package com.force.sdk.oauth.context;

import com.force.sdk.oauth.context.store.ContextStoreException;
import com.force.sdk.oauth.context.store.ForceEncryptionException;
import com.force.sdk.oauth.context.store.SecurityContextStorageService;
import com.force.sdk.oauth.userdata.UserDataRetrievalService;
import com.sforce.ws.ConnectionException;
import java.util.Map;
import javax.crypto.spec.SecretKeySpec;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/force/sdk/oauth/context/SecurityContextServiceImpl.class */
public class SecurityContextServiceImpl implements SecurityContextService {
    private UserDataRetrievalService userDataRetrievalService = null;
    private SecurityContextStorageService securityContextStorageService = null;
    private static final Logger LOGGER = LoggerFactory.getLogger(SecurityContextServiceImpl.class);

    public void setUserDataRetrievalService(UserDataRetrievalService userDataRetrievalService) {
        this.userDataRetrievalService = userDataRetrievalService;
    }

    public void setSecurityContextStorageService(SecurityContextStorageService securityContextStorageService) {
        this.securityContextStorageService = securityContextStorageService;
    }

    @Override // com.force.sdk.oauth.context.SecurityContextService
    public void setSecurityContextToSession(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SecurityContext securityContext) {
        try {
            this.securityContextStorageService.storeSecurityContext(httpServletRequest, httpServletResponse, securityContext);
        } catch (ContextStoreException e) {
            LOGGER.error("Cannot store security information: ", e);
        }
        SecurityContextUtil.setCookieValues(securityContext, httpServletResponse, ("localhost".equalsIgnoreCase(httpServletRequest.getLocalName()) || httpServletRequest.getLocalName().contains("0:0:0:0:0:0:0:1")) ? false : true);
    }

    @Override // com.force.sdk.oauth.context.SecurityContextService
    public SecurityContext getSecurityContextFromSession(HttpServletRequest httpServletRequest) {
        try {
            return verifyAndRefreshSecurityContext(this.securityContextStorageService.retreiveSecurityContext(httpServletRequest), httpServletRequest);
        } catch (ContextStoreException e) {
            LOGGER.warn("Could not retrieve security information, refreshing. Set up an encryption key file to avoid this warning.");
            return null;
        }
    }

    @Override // com.force.sdk.oauth.context.SecurityContextService
    public SecurityContext verifyAndRefreshSecurityContext(SecurityContext securityContext, HttpServletRequest httpServletRequest) {
        Map<String, String> cookieValues = SecurityContextUtil.getCookieValues(httpServletRequest);
        String str = cookieValues.get(SecurityContextUtil.FORCE_FORCE_SESSION);
        String str2 = cookieValues.get(SecurityContextUtil.FORCE_FORCE_ENDPOINT);
        if (securityContext != null && (str == null || !str.equals(securityContext.getSessionId()) || str2 == null || !str2.equals(securityContext.getEndPoint()))) {
            securityContext = null;
        }
        if (str != null && str2 != null && securityContext == null) {
            try {
                securityContext = this.userDataRetrievalService.retrieveUserData(str, str2, null);
            } catch (ConnectionException e) {
                securityContext = null;
            }
        }
        return securityContext;
    }

    @Override // com.force.sdk.oauth.context.SecurityContextService
    public void clearSecurityContext(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        this.securityContextStorageService.clearSecurityContext(httpServletRequest, httpServletResponse);
        SecurityContextUtil.clearCookieValues(httpServletResponse);
    }

    @Override // com.force.sdk.oauth.context.SecurityContextService
    public SecretKeySpec getSecretKey() throws ForceEncryptionException {
        return this.securityContextStorageService.getSecureKey();
    }
}
