package com.appiancorp.rpa.login;

import com.appiancorp.security.auth.token.UserToken;
import com.appiancorp.security.auth.token.UserTokenValidator;
import com.appiancorp.suiteapi.personalization.UserProfileService;

/* loaded from: input_file:com/appiancorp/rpa/login/RpaUserTokenValidator.class */
public class RpaUserTokenValidator implements UserTokenValidator {
    public static final int MAX_COOKIE_AGE_SCEONDS = 60;
    private UserProfileService userProfileService;

    public RpaUserTokenValidator(UserProfileService userProfileService) {
        this.userProfileService = userProfileService;
    }

    public void validate(UserToken userToken) throws Exception {
        validateTokenTime(userToken);
        validateTokenUser(userToken);
    }

    private void validateTokenUser(UserToken userToken) {
        String username = userToken.getUsername();
        if (this.userProfileService.getUser(username).getStatus() != 1) {
            throw new IllegalStateException("User is not active: " + username);
        }
    }

    private void validateTokenTime(UserToken userToken) {
        Long tokenTime = userToken.getTokenTime();
        if (tokenTime.longValue() > System.currentTimeMillis()) {
            throw new IllegalStateException("Token is from the future: " + tokenTime);
        }
        if (tokenTime.longValue() < System.currentTimeMillis() - 60000) {
            throw new IllegalStateException("Token is expired: " + tokenTime);
        }
    }
}
