package org.camunda.optimize.service.security;

import com.auth0.jwt.JWT;
import com.auth0.jwt.algorithms.Algorithm;
import java.security.SecureRandom;
import java.util.List;
import java.util.Random;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import java.util.stream.Collectors;
import org.camunda.optimize.dto.engine.AuthorizationDto;
import org.camunda.optimize.dto.engine.GroupDto;
import org.camunda.optimize.rest.engine.EngineContext;
import org.camunda.optimize.rest.util.AuthenticationUtil;
import org.camunda.optimize.service.util.configuration.ConfigurationService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:org/camunda/optimize/service/security/SessionService.class */
public class SessionService {
    private static ConcurrentHashMap<String, Session> userSessions = new ConcurrentHashMap<>();
    private static final int SECRET_LENGTH = 16;

    @Autowired
    private ConfigurationService configurationService;
    private Logger logger = LoggerFactory.getLogger(getClass());
    private Random secureRandom = new SecureRandom();

    public boolean isValidToken(String str) {
        Session session;
        String sessionIssuer = AuthenticationUtil.getSessionIssuer(str);
        if (sessionIssuer != null && (session = userSessions.get(sessionIssuer)) != null) {
            return session.isTokenValid(str);
        }
        this.logger.debug("Error while validating authentication token [{}]. User [{}] is not logged in!", str, sessionIssuer);
        return false;
    }

    private Algorithm generateAlgorithm() {
        byte[] bArr = new byte[16];
        this.secureRandom.nextBytes(bArr);
        return Algorithm.HMAC256(bArr);
    }

    public void expireToken(String str) {
        String sessionIssuer = AuthenticationUtil.getSessionIssuer(str);
        if (sessionIssuer != null) {
            userSessions.remove(sessionIssuer);
        }
    }

    public boolean isAuthorizedToSeeDefinition(String str, String str2) {
        if (userSessions.containsKey(str)) {
            return userSessions.get(str).isAuthorizedToSeeDefinition(str2);
        }
        return false;
    }

    public String createSessionAndReturnSecurityToken(String str, EngineContext engineContext) {
        Algorithm generateAlgorithm = generateAlgorithm();
        String sign = JWT.create().withIssuer(str).sign(generateAlgorithm);
        userSessions.put(str, new Session(new TokenVerifier(this.configurationService.getTokenLifeTime(), JWT.require(generateAlgorithm).withIssuer(str).build()), retrieveDefinitionAuthorizations(str, engineContext)));
        return sign;
    }

    private DefinitionAuthorizations retrieveDefinitionAuthorizations(String str, EngineContext engineContext) {
        List<GroupDto> allGroupsOfUser = engineContext.getAllGroupsOfUser(str);
        List<AuthorizationDto> allProcessDefinitionAuthorizations = engineContext.getAllProcessDefinitionAuthorizations();
        return new DefinitionAuthorizations(allProcessDefinitionAuthorizations, extractGroupAuthorizations(allGroupsOfUser, allProcessDefinitionAuthorizations), extractUserAuthorizations(str, allProcessDefinitionAuthorizations));
    }

    private List<AuthorizationDto> extractGroupAuthorizations(List<GroupDto> list, List<AuthorizationDto> list2) {
        Set set = (Set) list.stream().map((v0) -> {
            return v0.getId();
        }).collect(Collectors.toSet());
        return (List) list2.stream().filter(authorizationDto -> {
            return set.contains(authorizationDto.getGroupId());
        }).collect(Collectors.toList());
    }

    private List<AuthorizationDto> extractUserAuthorizations(String str, List<AuthorizationDto> list) {
        return (List) list.stream().filter(authorizationDto -> {
            return str.equals(authorizationDto.getUserId());
        }).collect(Collectors.toList());
    }

    public ConfigurationService getConfigurationService() {
        return this.configurationService;
    }

    public void setConfigurationService(ConfigurationService configurationService) {
        this.configurationService = configurationService;
    }
}
