package org.craftercms.profile.services.impl;

import java.util.List;
import java.util.UUID;
import org.craftercms.commons.collections.IterableUtils;
import org.craftercms.commons.i10n.I10nLogger;
import org.craftercms.commons.mongo.DuplicateKeyException;
import org.craftercms.commons.mongo.MongoDataException;
import org.craftercms.commons.security.exception.ActionDeniedException;
import org.craftercms.profile.api.AccessToken;
import org.craftercms.profile.api.exceptions.I10nProfileException;
import org.craftercms.profile.api.exceptions.ProfileException;
import org.craftercms.profile.api.services.AccessTokenService;
import org.craftercms.profile.exceptions.AccessTokenExistsException;
import org.craftercms.profile.repositories.AccessTokenRepository;
import org.craftercms.profile.utils.AccessTokenUtils;

/* loaded from: input_file:WEB-INF/classes/org/craftercms/profile/services/impl/AccessTokenServiceImpl.class */
public class AccessTokenServiceImpl implements AccessTokenService {
    private static final I10nLogger logger = new I10nLogger((Class<?>) AccessTokenServiceImpl.class, "crafter.profile.messages.logging");
    public static final String LOG_KEY_ACCESS_TOKEN_CREATED = "profile.accessToken.accessTokenCreated";
    public static final String LOG_KEY_ACCESS_TOKEN_DELETED = "profile.accessToken.accessTokenDeleted";
    public static final String ERROR_KEY_CREATE_ACCESS_TOKEN_ERROR = "profile.accessToken.createAccessTokenError";
    public static final String ERROR_KEY_GET_ACCESS_TOKEN_ERROR = "profile.accessToken.getAccessTokenError";
    public static final String ERROR_KEY_GET_ALL_ACCESS_TOKENS_ERROR = "profile.accessToken.getAllAccessTokensError";
    public static final String ERROR_KEY_DELETE_ACCESS_TOKEN_ERROR = "profile.accessToken.deleteAccessTokenError";
    protected AccessTokenRepository accessTokenRepository;
    protected byte[] hashSalt;

    /* loaded from: input_file:WEB-INF/classes/org/craftercms/profile/services/impl/AccessTokenServiceImpl$Action.class */
    private enum Action {
        CREATE_TOKEN,
        READ_TOKEN,
        DELETE_TOKEN
    }

    public AccessTokenServiceImpl(AccessTokenRepository accessTokenRepository) {
        this.accessTokenRepository = accessTokenRepository;
    }

    @Override // org.craftercms.profile.api.services.AccessTokenService
    public AccessToken createToken(AccessToken accessToken) throws ProfileException {
        checkIfTokenActionIsAllowed(null, Action.CREATE_TOKEN);
        if (accessToken.getId() == null) {
            accessToken.setId(UUID.randomUUID().toString());
        }
        try {
            this.accessTokenRepository.insert((AccessTokenRepository) accessToken);
            logger.debug(LOG_KEY_ACCESS_TOKEN_CREATED, accessToken);
            return accessToken;
        } catch (DuplicateKeyException e) {
            throw new AccessTokenExistsException(accessToken.getId());
        } catch (MongoDataException e2) {
            throw new I10nProfileException(ERROR_KEY_CREATE_ACCESS_TOKEN_ERROR, e2, accessToken);
        }
    }

    @Override // org.craftercms.profile.api.services.AccessTokenService
    public AccessToken getToken(String str) throws ProfileException {
        checkIfTokenActionIsAllowed(str, Action.READ_TOKEN);
        try {
            return this.accessTokenRepository.findByStringId(str);
        } catch (MongoDataException e) {
            throw new I10nProfileException(ERROR_KEY_GET_ACCESS_TOKEN_ERROR, e, str);
        }
    }

    @Override // org.craftercms.profile.api.services.AccessTokenService
    public List<AccessToken> getAllTokens() throws ProfileException {
        checkIfTokenActionIsAllowed(null, Action.READ_TOKEN);
        try {
            return IterableUtils.toList(this.accessTokenRepository.findAll());
        } catch (MongoDataException e) {
            throw new I10nProfileException(ERROR_KEY_GET_ALL_ACCESS_TOKENS_ERROR, e, new Object[0]);
        }
    }

    @Override // org.craftercms.profile.api.services.AccessTokenService
    public void deleteToken(String str) throws ProfileException {
        checkIfTokenActionIsAllowed(str, Action.DELETE_TOKEN);
        try {
            this.accessTokenRepository.removeByStringId(str);
            logger.debug(LOG_KEY_ACCESS_TOKEN_DELETED, str);
        } catch (MongoDataException e) {
            throw new I10nProfileException(ERROR_KEY_DELETE_ACCESS_TOKEN_ERROR, e, str);
        }
    }

    protected void checkIfTokenActionIsAllowed(String str, Action action) {
        if (AccessTokenUtils.getCurrentToken().isMaster()) {
            return;
        }
        if (str == null) {
            throw new ActionDeniedException(action.toString());
        }
        throw new ActionDeniedException(action.toString(), str);
    }
}
