package com.atlassian.bamboo.agent;

import com.atlassian.bamboo.bandana.PlanAwareBandanaContext;
import com.atlassian.bamboo.utils.SystemProperty;
import com.atlassian.bandana.BandanaContext;
import com.atlassian.bandana.BandanaManager;
import com.atlassian.security.random.DefaultSecureTokenGenerator;
import com.atlassian.security.random.SecureTokenGenerator;
import com.google.common.base.Preconditions;
import java.util.regex.Pattern;
import javax.inject.Inject;
import org.apache.commons.lang3.StringUtils;
import org.apache.log4j.LogManager;
import org.apache.log4j.Logger;
import org.jetbrains.annotations.NotNull;

/* loaded from: input_file:com/atlassian/bamboo/agent/AgentSecurityTokenServiceImpl.class */
public class AgentSecurityTokenServiceImpl implements AgentSecurityTokenService {
    private static final int STRING_TOKEN_LENGTH = 40;
    private static final String BANDANA_KEY = "remoteAgentsSecurityToken";

    @Inject
    private BandanaManager bandanaManager;
    private static Logger logger = LogManager.getLogger(AgentSecurityTokenServiceImpl.class);
    private static final BandanaContext BANDANA_CONTEXT = PlanAwareBandanaContext.GLOBAL_CONTEXT;
    private static final SecureTokenGenerator SECURE_TOKEN_GENERATOR = DefaultSecureTokenGenerator.getInstance();

    @NotNull
    public String getSecurityToken() {
        String str = (String) this.bandanaManager.getValue(BANDANA_CONTEXT, BANDANA_KEY);
        Preconditions.checkState(str != null, "Security token has not been set for this Bamboo instance");
        return str;
    }

    public void resetSecurityToken() {
        String validateToken = validateToken(StringUtils.trimToNull(SystemProperty.REMOTE_AGENT_SECURITY_TOKEN_VALUE.getValue()));
        if (validateToken == null) {
            validateToken = SECURE_TOKEN_GENERATOR.generateToken();
        }
        this.bandanaManager.setValue(BANDANA_CONTEXT, BANDANA_KEY, validateToken);
    }

    private String validateToken(String str) {
        if (str == null) {
            return null;
        }
        if (str.length() != STRING_TOKEN_LENGTH) {
            logger.error("Token must have 40 characters");
            return null;
        }
        if (Pattern.compile("[0-9a-fA-F]+").matcher(str).matches()) {
            return str;
        }
        logger.error("Invalid token because it must contain only hexadecimal characters, token will be generated.");
        return null;
    }
}
