package at.itsv.security.servicesecurity.tokenbased.rfc2617;

import at.itsv.commons.config.keyvalue.KeyValueConfiguration;
import at.itsv.commons.lang.function.Mapping;
import at.itsv.security.servicesecurity.management.ManagementRegistry;
import at.itsv.security.servicesecurity.tokenbased.TokenAuthenticator;
import at.itsv.security.servicesecurity.tokenbased.common.AbstractTimeAndNonceTokenAuthenticatorFactory;
import at.itsv.security.servicesecurity.tokenbased.rfc2617.noncecount.UsedNonceCount;
import java.nio.charset.Charset;
import java.util.Objects;
import java.util.function.Function;
import java.util.function.Supplier;

/* loaded from: input_file:at/itsv/security/servicesecurity/tokenbased/rfc2617/RFC2617TokenAuthenticatorFactory.class */
public final class RFC2617TokenAuthenticatorFactory extends AbstractTimeAndNonceTokenAuthenticatorFactory<RFC2617Request, String, RequestNonce, UsedNonce> {
    public static final String CONFIG_KEY_CHARSET = "charset";
    public static final String CONFIG_KEY_NONCE_COUNT_VALIDATION_POLICY = "nonceCount.validationPolicy";
    public static final String CONFIG_KEY_SLIDING_WINDOW_SIZE = "nonceCount.slidingWindowSize";
    public static final Charset DEFAULT_CHARSET = Charset.forName("UTF-8");
    static final Function<KeyValueConfiguration, Supplier<UsedNonceCount>> USED_NONCE_COUNT_FACTORY = keyValueConfiguration -> {
        return (Supplier) keyValueConfiguration.valueOf(CONFIG_KEY_NONCE_COUNT_VALIDATION_POLICY).flatMap(str -> {
            return Mapping.of("anyGt0", UsedNonceCount::anyGreaterThanZero).and("incremented", UsedNonceCount::mustBeIncremented).and("incrementedByOne", UsedNonceCount::mustBeIncrementedByOne).and("slidingWindow", slidingWindowSupplier(keyValueConfiguration)).apply(str);
        }).orElse(slidingWindowSupplier(keyValueConfiguration));
    };

    private static Supplier<UsedNonceCount> slidingWindowSupplier(KeyValueConfiguration keyValueConfiguration) {
        return UsedNonceCount.slidingWindow(keyValueConfiguration.valueOf(CONFIG_KEY_SLIDING_WINDOW_SIZE));
    }

    public RFC2617TokenAuthenticatorFactory(ManagementRegistry managementRegistry) {
        super(managementRegistry);
    }

    @Override // at.itsv.security.servicesecurity.tokenbased.TokenAuthenticatorFactory
    public TokenAuthenticator<RFC2617Request> authenticator(String str, KeyValueConfiguration keyValueConfiguration) {
        Objects.requireNonNull(str, "name");
        Objects.requireNonNull(keyValueConfiguration, "configuration");
        PasswordDigestAuthenticator passwordDigestAuthenticator = new PasswordDigestAuthenticator(charset(keyValueConfiguration));
        return nonceValidationEnabled(keyValueConfiguration) ? passwordDigestAuthenticator.andThen(new NonceAuthenticator(nonceStore(str, keyValueConfiguration), nonceLifetime(keyValueConfiguration), USED_NONCE_COUNT_FACTORY.apply(keyValueConfiguration), this.clock)) : passwordDigestAuthenticator;
    }

    private static Charset charset(KeyValueConfiguration keyValueConfiguration) {
        return (Charset) keyValueConfiguration.valueOf(CONFIG_KEY_CHARSET).map(Charset::forName).orElse(DEFAULT_CHARSET);
    }
}
