package sk.mimac.slideshow.http;

import ch.qos.logback.core.spi.ComponentTracker;
import java.math.BigInteger;
import java.security.NoSuchAlgorithmException;
import java.sql.SQLException;
import java.util.Iterator;
import java.util.Map;
import java.util.Random;
import java.util.concurrent.ConcurrentHashMap;
import l.d.c;
import org.apache.ftpserver.util.EncryptUtils;
import org.apache.mina.util.Base64;
import sk.mimac.slideshow.database.dao.AccessUserDao;
import sk.mimac.slideshow.database.entity.AccessUser;
import sk.mimac.slideshow.ftp.ShaPasswordEncryptor;
import sk.mimac.slideshow.utils.Charset;

/* loaded from: classes.dex */
public class Authenticator {
    private static final l.d.b c = c.d(Authenticator.class);
    private final Map<String, Session> a = new ConcurrentHashMap();
    private final Random b = new Random();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class Session {
        private AccessUser a;
        private long b;
        private long c;

        Session(AccessUser accessUser, long j2, long j3, AnonymousClass1 anonymousClass1) {
            this.a = accessUser;
            this.c = j2;
            this.b = j3;
        }
    }

    private AccessUser a(String str) {
        Session session = this.a.get(str);
        if (session == null) {
            return null;
        }
        long currentTimeMillis = System.currentTimeMillis();
        if (currentTimeMillis < session.c || currentTimeMillis > session.c + session.b) {
            this.a.remove(str);
            return null;
        }
        session.c = currentTimeMillis;
        return session.a;
    }

    public AccessUser authenticate(String str, String str2) {
        if (str2 != null) {
            return a(str2);
        }
        if (str == null) {
            return null;
        }
        String[] split = new String(Base64.decodeBase64(str.substring(6).getBytes()), Charset.UTF_8).split(":");
        if (split.length != 2) {
            return null;
        }
        try {
            AccessUser byUsername = AccessUserDao.getInstance().getByUsername(split[0]);
            if (byUsername == null) {
                return null;
            }
            if (ShaPasswordEncryptor.INSTANCE.matches(split[1], byUsername.getPassword())) {
                return byUsername;
            }
            return null;
        } catch (SQLException e2) {
            l.d.b bVar = c;
            StringBuilder N = g.a.a.a.a.N("Can't get user '");
            N.append(split[0]);
            N.append("' from database");
            bVar.warn(N.toString(), (Throwable) e2);
            return null;
        }
    }

    public void clearOldSessions() {
        long currentTimeMillis = System.currentTimeMillis();
        Iterator<Session> it = this.a.values().iterator();
        while (it.hasNext()) {
            Session next = it.next();
            if (currentTimeMillis < next.c || currentTimeMillis > next.c + next.b) {
                it.remove();
            }
        }
    }

    public HttpCookie generateCookie(String str, String str2, boolean z) {
        try {
            if (this.a.size() > 15) {
                clearOldSessions();
            }
            AccessUser byUsername = AccessUserDao.getInstance().getByUsername(str);
            if (byUsername == null) {
                return null;
            }
            try {
                if (!EncryptUtils.encrypt(str2, "SHA-1").equalsIgnoreCase(byUsername.getPassword())) {
                    return null;
                }
                String bigInteger = new BigInteger(264, this.b).toString(35);
                this.a.put(bigInteger, new Session(byUsername, System.currentTimeMillis(), z ? 2592000000L : ComponentTracker.DEFAULT_TIMEOUT, null));
                c.trace("User '{}' logged in to web interface", str);
                return new HttpCookie("__SESSION_ID__", bigInteger, z ? 5184000 : 172800);
            } catch (NoSuchAlgorithmException e2) {
                throw new RuntimeException("Can't find SHA-1 algoritm", e2);
            }
        } catch (SQLException e3) {
            c.warn("Can't get user '" + str + "' from database", (Throwable) e3);
            return null;
        }
    }

    public void logout(String str) {
        if (str != null) {
            this.a.remove(str);
        }
    }
}
