package org.picketlink.http.internal.authentication.schemes.support;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.TimerTask;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.picketlink.common.util.Base64;
import org.picketlink.idm.credential.Digest;

/* loaded from: input_file:WEB-INF/lib/picketlink-2.7.1.Final.jar:org/picketlink/http/internal/authentication/schemes/support/NonceCache.class */
public class NonceCache extends TimerTask {
    private UUIDNonceGenerator nonceGenerator = new UUIDNonceGenerator();
    private long nonceMaxValid = 180000;
    private Map<String, List<String>> nonceCache = new HashMap();

    @Override // java.util.TimerTask, java.lang.Runnable
    public void run() {
        if (this.nonceCache.isEmpty()) {
            return;
        }
        for (Map.Entry entry : new HashMap(this.nonceCache).entrySet()) {
            List list = (List) entry.getValue();
            Iterator it = new ArrayList(list).iterator();
            while (it.hasNext()) {
                String str = (String) it.next();
                if (hasExpired(str, this.nonceMaxValid)) {
                    list.remove(str);
                }
            }
            if (list.isEmpty()) {
                this.nonceCache.remove(entry.getKey());
            }
        }
    }

    public String generateAndCacheNonce(HttpServletRequest httpServletRequest) {
        String str = this.nonceGenerator.get();
        HttpSession session = httpServletRequest.getSession();
        List<String> list = this.nonceCache.get(session.getId());
        if (list == null) {
            list = new ArrayList();
            this.nonceCache.put(session.getId(), list);
        }
        list.add(str);
        return str;
    }

    public boolean hasValidNonce(Digest digest, HttpServletRequest httpServletRequest) {
        String nonce = digest.getNonce();
        List<String> list = this.nonceCache.get(httpServletRequest.getSession().getId());
        return (list == null || !list.contains(nonce) || hasExpired(nonce, this.nonceMaxValid)) ? false : true;
    }

    public boolean hasExpired(String str, long j) {
        String str2 = new String(Base64.decode(str));
        int indexOf = str2.indexOf(":");
        if (indexOf < 0) {
            return true;
        }
        return System.currentTimeMillis() - Long.parseLong(str2.substring(0, indexOf)) > j;
    }

    public long getNonceMaxValid() {
        return this.nonceMaxValid;
    }
}
