExist(token.getId()))) {
                this.tokens.put(token.getId(), token);
            } else {
                if ((this.tokens.keySet().size() != this.maxInMemoryTokens.intValue() && this.tokens.keySet().size() <= this.maxInMemoryTokens.intValue()) || isTokenExist(token.getId())) {
                    throw new TrustException("tokenAlreadyExists", new String[]{token.getId()});
                }
                this.tokenPersister.notifyPersistence();
                this.tokens.put(token.getId(), token);
            }
        } finally {
        }
    }

    @Override // org.apache.rahas.TokenStorage
    public void update(Token token) throws TrustException {
        if (this.tokenPersister == null) {
            getTokenPersister();
        }
        if (this.tokenPersister == null) {
            if (token == null || token.getId() == null || token.getId().trim().length() == 0) {
                return;
            }
            this.writeLock.lock();
            try {
                if (!this.tokens.keySet().contains(token.getId())) {
                    throw new TrustException("noTokenToUpdate", new String[]{token.getId()});
                }
                this.tokens.put(token.getId(), token);
                return;
            } finally {
            }
        }
        if (this.tokens.keySet().size() == 0 && this.persistedTokenIDList.size() == 0) {
            populatePersistedTokenIDs();
        }
        if (token == null || token.getId() == null || token.getId().trim().length() == 0) {
            return;
        }
        this.writeLock.lock();
        try {
            if (this.tokens.containsKey(token.getId())) {
                this.tokens.put(token.getId(), token);
            } else {
                if (!this.persistedTokenIDList.contains(token.getId())) {
                    throw new TrustException("noTokenToUpdate", new String[]{token.getId()});
                }
                if (this.tokenPersister.isTokenExist(token.getId())) {
                    this.tokenPersister.updateToken(token);
                }
            }
        } finally {
        }
    }

    @Override // org.apache.rahas.TokenStorage
    public String[] getTokenIdentifiers() throws TrustException {
        ArrayList arrayList = new ArrayList();
        if (this.tokenPersister == null) {
            getTokenPersister();
        }
        if (this.tokenPersister == null) {
            this.readLock.lock();
            try {
                Iterator it = this.tokens.keySet().iterator();
                while (it.hasNext()) {
                    arrayList.add(it.next());
                }
                return (String[]) arrayList.toArray(new String[arrayList.size()]);
            } finally {
            }
        }
        if (this.tokens.keySet().size() == 0 && this.persistedTokenIDList.size() == 0) {
            populatePersistedTokenIDs();
        }
        this.readLock.lock();
        try {
            Iterator it2 = this.tokens.keySet().iterator();
            while (it2.hasNext()) {
                arrayList.add(it2.next());
            }
            if (this.persistedTokenIDList.size() == 0) {
                return (String[]) arrayList.toArray(new String[arrayList.size()]);
            }
            Iterator<String> it3 = this.persistedTokenIDList.iterator();
            while (it3.hasNext()) {
                arrayList.add(it3.next());
            }
            return (String[]) arrayList.toArray(new String[arrayList.size()]);
        } finally {
        }
    }

    @Override // org.apache.rahas.TokenStorage
    public Token[] getValidTokens() throws TrustException {
        return getTokens(new int[]{1, 4});
    }

    @Override // org.apache.rahas.TokenStorage
    public Token[] getRenewedTokens() throws TrustException {
        return getTokens(4);
    }

    @Override // org.apache.rahas.TokenStorage
    public Token[] getCancelledTokens() throws TrustException {
        return getTokens(3);
    }

    @Override // org.apache.rahas.TokenStorage
    public Token[] getExpiredTokens() throws TrustException {
        return getTokens(2);
    }

    private Token[] getTokens(int[] iArr) throws TrustException {
        processTokenExpiry();
        ArrayList arrayList = new ArrayList();
        this.readLock.lock();
        try {
            for (Token token : this.tokens.values()) {
                int i = 0;
                while (true) {
                    if (i >= iArr.length) {
                        break;
                    }
                    if (token.getState() == iArr[i]) {
                        arrayList.add(token);
                        break;
                    }
                    i++;
                }
            }
            return (Token[]) arrayList.toArray(new Token[arrayList.size()]);
        } finally {
            this.readLock.unlock();
        }
    }

    private Token[] getTokens(int i) throws TrustException {
        processTokenExpiry();
        ArrayList arrayList = new ArrayList();
        this.readLock.lock();
        try {
            for (Token token : this.tokens.values()) {
                if (token.getState() == i) {
                    arrayList.add(token);
                }
            }
            return (Token[]) arrayList.toArray(new Token[arrayList.size()]);
        } finally {
            this.readLock.unlock();
        }
    }

    @Override // org.apache.rahas.TokenStorage
    public Token getToken(String str) throws TrustException {
        Token tokenFromMemory;
        if (this.tokenPersister == null) {
            getTokenPersister();
        }
        if (this.tokenPersister == null) {
            tokenFromMemory = getTokenFromMemory(str);
        } else {
            if (this.tokens.keySet().size() == 0 && this.persistedTokenIDList.size() == 0) {
                populatePersistedTokenIDs();
            }
            tokenFromMemory = getTokenFromMemory(str);
            if (tokenFromMemory == null) {
                this.readLock.lock();
                try {
                    if (!this.persistedTokenIDList.contains(str)) {
                        Iterator<String> it = this.persistedTokenIDList.iterator();
                        while (true) {
                            if (!it.hasNext()) {
                                break;
                            }
                            String next = it.next();
                            Token retrieveToken = this.tokenPersister.retrieveToken(next);
                            OMElement attachedReference = retrieveToken.getAttachedReference();
                            if (attachedReference != null && next.equals(getIdFromSTR(attachedReference))) {
                                tokenFromMemory = retrieveToken;
                                break;
                            }
                            OMElement unattachedReference = retrieveToken.getUnattachedReference();
                            if (unattachedReference != null && next.equals(getIdFromSTR(unattachedReference))) {
                                tokenFromMemory = retrieveToken;
                                break;
                            }
                        }
                    } else if (this.tokenPersister.isTokenExist(str)) {
                        tokenFromMemory = this.tokenPersister.retrieveToken(str);
                        setIfTokenExpired(tokenFromMemory);
                    }
                } finally {
                    this.readLock.unlock();
                }
            }
        }
        return tokenFromMemory;
    }

    private Token getTokenFromMemory(String str) throws TrustException {
        processTokenExpiry();
        this.readLock.lock();
        try {
            Token token = (Token) this.tokens.get(str);
            if (token == null) {
                Iterator it = this.tokens.values().iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    Token token2 = (Token) it.next();
                    OMElement attachedReference = token2.getAttachedReference();
                    if (attachedReference != null && str.equals(getIdFromSTR(attachedReference))) {
                        token = token2;
                        break;
                    }
                    OMElement unattachedReference = token2.getUnattachedReference();
                    if (unattachedReference != null && str.equals(getIdFromSTR(unattachedReference))) {
                        token = token2;
                        break;
                    }
                }
            }
            return token;
        } finally {
            this.readLock.unlock();
        }
    }

    @Override // org.apache.rahas.TokenStorage
    public void removeToken(String str) throws TrustException {
        if (this.tokenPersister == null) {
            getTokenPersister();
        }
        if (this.tokenPersister == null) {
            this.writeLock.lock();
            try {
                this.tokens.remove(str);
                return;
            } finally {
            }
        }
        if (this.tokens.keySet().size() == 0 && this.persistedTokenIDList.size() == 0) {
            populatePersistedTokenIDs();
        }
        this.writeLock.lock();
        try {
            if (this.tokens.containsKey(str)) {
                this.tokens.remove(str);
            } else {
                if (!this.persistedTokenIDList.contains(str)) {
                    log.error("Token to be removed doesn't exist.");
                    throw new TrustException("Token to be removed doesn't exist.");
                }
                if (this.tokenPersister.isTokenExist(str)) {
                    this.tokenPersister.deleteToken(str);
                    this.persistedTokenIDList.remove(str);
                }
            }
        } finally {
        }
    }

    @Override // org.apache.rahas.TokenStorage
    public List<Token> getStorageTokens() throws TrustException {
        ArrayList arrayList = new ArrayList();
        this.readLock.lock();
        try {
            Iterator it = this.tokens.values().iterator();
            while (it.hasNext()) {
                arrayList.add((Token) it.next());
            }
            return arrayList;
        } finally {
            this.readLock.unlock();
        }
    }

    @Override // org.apache.rahas.TokenStorage
    public void handlePersistence(List<?> list) throws TrustException {
        if (this.tokenPersister == null) {
            getTokenPersister();
        }
        for (Object obj : list) {
            String str = null;
            this.writeLock.lock();
            try {
                try {
                    str = (String) obj;
                    if (((Token) this.tokens.get(str)).isPersistenceEnabled()) {
                        this.tokenPersister.persistToken((Token) this.tokens.get(str));
                    }
                    this.tokens.remove(str);
                    this.persistedTokenIDList.add(str);
                    this.writeLock.unlock();
                } catch (TrustException e) {
                    String str2 = "Error in persisting token: " + str;
                    log.error(str2, e);
                    throw new TrustException(str2, e);
                }
            } catch (Throwable th) {
                this.writeLock.unlock();
                throw th;
            }
        }
    }

    @Override // org.apache.rahas.TokenStorage
    public void handlePersistenceOnShutdown() throws TrustException {
        if (this.tokenPersister == null) {
            getTokenPersister();
        }
        if (this.tokenPersister != null) {
            this.readLock.lock();
            try {
                try {
                    for (Object obj : this.tokens.values()) {
                        if (((Token) obj).isPersistenceEnabled()) {
                            this.tokenPersister.persistToken((Token) obj);
                        }
                    }
                } catch (TrustException e) {
                    log.error("Error in persisting tokens on module shut down..", e);
                    throw new TrustException("Error in persisting tokens on module shut down..", e);
                }
            } finally {
                this.readLock.unlock();
            }
        }
    }

    protected void processTokenExpiry() throws TrustException {
        this.readLock.lock();
        try {
            Iterator it = this.tokens.values().iterator();
            while (it.hasNext()) {
                setIfTokenExpired((Token) it.next());
            }
        } finally {
            this.readLock.unlock();
        }
    }

    public static synchronized String getIdFromSTR(OMElement oMElement) {
        OMElement firstElement = oMElement.getFirstElement();
        if (firstElement == null) {
            return null;
        }
        if (firstElement.getQName().equals(new QName("http://www.w3.org/2000/09/xmldsig#", "KeyInfo"))) {
            return firstElement.getText();
        }
        if (!firstElement.getQName().equals(Reference.TOKEN)) {
            return null;
        }
        String attributeValue = firstElement.getAttributeValue(new QName("URI"));
        if (attributeValue.charAt(0) == '#') {
            attributeValue = attributeValue.substring(1);
        }
        return attributeValue;
    }

    private void getTokenPersister() {
        if (MessageContext.getCurrentMessageContext() == null || this.tokenPersister != null) {
            return;
        }
        synchronized (this) {
            if (this.tokenPersister == null) {
                this.tokenPersister = (TokenPersister) MessageContext.getCurrentMessageContext().getConfigurationContext().getProperty(TokenPersister.TOKEN_PERSISTER_KEY);
            }
        }
    }

    private void getThreshold() throws TrustException {
        try {
            if (this.maxInMemoryTokens == null) {
                synchronized (this) {
                    if (this.maxInMemoryTokens == null && MessageContext.getCurrentMessageContext() != null) {
                        this.maxInMemoryTokens = Integer.valueOf(Integer.parseInt(((SAMLTokenIssuerConfig) MessageContext.getCurrentMessageContext().getProperty(STSConstants.KEY_ISSUER_CONFIG)).getPersisterPropertyMap().get(AbstractIssuerConfig.LOCAL_PROPERTY_THRESHOLD).toString()));
                    }
                }
            }
            if (this.maxInMemoryTokens == null) {
                this.maxInMemoryTokens = Integer.valueOf(DEFAULT_IN_MEMORY_THRESHOLD);
            }
        } catch (NumberFormatException e) {
            log.error("errorReadingStorageThreshold", e);
            throw new TrustException("errorReadingStorageThreshold", e);
        }
    }

    private boolean isTokenExist(String str) {
        return this.tokens.keySet().contains(str) || this.persistedTokenIDList.contains(str);
    }

    private void populatePersistedTokenIDs() {
        String[] retrieveTokenIDs;
        if (this.persistedTokenIDList.size() == 0) {
            synchronized (this) {
                if (this.persistedTokenIDList.size() == 0 && this.tokenPersister.isTokensExist() && (retrieveTokenIDs = this.tokenPersister.retrieveTokenIDs()) != null) {
                    this.writeLock.lock();
                    try {
                        this.persistedTokenIDList.addAll(Arrays.asList(retrieveTokenIDs));
                        this.writeLock.unlock();
                    } catch (Throwable th) {
                        this.writeLock.unlock();
                        throw th;
                    }
                }
            }
        }
    }

    private void setIfTokenExpired(Token token) {
        if (token.getExpires() == null || token.getExpires().getTime() >= System.currentTimeMillis()) {
            return;
        }
        token.setState(2);
    }
}
