package org.n52.security.service.sso;

import java.util.ArrayList;
import java.util.Collections;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.http.Cookie;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/n52/security/service/sso/DomainCookieBuilder.class */
public class DomainCookieBuilder {
    private static final Logger LOG = LoggerFactory.getLogger(DomainCookieBuilder.class);
    protected static final int CLEARCOOKIE_AGE = 0;
    protected static final int BROWSER_SESSION_AGE = -1;
    protected static final String INVALID_VALUE = "invalid";
    protected static final String ALL_REMOTE_ADDRESS = "*";
    private String m_cookieName = "52n-sso";
    private String m_cookieComment = "";
    private int m_cookieMaxAgeSeconds = BROWSER_SESSION_AGE;
    private String m_cookieDomain = "";
    private String m_cookiePath = "/";
    private boolean m_bindCookieToRemoteIP = true;
    private boolean m_supportNonMatchingHosts = true;
    private boolean m_useHighestDomainFromNonMatchingHost = true;
    private static final Pattern HIGHEST_DOMAIN_MATCH;
    private static final Pattern LOWEST_DOMAIN_MATCH;

    public DomainCookie build(String str, String str2, byte[] bArr, String str3) {
        return build(str, new Cookie(this.m_cookieName, SecureCookieValue.createWithSecret(buildRemoteAddressValuePart(str3), str2, bArr).getCookieValue()));
    }

    private void buildCookieClientData(String str, Cookie cookie) {
        cookie.setMaxAge(this.m_cookieMaxAgeSeconds);
        cookie.setPath(this.m_cookiePath);
        cookie.setComment(this.m_cookieComment);
        String buildCookieDomain = buildCookieDomain(str);
        if (buildCookieDomain != null) {
            cookie.setDomain(buildCookieDomain);
        }
    }

    private String buildRemoteAddressValuePart(String str) {
        return isBindCookieToRemoteIP() ? str : ALL_REMOTE_ADDRESS;
    }

    private String buildCookieDomain(String str) {
        if (!this.m_cookieDomain.isEmpty() && str.endsWith(this.m_cookieDomain)) {
            return this.m_cookieDomain;
        }
        if (isSupportNonMatchingHosts()) {
            Matcher matcher = isUseHighestDomainFromNonMatchingHost() ? HIGHEST_DOMAIN_MATCH.matcher(str) : LOWEST_DOMAIN_MATCH.matcher(str);
            if (matcher.matches()) {
                String group = matcher.group(1);
                if (LOG.isInfoEnabled()) {
                    LOG.info("hostname '{}' doesn't belong to domain '{}' cookie is bound to calculated domain {}", new Object[]{str, this.m_cookieDomain, group});
                }
                return group;
            }
        }
        LOG.info("hostname '{}' doesn't belong to domain '{}' cookie is directly bound to host", str, this.m_cookieDomain);
        return null;
    }

    public DomainCookie findValidDomainCookie(String str, Cookie[] cookieArr) {
        for (DomainCookie domainCookie : findDomainCookies(str, cookieArr)) {
            if (!domainCookie.isInvalidated()) {
                return domainCookie;
            }
        }
        return null;
    }

    public Iterable<DomainCookie> findDomainCookies(String str, Cookie[] cookieArr) {
        if (cookieArr == null) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList();
        int length = cookieArr.length;
        for (int i = CLEARCOOKIE_AGE; i < length; i++) {
            Cookie cookie = cookieArr[i];
            if (this.m_cookieName.equals(cookie.getName())) {
                arrayList.add(build(str, cookie));
            }
        }
        return arrayList;
    }

    private DomainCookie build(String str, Cookie cookie) {
        buildCookieClientData(str, cookie);
        String value = cookie.getValue();
        return new DomainCookie(cookie, INVALID_VALUE.equals(value) ? null : SecureCookieValue.parse(value));
    }

    public boolean containsValidDomainCookie(String str, Cookie[] cookieArr) {
        return findValidDomainCookie(str, cookieArr) != null;
    }

    public String getCookieName() {
        return this.m_cookieName;
    }

    public void setCookieName(String str) {
        this.m_cookieName = str;
    }

    public String getCookieComment() {
        return this.m_cookieComment;
    }

    public void setCookieComment(String str) {
        this.m_cookieComment = str;
    }

    public int getCookieMaxAgeSeconds() {
        return this.m_cookieMaxAgeSeconds;
    }

    public void setCookieMaxAgeSeconds(int i) {
        this.m_cookieMaxAgeSeconds = i;
    }

    public String getCookieDomain() {
        return this.m_cookieDomain;
    }

    public void setCookieDomain(String str) {
        if (str == null) {
            str = "";
        }
        if (!str.isEmpty() && !str.startsWith(".")) {
            str = "." + str;
        }
        if (str == ".localhost") {
            str = "";
        }
        this.m_cookieDomain = str;
    }

    public String getCookiePath() {
        return this.m_cookiePath;
    }

    public void setCookiePath(String str) {
        this.m_cookiePath = str;
    }

    public boolean isBindCookieToRemoteIP() {
        return this.m_bindCookieToRemoteIP;
    }

    public void setBindCookieToRemoteIP(boolean z) {
        this.m_bindCookieToRemoteIP = z;
    }

    public boolean isSupportNonMatchingHosts() {
        return this.m_supportNonMatchingHosts;
    }

    public void setSupportNonMatchingHosts(boolean z) {
        this.m_supportNonMatchingHosts = z;
    }

    public boolean isUseHighestDomainFromNonMatchingHost() {
        return this.m_useHighestDomainFromNonMatchingHost;
    }

    public void setUseHighestDomainFromNonMatchingHost(boolean z) {
        this.m_useHighestDomainFromNonMatchingHost = z;
    }

    static {
        String str = "\\.[\\w%-]+";
        HIGHEST_DOMAIN_MATCH = Pattern.compile("[\\w%-]+(" + str + "(?:" + str + ")+)");
        LOWEST_DOMAIN_MATCH = Pattern.compile(("(?:\\.?[\\w%-]+)+") + ("(" + str + str + ")"));
    }
}
