package org.nuxeo.ecm.platform.ui.web.auth.portal;

import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Base64;
import java.util.Date;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.nuxeo.ecm.platform.api.login.UserIdentificationInfo;
import org.nuxeo.ecm.platform.ui.web.auth.interfaces.NuxeoAuthenticationPlugin;

/* loaded from: input_file:org/nuxeo/ecm/platform/ui/web/auth/portal/PortalAuthenticator.class */
public class PortalAuthenticator implements NuxeoAuthenticationPlugin {
    public static final String SECRET_KEY_NAME = "secret";
    public static final String MAX_AGE_KEY_NAME = "maxAge";
    private static final String TS_HEADER = "NX_TS";
    private static final String RANDOM_HEADER = "NX_RD";
    private static final String TOKEN_HEADER = "NX_TOKEN";
    private static final String USER_HEADER = "NX_USER";
    private static final String TOKEN_SEP = ":";
    private String secret = SECRET_KEY_NAME;
    private long maxAge = 3600;

    public List<String> getUnAuthenticatedURLPrefix() {
        return null;
    }

    public Boolean handleLoginPrompt(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        return false;
    }

    public UserIdentificationInfo handleRetrieveIdentity(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String header = httpServletRequest.getHeader(TS_HEADER);
        String header2 = httpServletRequest.getHeader(RANDOM_HEADER);
        String header3 = httpServletRequest.getHeader(TOKEN_HEADER);
        String header4 = httpServletRequest.getHeader(USER_HEADER);
        if (header4 == null || header == null || header2 == null || header3 == null || !validateToken(header, header2, header3, header4).booleanValue()) {
            return null;
        }
        return new UserIdentificationInfo(header4, header4);
    }

    public void initPlugin(Map<String, String> map) {
        String str;
        if (map.containsKey(SECRET_KEY_NAME)) {
            this.secret = map.get(SECRET_KEY_NAME);
        }
        if (!map.containsKey(MAX_AGE_KEY_NAME) || (str = map.get(MAX_AGE_KEY_NAME)) == null || str.equals("")) {
            return;
        }
        this.maxAge = Long.parseLong(str);
    }

    public Boolean needLoginPrompt(HttpServletRequest httpServletRequest) {
        return false;
    }

    protected Boolean validateToken(String str, String str2, String str3, String str4) {
        try {
            if (Base64.getEncoder().encodeToString(MessageDigest.getInstance("MD5").digest((str + TOKEN_SEP + str2 + TOKEN_SEP + this.secret + TOKEN_SEP + str4).getBytes())).equals(str3)) {
                return Boolean.valueOf((new Date().getTime() - Long.parseLong(str)) / 1000 <= this.maxAge);
            }
            return false;
        } catch (NoSuchAlgorithmException e) {
            return false;
        }
    }
}
