package com.rsmart.rfabric.auth.tokenauth;

import java.security.InvalidKeyException;
import java.util.Date;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:com/rsmart/rfabric/auth/tokenauth/AuthTokenValidator.class */
public class AuthTokenValidator {
    private static final Log LOG = LogFactory.getLog(AuthTokenValidator.class);
    private static final long DFT_TIMEOUT = 60000;
    protected transient Signature signature = new Signature();
    protected transient String secret = null;
    protected transient long timeout = DFT_TIMEOUT;

    public AuthTokenValidator() {
    }

    public AuthTokenValidator(String str, long j) {
        setSecret(str);
        setTimeout(j);
    }

    public String getSecret() {
        return this.secret;
    }

    public void setSecret(String str) {
        this.secret = str;
    }

    public long getTimeout() {
        return this.timeout;
    }

    public void setTimeout(long j) {
        this.timeout = j;
    }

    protected boolean hasTimedOut(AuthToken authToken) {
        return new Date().getTime() - authToken.getTimestamp().getTime() > this.timeout;
    }

    public boolean isValid(AuthToken authToken) {
        if (hasTimedOut(authToken)) {
            LOG.warn("Token has timed out: " + authToken.toString());
            return false;
        }
        String hashableFields = authToken.getHashableFields();
        LOG.trace("hashable fields: " + hashableFields);
        try {
            return this.signature.calculateRFC2104HMACWithEncoding(hashableFields, this.secret, true).equals(authToken.getHash());
        } catch (InvalidKeyException e) {
            LOG.error("Failed to validate token: " + authToken, e);
            throw new IllegalStateException("Invalid key used for hashing", e);
        }
    }
}
