package eu.unicore.services.rest.security;

import com.google.common.cache.Cache;
import com.google.common.cache.CacheBuilder;
import de.fzj.unicore.wsrflite.Kernel;
import de.fzj.unicore.wsrflite.KernelInjectable;
import de.fzj.unicore.wsrflite.utils.CircuitBreaker;
import eu.unicore.security.SecurityTokens;
import eu.unicore.util.Log;
import eu.unicore.util.httpclient.ClientProperties;
import eu.unicore.util.httpclient.DefaultClientConfiguration;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicInteger;
import org.apache.cxf.message.Message;
import org.apache.log4j.Logger;

/* loaded from: input_file:eu/unicore/services/rest/security/BaseRemoteAuthenticator.class */
public abstract class BaseRemoteAuthenticator<T> implements IAuthenticator, KernelInjectable {
    protected String address;
    protected Kernel kernel;
    protected boolean doTLSAuthN = false;
    protected final CircuitBreaker cb = new CircuitBreaker("REST_" + getClass().getSimpleName() + "_" + count.incrementAndGet());
    protected Cache<Object, CacheEntry<T>> cache;
    private static final Logger logger = Log.getLogger("unicore.security", BaseRemoteAuthenticator.class);
    private static final AtomicInteger count = new AtomicInteger();
    protected static long defaultCacheTime = 300000;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:eu/unicore/services/rest/security/BaseRemoteAuthenticator$CacheEntry.class */
    public static class CacheEntry<T> {
        public T auth;
        public long expires;

        public CacheEntry(T t, long j) {
            this.expires = j;
            this.auth = t;
        }

        public boolean expired() {
            return System.currentTimeMillis() > this.expires;
        }
    }

    public void setKernel(Kernel kernel) {
        this.kernel = kernel;
        kernel.getMetricRegistry().register(this.cb.getName(), this.cb);
        createCache();
    }

    public void setAddress(String str) {
        this.address = str;
    }

    public String getAddress() {
        return this.address;
    }

    public void setDoTLSAuthn(boolean z) {
        this.doTLSAuthN = z;
    }

    public String toString() {
        return this.address;
    }

    @Override // eu.unicore.services.rest.security.IAuthenticator
    public final boolean authenticate(Message message, SecurityTokens securityTokens) {
        ClientProperties clone = this.kernel.getClientConfiguration().clone();
        clone.setSslAuthn(this.doTLSAuthN);
        Object extractCredentials = extractCredentials(clone, message, securityTokens);
        if (extractCredentials == null) {
            return false;
        }
        if (!this.cb.isOK()) {
            return true;
        }
        CacheEntry cacheEntry = (CacheEntry) this.cache.getIfPresent(extractCredentials);
        boolean z = (cacheEntry == null || cacheEntry.expired()) ? false : true;
        T t = z ? cacheEntry.auth : null;
        if (t == null) {
            try {
                t = performAuth(clone);
                this.cache.put(extractCredentials, new CacheEntry(t, getExpiryTime(t)));
            } catch (Exception e) {
                Log.logException("Error authenticating using " + this.address, e, logger);
                return true;
            }
        }
        extractAuthInfo(t, securityTokens);
        String userName = securityTokens.getUserName();
        if (logger.isDebugEnabled() && userName != null) {
            logger.debug("Authenticated " + (z ? "(cached) " : "") + "via " + this + ": <" + userName + ">");
        }
        return true;
    }

    protected abstract Object extractCredentials(DefaultClientConfiguration defaultClientConfiguration, Message message, SecurityTokens securityTokens);

    protected abstract T performAuth(DefaultClientConfiguration defaultClientConfiguration) throws Exception;

    protected abstract void extractAuthInfo(T t, SecurityTokens securityTokens);

    protected long getExpiryTime(T t) {
        return System.currentTimeMillis() + defaultCacheTime;
    }

    public void createCache() {
        this.cache = CacheBuilder.newBuilder().maximumSize(100L).expireAfterAccess(300L, TimeUnit.SECONDS).expireAfterWrite(300L, TimeUnit.SECONDS).build();
    }
}
