package org.springframework.security.oauth2.provider.token.store;

import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import javax.sql.DataSource;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.dao.EmptyResultDataAccessException;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.jdbc.core.RowMapper;
import org.springframework.jdbc.core.support.SqlLobValue;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.common.OAuth2RefreshToken;
import org.springframework.security.oauth2.common.util.SerializationUtils;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.token.AuthenticationKeyGenerator;
import org.springframework.security.oauth2.provider.token.DefaultAuthenticationKeyGenerator;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.util.Assert;

/* loaded from: input_file:WEB-INF/lib/spring-security-oauth2-2.2.0.RELEASE.jar:org/springframework/security/oauth2/provider/token/store/JdbcTokenStore.class */
public class JdbcTokenStore implements TokenStore {
    private static final Log LOG = LogFactory.getLog(JdbcTokenStore.class);
    private static final String DEFAULT_ACCESS_TOKEN_INSERT_STATEMENT = "insert into oauth_access_token (token_id, token, authentication_id, user_name, client_id, authentication, refresh_token) values (?, ?, ?, ?, ?, ?, ?)";
    private static final String DEFAULT_ACCESS_TOKEN_SELECT_STATEMENT = "select token_id, token from oauth_access_token where token_id = ?";
    private static final String DEFAULT_ACCESS_TOKEN_AUTHENTICATION_SELECT_STATEMENT = "select token_id, authentication from oauth_access_token where token_id = ?";
    private static final String DEFAULT_ACCESS_TOKEN_FROM_AUTHENTICATION_SELECT_STATEMENT = "select token_id, token from oauth_access_token where authentication_id = ?";
    private static final String DEFAULT_ACCESS_TOKENS_FROM_USERNAME_AND_CLIENT_SELECT_STATEMENT = "select token_id, token from oauth_access_token where user_name = ? and client_id = ?";
    private static final String DEFAULT_ACCESS_TOKENS_FROM_USERNAME_SELECT_STATEMENT = "select token_id, token from oauth_access_token where user_name = ?";
    private static final String DEFAULT_ACCESS_TOKENS_FROM_CLIENTID_SELECT_STATEMENT = "select token_id, token from oauth_access_token where client_id = ?";
    private static final String DEFAULT_ACCESS_TOKEN_DELETE_STATEMENT = "delete from oauth_access_token where token_id = ?";
    private static final String DEFAULT_ACCESS_TOKEN_DELETE_FROM_REFRESH_TOKEN_STATEMENT = "delete from oauth_access_token where refresh_token = ?";
    private static final String DEFAULT_REFRESH_TOKEN_INSERT_STATEMENT = "insert into oauth_refresh_token (token_id, token, authentication) values (?, ?, ?)";
    private static final String DEFAULT_REFRESH_TOKEN_SELECT_STATEMENT = "select token_id, token from oauth_refresh_token where token_id = ?";
    private static final String DEFAULT_REFRESH_TOKEN_AUTHENTICATION_SELECT_STATEMENT = "select token_id, authentication from oauth_refresh_token where token_id = ?";
    private static final String DEFAULT_REFRESH_TOKEN_DELETE_STATEMENT = "delete from oauth_refresh_token where token_id = ?";
    private String insertAccessTokenSql = DEFAULT_ACCESS_TOKEN_INSERT_STATEMENT;
    private String selectAccessTokenSql = DEFAULT_ACCESS_TOKEN_SELECT_STATEMENT;
    private String selectAccessTokenAuthenticationSql = DEFAULT_ACCESS_TOKEN_AUTHENTICATION_SELECT_STATEMENT;
    private String selectAccessTokenFromAuthenticationSql = DEFAULT_ACCESS_TOKEN_FROM_AUTHENTICATION_SELECT_STATEMENT;
    private String selectAccessTokensFromUserNameAndClientIdSql = DEFAULT_ACCESS_TOKENS_FROM_USERNAME_AND_CLIENT_SELECT_STATEMENT;
    private String selectAccessTokensFromUserNameSql = DEFAULT_ACCESS_TOKENS_FROM_USERNAME_SELECT_STATEMENT;
    private String selectAccessTokensFromClientIdSql = DEFAULT_ACCESS_TOKENS_FROM_CLIENTID_SELECT_STATEMENT;
    private String deleteAccessTokenSql = DEFAULT_ACCESS_TOKEN_DELETE_STATEMENT;
    private String insertRefreshTokenSql = DEFAULT_REFRESH_TOKEN_INSERT_STATEMENT;
    private String selectRefreshTokenSql = DEFAULT_REFRESH_TOKEN_SELECT_STATEMENT;
    private String selectRefreshTokenAuthenticationSql = DEFAULT_REFRESH_TOKEN_AUTHENTICATION_SELECT_STATEMENT;
    private String deleteRefreshTokenSql = DEFAULT_REFRESH_TOKEN_DELETE_STATEMENT;
    private String deleteAccessTokenFromRefreshTokenSql = DEFAULT_ACCESS_TOKEN_DELETE_FROM_REFRESH_TOKEN_STATEMENT;
    private AuthenticationKeyGenerator authenticationKeyGenerator = new DefaultAuthenticationKeyGenerator();
    private final JdbcTemplate jdbcTemplate;

    /* loaded from: input_file:WEB-INF/lib/spring-security-oauth2-2.2.0.RELEASE.jar:org/springframework/security/oauth2/provider/token/store/JdbcTokenStore$SafeAccessTokenRowMapper.class */
    private final class SafeAccessTokenRowMapper implements RowMapper<OAuth2AccessToken> {
        private SafeAccessTokenRowMapper() {
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // org.springframework.jdbc.core.RowMapper
        public OAuth2AccessToken mapRow(ResultSet resultSet, int i) throws SQLException {
            try {
                return JdbcTokenStore.this.deserializeAccessToken(resultSet.getBytes(2));
            } catch (IllegalArgumentException e) {
                JdbcTokenStore.this.jdbcTemplate.update(JdbcTokenStore.this.deleteAccessTokenSql, resultSet.getString(1));
                return null;
            }
        }
    }

    public JdbcTokenStore(DataSource dataSource) {
        Assert.notNull(dataSource, "DataSource required");
        this.jdbcTemplate = new JdbcTemplate(dataSource);
    }

    public void setAuthenticationKeyGenerator(AuthenticationKeyGenerator authenticationKeyGenerator) {
        this.authenticationKeyGenerator = authenticationKeyGenerator;
    }

    @Override // org.springframework.security.oauth2.provider.token.TokenStore
    public OAuth2AccessToken getAccessToken(OAuth2Authentication oAuth2Authentication) {
        OAuth2AccessToken oAuth2AccessToken = null;
        String extractKey = this.authenticationKeyGenerator.extractKey(oAuth2Authentication);
        try {
            oAuth2AccessToken = (OAuth2AccessToken) this.jdbcTemplate.queryForObject(this.selectAccessTokenFromAuthenticationSql, new RowMapper<OAuth2AccessToken>() { // from class: org.springframework.security.oauth2.provider.token.store.JdbcTokenStore.1
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // org.springframework.jdbc.core.RowMapper
                public OAuth2AccessToken mapRow(ResultSet resultSet, int i) throws SQLException {
                    return JdbcTokenStore.this.deserializeAccessToken(resultSet.getBytes(2));
                }
            }, extractKey);
        } catch (IllegalArgumentException e) {
            LOG.error("Could not extract access token for authentication " + oAuth2Authentication, e);
        } catch (EmptyResultDataAccessException e2) {
            if (LOG.isDebugEnabled()) {
                LOG.debug("Failed to find access token for authentication " + oAuth2Authentication);
            }
        }
        if (oAuth2AccessToken != null && !extractKey.equals(this.authenticationKeyGenerator.extractKey(readAuthentication(oAuth2AccessToken.getValue())))) {
            removeAccessToken(oAuth2AccessToken.getValue());
            storeAccessToken(oAuth2AccessToken, oAuth2Authentication);
        }
        return oAuth2AccessToken;
    }

    @Override // org.springframework.security.oauth2.provider.token.TokenStore
    public void storeAccessToken(OAuth2AccessToken oAuth2AccessToken, OAuth2Authentication oAuth2Authentication) {
        String str = null;
        if (oAuth2AccessToken.getRefreshToken() != null) {
            str = oAuth2AccessToken.getRefreshToken().getValue();
        }
        if (readAccessToken(oAuth2AccessToken.getValue()) != null) {
            removeAccessToken(oAuth2AccessToken.getValue());
        }
        JdbcTemplate jdbcTemplate = this.jdbcTemplate;
        String str2 = this.insertAccessTokenSql;
        Object[] objArr = new Object[7];
        objArr[0] = extractTokenKey(oAuth2AccessToken.getValue());
        objArr[1] = new SqlLobValue(serializeAccessToken(oAuth2AccessToken));
        objArr[2] = this.authenticationKeyGenerator.extractKey(oAuth2Authentication);
        objArr[3] = oAuth2Authentication.isClientOnly() ? null : oAuth2Authentication.getName();
        objArr[4] = oAuth2Authentication.getOAuth2Request().getClientId();
        objArr[5] = new SqlLobValue(serializeAuthentication(oAuth2Authentication));
        objArr[6] = extractTokenKey(str);
        jdbcTemplate.update(str2, objArr, new int[]{12, 2004, 12, 12, 12, 2004, 12});
    }

    @Override // org.springframework.security.oauth2.provider.token.TokenStore
    public OAuth2AccessToken readAccessToken(String str) {
        OAuth2AccessToken oAuth2AccessToken = null;
        try {
            oAuth2AccessToken = (OAuth2AccessToken) this.jdbcTemplate.queryForObject(this.selectAccessTokenSql, new RowMapper<OAuth2AccessToken>() { // from class: org.springframework.security.oauth2.provider.token.store.JdbcTokenStore.2
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // org.springframework.jdbc.core.RowMapper
                public OAuth2AccessToken mapRow(ResultSet resultSet, int i) throws SQLException {
                    return JdbcTokenStore.this.deserializeAccessToken(resultSet.getBytes(2));
                }
            }, extractTokenKey(str));
        } catch (IllegalArgumentException e) {
            LOG.warn("Failed to deserialize access token for " + str, e);
            removeAccessToken(str);
        } catch (EmptyResultDataAccessException e2) {
            if (LOG.isInfoEnabled()) {
                LOG.info("Failed to find access token for token " + str);
            }
        }
        return oAuth2AccessToken;
    }

    @Override // org.springframework.security.oauth2.provider.token.TokenStore
    public void removeAccessToken(OAuth2AccessToken oAuth2AccessToken) {
        removeAccessToken(oAuth2AccessToken.getValue());
    }

    public void removeAccessToken(String str) {
        this.jdbcTemplate.update(this.deleteAccessTokenSql, extractTokenKey(str));
    }

    @Override // org.springframework.security.oauth2.provider.token.TokenStore
    public OAuth2Authentication readAuthentication(OAuth2AccessToken oAuth2AccessToken) {
        return readAuthentication(oAuth2AccessToken.getValue());
    }

    @Override // org.springframework.security.oauth2.provider.token.TokenStore
    public OAuth2Authentication readAuthentication(String str) {
        OAuth2Authentication oAuth2Authentication = null;
        try {
            oAuth2Authentication = (OAuth2Authentication) this.jdbcTemplate.queryForObject(this.selectAccessTokenAuthenticationSql, new RowMapper<OAuth2Authentication>() { // from class: org.springframework.security.oauth2.provider.token.store.JdbcTokenStore.3
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // org.springframework.jdbc.core.RowMapper
                public OAuth2Authentication mapRow(ResultSet resultSet, int i) throws SQLException {
                    return JdbcTokenStore.this.deserializeAuthentication(resultSet.getBytes(2));
                }
            }, extractTokenKey(str));
        } catch (IllegalArgumentException e) {
            LOG.warn("Failed to deserialize authentication for " + str, e);
            removeAccessToken(str);
        } catch (EmptyResultDataAccessException e2) {
            if (LOG.isInfoEnabled()) {
                LOG.info("Failed to find access token for token " + str);
            }
        }
        return oAuth2Authentication;
    }

    @Override // org.springframework.security.oauth2.provider.token.TokenStore
    public void storeRefreshToken(OAuth2RefreshToken oAuth2RefreshToken, OAuth2Authentication oAuth2Authentication) {
        this.jdbcTemplate.update(this.insertRefreshTokenSql, new Object[]{extractTokenKey(oAuth2RefreshToken.getValue()), new SqlLobValue(serializeRefreshToken(oAuth2RefreshToken)), new SqlLobValue(serializeAuthentication(oAuth2Authentication))}, new int[]{12, 2004, 2004});
    }

    @Override // org.springframework.security.oauth2.provider.token.TokenStore
    public OAuth2RefreshToken readRefreshToken(String str) {
        OAuth2RefreshToken oAuth2RefreshToken = null;
        try {
            oAuth2RefreshToken = (OAuth2RefreshToken) this.jdbcTemplate.queryForObject(this.selectRefreshTokenSql, new RowMapper<OAuth2RefreshToken>() { // from class: org.springframework.security.oauth2.provider.token.store.JdbcTokenStore.4
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // org.springframework.jdbc.core.RowMapper
                public OAuth2RefreshToken mapRow(ResultSet resultSet, int i) throws SQLException {
                    return JdbcTokenStore.this.deserializeRefreshToken(resultSet.getBytes(2));
                }
            }, extractTokenKey(str));
        } catch (IllegalArgumentException e) {
            LOG.warn("Failed to deserialize refresh token for token " + str, e);
            removeRefreshToken(str);
        } catch (EmptyResultDataAccessException e2) {
            if (LOG.isInfoEnabled()) {
                LOG.info("Failed to find refresh token for token " + str);
            }
        }
        return oAuth2RefreshToken;
    }

    @Override // org.springframework.security.oauth2.provider.token.TokenStore
    public void removeRefreshToken(OAuth2RefreshToken oAuth2RefreshToken) {
        removeRefreshToken(oAuth2RefreshToken.getValue());
    }

    public void removeRefreshToken(String str) {
        this.jdbcTemplate.update(this.deleteRefreshTokenSql, extractTokenKey(str));
    }

    @Override // org.springframework.security.oauth2.provider.token.TokenStore
    public OAuth2Authentication readAuthenticationForRefreshToken(OAuth2RefreshToken oAuth2RefreshToken) {
        return readAuthenticationForRefreshToken(oAuth2RefreshToken.getValue());
    }

    public OAuth2Authentication readAuthenticationForRefreshToken(String str) {
        OAuth2Authentication oAuth2Authentication = null;
        try {
            oAuth2Authentication = (OAuth2Authentication) this.jdbcTemplate.queryForObject(this.selectRefreshTokenAuthenticationSql, new RowMapper<OAuth2Authentication>() { // from class: org.springframework.security.oauth2.provider.token.store.JdbcTokenStore.5
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // org.springframework.jdbc.core.RowMapper
                public OAuth2Authentication mapRow(ResultSet resultSet, int i) throws SQLException {
                    return JdbcTokenStore.this.deserializeAuthentication(resultSet.getBytes(2));
                }
            }, extractTokenKey(str));
        } catch (IllegalArgumentException e) {
            LOG.warn("Failed to deserialize access token for " + str, e);
            removeRefreshToken(str);
        } catch (EmptyResultDataAccessException e2) {
            if (LOG.isInfoEnabled()) {
                LOG.info("Failed to find access token for token " + str);
            }
        }
        return oAuth2Authentication;
    }

    @Override // org.springframework.security.oauth2.provider.token.TokenStore
    public void removeAccessTokenUsingRefreshToken(OAuth2RefreshToken oAuth2RefreshToken) {
        removeAccessTokenUsingRefreshToken(oAuth2RefreshToken.getValue());
    }

    public void removeAccessTokenUsingRefreshToken(String str) {
        this.jdbcTemplate.update(this.deleteAccessTokenFromRefreshTokenSql, new Object[]{extractTokenKey(str)}, new int[]{12});
    }

    @Override // org.springframework.security.oauth2.provider.token.TokenStore
    public Collection<OAuth2AccessToken> findTokensByClientId(String str) {
        List<OAuth2AccessToken> arrayList = new ArrayList();
        try {
            arrayList = this.jdbcTemplate.query(this.selectAccessTokensFromClientIdSql, new SafeAccessTokenRowMapper(), str);
        } catch (EmptyResultDataAccessException e) {
            if (LOG.isInfoEnabled()) {
                LOG.info("Failed to find access token for clientId " + str);
            }
        }
        return removeNulls(arrayList);
    }

    public Collection<OAuth2AccessToken> findTokensByUserName(String str) {
        List<OAuth2AccessToken> arrayList = new ArrayList();
        try {
            arrayList = this.jdbcTemplate.query(this.selectAccessTokensFromUserNameSql, new SafeAccessTokenRowMapper(), str);
        } catch (EmptyResultDataAccessException e) {
            if (LOG.isInfoEnabled()) {
                LOG.info("Failed to find access token for userName " + str);
            }
        }
        return removeNulls(arrayList);
    }

    @Override // org.springframework.security.oauth2.provider.token.TokenStore
    public Collection<OAuth2AccessToken> findTokensByClientIdAndUserName(String str, String str2) {
        List<OAuth2AccessToken> arrayList = new ArrayList();
        try {
            arrayList = this.jdbcTemplate.query(this.selectAccessTokensFromUserNameAndClientIdSql, new SafeAccessTokenRowMapper(), str2, str);
        } catch (EmptyResultDataAccessException e) {
            if (LOG.isInfoEnabled()) {
                LOG.info("Failed to find access token for clientId " + str + " and userName " + str2);
            }
        }
        return removeNulls(arrayList);
    }

    private List<OAuth2AccessToken> removeNulls(List<OAuth2AccessToken> list) {
        ArrayList arrayList = new ArrayList();
        for (OAuth2AccessToken oAuth2AccessToken : list) {
            if (oAuth2AccessToken != null) {
                arrayList.add(oAuth2AccessToken);
            }
        }
        return arrayList;
    }

    protected String extractTokenKey(String str) {
        if (str == null) {
            return null;
        }
        try {
            try {
                return String.format("%032x", new BigInteger(1, MessageDigest.getInstance("MD5").digest(str.getBytes("UTF-8"))));
            } catch (UnsupportedEncodingException e) {
                throw new IllegalStateException("UTF-8 encoding not available.  Fatal (should be in the JDK).");
            }
        } catch (NoSuchAlgorithmException e2) {
            throw new IllegalStateException("MD5 algorithm not available.  Fatal (should be in the JDK).");
        }
    }

    protected byte[] serializeAccessToken(OAuth2AccessToken oAuth2AccessToken) {
        return SerializationUtils.serialize(oAuth2AccessToken);
    }

    protected byte[] serializeRefreshToken(OAuth2RefreshToken oAuth2RefreshToken) {
        return SerializationUtils.serialize(oAuth2RefreshToken);
    }

    protected byte[] serializeAuthentication(OAuth2Authentication oAuth2Authentication) {
        return SerializationUtils.serialize(oAuth2Authentication);
    }

    protected OAuth2AccessToken deserializeAccessToken(byte[] bArr) {
        return (OAuth2AccessToken) SerializationUtils.deserialize(bArr);
    }

    protected OAuth2RefreshToken deserializeRefreshToken(byte[] bArr) {
        return (OAuth2RefreshToken) SerializationUtils.deserialize(bArr);
    }

    protected OAuth2Authentication deserializeAuthentication(byte[] bArr) {
        return (OAuth2Authentication) SerializationUtils.deserialize(bArr);
    }

    public void setInsertAccessTokenSql(String str) {
        this.insertAccessTokenSql = str;
    }

    public void setSelectAccessTokenSql(String str) {
        this.selectAccessTokenSql = str;
    }

    public void setDeleteAccessTokenSql(String str) {
        this.deleteAccessTokenSql = str;
    }

    public void setInsertRefreshTokenSql(String str) {
        this.insertRefreshTokenSql = str;
    }

    public void setSelectRefreshTokenSql(String str) {
        this.selectRefreshTokenSql = str;
    }

    public void setDeleteRefreshTokenSql(String str) {
        this.deleteRefreshTokenSql = str;
    }

    public void setSelectAccessTokenAuthenticationSql(String str) {
        this.selectAccessTokenAuthenticationSql = str;
    }

    public void setSelectRefreshTokenAuthenticationSql(String str) {
        this.selectRefreshTokenAuthenticationSql = str;
    }

    public void setSelectAccessTokenFromAuthenticationSql(String str) {
        this.selectAccessTokenFromAuthenticationSql = str;
    }

    public void setDeleteAccessTokenFromRefreshTokenSql(String str) {
        this.deleteAccessTokenFromRefreshTokenSql = str;
    }

    public void setSelectAccessTokensFromUserNameSql(String str) {
        this.selectAccessTokensFromUserNameSql = str;
    }

    public void setSelectAccessTokensFromUserNameAndClientIdSql(String str) {
        this.selectAccessTokensFromUserNameAndClientIdSql = str;
    }

    public void setSelectAccessTokensFromClientIdSql(String str) {
        this.selectAccessTokensFromClientIdSql = str;
    }
}
