package io.helidon.security.providers.oidc.common;

import io.helidon.common.http.SetCookie;
import io.helidon.common.reactive.Single;
import io.helidon.security.spi.EncryptionProvider;
import java.nio.charset.StandardCharsets;
import java.time.Duration;
import java.time.Instant;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.function.Consumer;
import java.util.function.Function;
import java.util.logging.Level;
import java.util.logging.Logger;

/* loaded from: input_file:io/helidon/security/providers/oidc/common/OidcCookieHandler.class */
public class OidcCookieHandler {
    private static final Logger LOGGER = Logger.getLogger(OidcCookieHandler.class.getName());
    private final String createCookieOptions;
    private final List<Consumer<SetCookie.Builder>> removeCookieUpdaters = new LinkedList();
    private final List<Consumer<SetCookie.Builder>> createCookieUpdaters = new LinkedList();
    private final String cookieName;
    private final String valuePrefix;
    private final Function<String, Single<String>> encryptFunction;
    private final Function<String, Single<String>> decryptFunction;

    /* loaded from: input_file:io/helidon/security/providers/oidc/common/OidcCookieHandler$Builder.class */
    static class Builder implements io.helidon.common.Builder<Builder, OidcCookieHandler> {
        static final String DEFAULT_PATH = "/";
        static final boolean DEFAULT_HTTP_ONLY = true;
        static final boolean DEFAULT_SECURE = false;
        static final SetCookie.SameSite DEFAULT_SAME_SITE = SetCookie.SameSite.LAX;
        private String domain;
        private Long maxAge;
        private String cookieName;
        private String encryptionName;
        private char[] encryptionPassword;
        private boolean encryptionEnabled;
        private String path = DEFAULT_PATH;
        private boolean httpOnly = true;
        private SetCookie.SameSite sameSite = DEFAULT_SAME_SITE;
        private boolean secure = false;

        private Builder() {
        }

        /* renamed from: build, reason: merged with bridge method [inline-methods] */
        public OidcCookieHandler m8build() {
            return new OidcCookieHandler(this);
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public Builder path(String str) {
            this.path = str;
            return this;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public Builder httpOnly(boolean z) {
            this.httpOnly = z;
            return this;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public Builder sameSite(SetCookie.SameSite sameSite) {
            this.sameSite = sameSite;
            return this;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public Builder domain(String str) {
            this.domain = str;
            return this;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public Builder secure(boolean z) {
            this.secure = z;
            return this;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public Builder maxAge(Long l) {
            this.maxAge = l;
            return this;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public Builder cookieName(String str) {
            this.cookieName = str;
            return this;
        }

        public Builder encryptionName(String str) {
            this.encryptionName = str;
            return this;
        }

        public Builder encryptionPassword(char[] cArr) {
            this.encryptionPassword = cArr;
            return this;
        }

        public Builder encryptionEnabled(Boolean bool) {
            this.encryptionEnabled = bool.booleanValue();
            return this;
        }
    }

    private OidcCookieHandler(Builder builder) {
        this.cookieName = builder.cookieName;
        this.valuePrefix = this.cookieName + "=";
        String str = builder.path;
        boolean z = builder.httpOnly;
        SetCookie.SameSite sameSite = builder.sameSite;
        String str2 = builder.domain;
        boolean z2 = builder.secure;
        Long l = builder.maxAge;
        this.removeCookieUpdaters.add(builder2 -> {
            builder2.path(str);
        });
        if (z) {
            this.removeCookieUpdaters.add(builder3 -> {
                builder3.httpOnly(true);
            });
        }
        if (sameSite != null) {
            this.removeCookieUpdaters.add(builder4 -> {
                builder4.sameSite(sameSite);
            });
        }
        if (str2 != null) {
            this.removeCookieUpdaters.add(builder5 -> {
                builder5.domain(str2);
            });
        }
        if (z2) {
            this.removeCookieUpdaters.add(builder6 -> {
                builder6.secure(true);
            });
        }
        this.createCookieUpdaters.addAll(this.removeCookieUpdaters);
        if (l != null) {
            this.createCookieUpdaters.add(builder7 -> {
                builder7.maxAge(Duration.ofSeconds(l.longValue()));
            });
        }
        this.removeCookieUpdaters.add(builder8 -> {
            builder8.expires(Instant.ofEpochMilli(0L));
        });
        String setCookie = createCookieDirectValue("value").build().toString();
        int indexOf = setCookie.indexOf(59);
        if (indexOf < 0) {
            this.createCookieOptions = "";
        } else {
            this.createCookieOptions = setCookie.substring(indexOf);
        }
        if (builder.encryptionEnabled) {
            EncryptionProvider.EncryptionSupport create = OidcEncryption.create("Cookie(" + this.cookieName + ")", builder.encryptionName, builder.encryptionPassword);
            this.encryptFunction = str3 -> {
                return create.encrypt(str3.getBytes(StandardCharsets.UTF_8));
            };
            this.decryptFunction = str4 -> {
                return create.decrypt(str4).map(String::new);
            };
        } else {
            this.encryptFunction = (v0) -> {
                return Single.just(v0);
            };
            this.decryptFunction = (v0) -> {
                return Single.just(v0);
            };
        }
        if (LOGGER.isLoggable(Level.FINEST)) {
            LOGGER.finest(() -> {
                return "OIDC Create cookie example: " + setCookie;
            });
            LOGGER.finest(() -> {
                return "OIDC Remove cookie example: " + removeCookie().build();
            });
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Builder builder() {
        return new Builder();
    }

    public Single<SetCookie.Builder> createCookie(String str) {
        return this.encryptFunction.apply(str).map(this::createCookieDirectValue);
    }

    public String cookieName() {
        return this.cookieName;
    }

    public SetCookie.Builder removeCookie() {
        SetCookie.Builder builder = SetCookie.builder(this.cookieName, "");
        this.removeCookieUpdaters.forEach(consumer -> {
            consumer.accept(builder);
        });
        return builder;
    }

    public Optional<Single<String>> findCookie(Map<String, List<String>> map) {
        Objects.requireNonNull(map);
        List<String> list = map.get("Cookie");
        if (list == null || list.isEmpty()) {
            return Optional.empty();
        }
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            for (String str : it.next().split(";\\s?")) {
                String trim = str.trim();
                if (trim.startsWith(this.valuePrefix)) {
                    return Optional.of(decrypt(trim.substring(this.valuePrefix.length())));
                }
            }
        }
        return Optional.empty();
    }

    public Single<String> decrypt(String str) {
        return this.decryptFunction.apply(str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String createCookieOptions() {
        return this.createCookieOptions;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String cookieValuePrefix() {
        return this.valuePrefix;
    }

    private SetCookie.Builder createCookieDirectValue(String str) {
        SetCookie.Builder builder = SetCookie.builder(this.cookieName, str);
        this.createCookieUpdaters.forEach(consumer -> {
            consumer.accept(builder);
        });
        return builder;
    }
}
