package org.appfuse.service.impl;

import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Date;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang.time.DateUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.appfuse.model.User;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Component;

@Component("passwordTokenManager")
/* loaded from: input_file:org/appfuse/service/impl/PasswordTokenManagerImpl.class */
public class PasswordTokenManagerImpl implements PasswordTokenManager {
    private final Log log = LogFactory.getLog(PasswordTokenManagerImpl.class);
    private final SimpleDateFormat expirationTimeFormat = new SimpleDateFormat("yyyyMMddHHmm");
    private final int expirationTimeTokenLength = this.expirationTimeFormat.toPattern().length();

    @Autowired
    @Qualifier("passwordTokenEncoder")
    private PasswordEncoder passwordTokenEncoder;

    @Override // org.appfuse.service.impl.PasswordTokenManager
    public String generateRecoveryToken(User user) {
        if (user == null) {
            return null;
        }
        String tokenSource = getTokenSource(user);
        String format = this.expirationTimeFormat.format(getExpirationTime());
        return format + this.passwordTokenEncoder.encode(format + tokenSource);
    }

    @Override // org.appfuse.service.impl.PasswordTokenManager
    public boolean isRecoveryTokenValid(User user, String str) {
        if (user == null || str == null) {
            return false;
        }
        String timestamp = getTimestamp(str);
        String tokenWithoutTimestamp = getTokenWithoutTimestamp(str);
        String str2 = timestamp + getTokenSource(user);
        Date parseTimestamp = parseTimestamp(timestamp);
        return parseTimestamp != null && parseTimestamp.after(new Date()) && this.passwordTokenEncoder.matches(str2, tokenWithoutTimestamp);
    }

    @Override // org.appfuse.service.impl.PasswordTokenManager
    public void invalidateRecoveryToken(User user, String str) {
    }

    private Date getExpirationTime() {
        return DateUtils.addDays(new Date(), 1);
    }

    private String getTimestamp(String str) {
        return StringUtils.substring(str, 0, this.expirationTimeTokenLength);
    }

    private String getTokenSource(User user) {
        return user.getEmail() + user.getVersion() + user.getPassword();
    }

    private String getTokenWithoutTimestamp(String str) {
        return StringUtils.substring(str, this.expirationTimeTokenLength, str.length());
    }

    private Date parseTimestamp(String str) {
        try {
            return this.expirationTimeFormat.parse(str);
        } catch (ParseException e) {
            return null;
        }
    }
}
