package org.opencms.ui.login;

import java.util.Arrays;
import java.util.List;
import org.apache.commons.lang3.RandomStringUtils;
import org.opencms.file.CmsDataAccessException;
import org.opencms.file.CmsObject;
import org.opencms.file.CmsUser;
import org.opencms.i18n.CmsEncoder;
import org.opencms.main.CmsException;

/* loaded from: input_file:org/opencms/ui/login/CmsTokenValidator.class */
public class CmsTokenValidator {
    public static final String ADDINFO_KEY = "RESET_AUTH";
    private CmsUser m_user;

    public static void clearToken(CmsObject cmsObject, CmsUser cmsUser) throws CmsException {
        cmsUser.getAdditionalInfo().remove(ADDINFO_KEY);
        cmsObject.writeUser(cmsUser);
    }

    public static String createToken(CmsObject cmsObject, CmsUser cmsUser, long j) throws CmsException {
        String randomAlphanumeric = RandomStringUtils.randomAlphanumeric(8);
        cmsUser.setAdditionalInfo(ADDINFO_KEY, CmsEncoder.encodeStringsAsBase64Parameter(Arrays.asList(randomAlphanumeric, "" + j)));
        cmsObject.writeUser(cmsUser);
        return CmsEncoder.encodeStringsAsBase64Parameter(Arrays.asList(cmsUser.getName(), randomAlphanumeric));
    }

    public CmsUser getUser() {
        return this.m_user;
    }

    public String validateToken(CmsObject cmsObject, String str, long j) throws CmsException {
        try {
            List<String> decodeStringsFromBase64Parameter = CmsEncoder.decodeStringsFromBase64Parameter(str);
            if (decodeStringsFromBase64Parameter.size() != 2) {
                return "Invalid token";
            }
            CmsUser readUser = cmsObject.readUser(decodeStringsFromBase64Parameter.get(0));
            String str2 = (String) readUser.getAdditionalInfo(ADDINFO_KEY);
            if (str2 == null) {
                return "no additional infos found";
            }
            List<String> decodeStringsFromBase64Parameter2 = CmsEncoder.decodeStringsFromBase64Parameter(str2);
            if (!decodeStringsFromBase64Parameter2.get(0).equals(decodeStringsFromBase64Parameter.get(1))) {
                return "Key mismatch";
            }
            if (System.currentTimeMillis() - Long.valueOf(decodeStringsFromBase64Parameter2.get(1)).longValue() > j) {
                return "Auth token too old";
            }
            this.m_user = readUser;
            return null;
        } catch (IllegalArgumentException e) {
            return "Token parse error";
        } catch (CmsDataAccessException e2) {
            return "User not found";
        }
    }
}
