package org.apache.jackrabbit.oak.security.authentication.token;

import com.google.common.collect.ImmutableList;
import java.security.Principal;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.annotation.Nonnull;
import org.apache.felix.scr.annotations.Activate;
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.Properties;
import org.apache.felix.scr.annotations.Property;
import org.apache.felix.scr.annotations.Reference;
import org.apache.felix.scr.annotations.ReferenceCardinality;
import org.apache.felix.scr.annotations.ReferencePolicy;
import org.apache.felix.scr.annotations.Service;
import org.apache.jackrabbit.oak.api.Root;
import org.apache.jackrabbit.oak.spi.commit.MoveTracker;
import org.apache.jackrabbit.oak.spi.commit.ValidatorProvider;
import org.apache.jackrabbit.oak.spi.security.ConfigurationBase;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
import org.apache.jackrabbit.oak.spi.security.authentication.credentials.CredentialsSupport;
import org.apache.jackrabbit.oak.spi.security.authentication.credentials.SimpleCredentialsSupport;
import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration;
import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
import org.apache.jackrabbit.oak.spi.security.user.UserConstants;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/oak-core-1.5.17.jar:org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImpl.class
 */
@Service({TokenConfiguration.class, SecurityConfiguration.class})
@Component(metatype = true, label = "Apache Jackrabbit Oak TokenConfiguration")
@Properties({@Property(name = TokenProvider.PARAM_TOKEN_EXPIRATION, label = "Token Expiration", description = "Expiration time of login tokens in ms."), @Property(name = TokenProvider.PARAM_TOKEN_LENGTH, label = "Token Length", description = "Length of the generated token."), @Property(name = TokenProvider.PARAM_TOKEN_REFRESH, label = "Token Refresh", description = "Enable/disable refresh of login tokens (i.e. resetting the expiration time).", boolValue = {true}), @Property(name = "passwordHashAlgorithm", label = "Hash Algorithm", description = "Name of the algorithm to hash the token.", value = {"SHA-256"}), @Property(name = "passwordHashIterations", label = "Hash Iterations", description = "Number of iterations used to hash the token.", intValue = {1000}), @Property(name = UserConstants.PARAM_PASSWORD_SALT_SIZE, label = "Hash Salt Size", description = "Size of the salt used to generate the hash.", intValue = {8})})
/* loaded from: input_file:WEB-INF/lib/oak-upgrade-1.5.17.jar:org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImpl.class */
public class TokenConfigurationImpl extends ConfigurationBase implements TokenConfiguration {

    @Reference(cardinality = ReferenceCardinality.OPTIONAL_UNARY, policy = ReferencePolicy.DYNAMIC)
    private CredentialsSupport credentialsSupport;

    public TokenConfigurationImpl() {
        this.credentialsSupport = SimpleCredentialsSupport.getInstance();
    }

    public TokenConfigurationImpl(SecurityProvider securityProvider) {
        super(securityProvider, securityProvider.getParameters(TokenConfiguration.NAME));
        this.credentialsSupport = SimpleCredentialsSupport.getInstance();
    }

    @Activate
    private void activate(Map<String, Object> map) {
        setParameters(ConfigurationParameters.of(map));
    }

    public void bindCredentialsSupport(CredentialsSupport credentialsSupport) {
        this.credentialsSupport = credentialsSupport;
    }

    public void unbindCredentialsSupport(CredentialsSupport credentialsSupport) {
        if (credentialsSupport == this.credentialsSupport) {
            this.credentialsSupport = SimpleCredentialsSupport.getInstance();
        }
    }

    @Override // org.apache.jackrabbit.oak.spi.security.SecurityConfiguration.Default, org.apache.jackrabbit.oak.spi.security.SecurityConfiguration
    @Nonnull
    public String getName() {
        return TokenConfiguration.NAME;
    }

    @Override // org.apache.jackrabbit.oak.spi.security.SecurityConfiguration.Default, org.apache.jackrabbit.oak.spi.security.SecurityConfiguration
    @Nonnull
    public List<? extends ValidatorProvider> getValidators(@Nonnull String str, @Nonnull Set<Principal> set, @Nonnull MoveTracker moveTracker) {
        return ImmutableList.of(new TokenValidatorProvider(getSecurityProvider().getParameters(UserConfiguration.NAME)));
    }

    @Override // org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration
    @Nonnull
    public TokenProvider getTokenProvider(Root root) {
        return new TokenProviderImpl(root, getParameters(), (UserConfiguration) getSecurityProvider().getConfiguration(UserConfiguration.class), this.credentialsSupport);
    }
}
