package de.rcenvironment.core.authorization.api;

import de.rcenvironment.core.utils.common.StringUtils;
import java.util.Optional;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

/* loaded from: input_file:de/rcenvironment/core/authorization/api/AuthorizationIdRules.class */
public final class AuthorizationIdRules {
    protected static final String INTERNAL_ERROR_THE_NAME_MUST_NOT_BE_NULL = "Internal error: The name must not be null";
    protected static final String INVALID_KEY_IMPORT_DATA = "Invalid key import data: ";
    protected static final String INVALID_CHARACTERS_ERROR_MESSAGE = "Invalid character at position %d (\"%s\"): only the letters a-z, A-Z, digits, and the special characters _() are allowed";
    protected static final int MINIMUM_ID_LENGTH = 2;
    protected static final String MINIMUM_ID_LENGTH_ERROR_MESSAGE = "Group names must be at least 2 characters long";
    protected static final int MAXIMUM_ID_LENGTH = 32;
    protected static final String MAXIMUM_ID_LENGTH_ERROR_MESSAGE = "The maximum length for group names is 32 characters";
    protected static final Pattern INVALID_CHARACTER_CHECK_PATTERN = Pattern.compile("[^a-zA-Z0-9_\\(\\)]");
    protected static final Pattern GROUP_ID_RANDOM_PART_REGEXP = Pattern.compile("[0-9a-f]{16}");
    protected static final Pattern EXPECTED_IMPORT_STRING_PATTERN = Pattern.compile("[^:]+:[0-9a-f]+:[0-9]+:[\\w-_]{43}");

    private AuthorizationIdRules() {
    }

    public static Optional<String> validateAuthorizationGroupId(String str) {
        if (str == null) {
            return Optional.of(INTERNAL_ERROR_THE_NAME_MUST_NOT_BE_NULL);
        }
        if (str.contains(" ")) {
            return Optional.of("Group ids can not contain spaces; consider using underscores (\"_\") instead");
        }
        Matcher matcher = INVALID_CHARACTER_CHECK_PATTERN.matcher(str);
        return matcher.find() ? Optional.of(StringUtils.format(INVALID_CHARACTERS_ERROR_MESSAGE, new Object[]{Integer.valueOf(matcher.start(0) + 1), matcher.group(0)})) : str.length() < MINIMUM_ID_LENGTH ? Optional.of(MINIMUM_ID_LENGTH_ERROR_MESSAGE) : str.length() > 32 ? Optional.of(MAXIMUM_ID_LENGTH_ERROR_MESSAGE) : str.trim().length() != str.length() ? Optional.of("Uncaught leading or training whitespace") : Optional.empty();
    }

    public static Optional<String> validateAuthorizationGroupFullId(String str) {
        if (str == null) {
            return Optional.of(INTERNAL_ERROR_THE_NAME_MUST_NOT_BE_NULL);
        }
        String trim = str.trim();
        if (trim.isEmpty()) {
            return Optional.of("Empty id string");
        }
        String[] split = trim.split(AuthorizationService.ID_SEPARATOR);
        if (split.length != MINIMUM_ID_LENGTH) {
            return Optional.of("Expected a complete authorization group id, which consists of a valid authorization group name, a colon, and an auto-generated part consisting of 16 hex characters");
        }
        Optional<String> validateAuthorizationGroupId = validateAuthorizationGroupId(split[0]);
        return validateAuthorizationGroupId.isPresent() ? validateAuthorizationGroupId : !GROUP_ID_RANDOM_PART_REGEXP.matcher(split[1]).matches() ? Optional.of("The second part of the authorization group id is malformed; it is expected to be a sequence of 16 hex characters. ") : Optional.empty();
    }

    public static Optional<String> validateAuthorizationGroupImportString(String str) {
        if (str == null) {
            return Optional.of(INTERNAL_ERROR_THE_NAME_MUST_NOT_BE_NULL);
        }
        String trim = str.trim();
        if (trim.isEmpty()) {
            return Optional.of("No key import data found");
        }
        String[] split = trim.split(AuthorizationService.ID_SEPARATOR);
        if (split.length != 4) {
            return Optional.of("Invalid key import data: Valid keys consist of 4 colon-separated parts");
        }
        Optional<String> validateAuthorizationGroupId = validateAuthorizationGroupId(split[0]);
        return validateAuthorizationGroupId.isPresent() ? Optional.of("Invalid group id: " + validateAuthorizationGroupId.get()) : split[1].length() != 16 ? Optional.of("Invalid key import data: Invalid length of the generated group id part; was this group key generated with a pre-release version of RCE?") : !split[MINIMUM_ID_LENGTH].equals("1") ? Optional.of("Invalid key import data: Unrecognized key version; was this group key generated with an incompatible future version of RCE?") : !EXPECTED_IMPORT_STRING_PATTERN.matcher(trim).matches() ? Optional.of("Invalid key import data: Invalid data or key format") : Optional.empty();
    }
}
