package cn.zifangsky.easylimit.session.impl.support;

import cn.zifangsky.easylimit.access.impl.ExposedTokenAccess;
import cn.zifangsky.easylimit.authc.PrincipalInfo;
import cn.zifangsky.easylimit.authc.ValidatedInfo;
import cn.zifangsky.easylimit.exception.token.ExpiredTokenException;
import cn.zifangsky.easylimit.exception.token.InvalidTokenException;
import cn.zifangsky.easylimit.exception.token.TokenException;
import cn.zifangsky.easylimit.session.Session;
import cn.zifangsky.easylimit.session.TokenDAO;
import cn.zifangsky.easylimit.session.TokenOperateResolver;
import cn.zifangsky.easylimit.session.impl.DefaultTokenOperateResolver;
import cn.zifangsky.easylimit.session.impl.MemoryTokenDAO;
import cn.zifangsky.easylimit.session.impl.TokenSessionContext;
import java.io.Serializable;
import java.text.MessageFormat;
import java.time.temporal.ChronoUnit;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:cn/zifangsky/easylimit/session/impl/support/TokenWebSessionManager.class */
public class TokenWebSessionManager extends CookieWebSessionManager {
    private static final Logger LOGGER = LoggerFactory.getLogger(TokenWebSessionManager.class);
    public static final int MAX_TOKEN_RETRIES_TIMES = 3;
    private TokenInfo tokenInfo;
    private TokenOperateResolver tokenOperateResolver;
    private TokenDAO tokenDAO;
    private int tokenRetriesTimes;

    public TokenWebSessionManager() {
        this(new TokenInfo(), new DefaultTokenOperateResolver(), new MemoryTokenDAO());
    }

    public TokenWebSessionManager(TokenInfo tokenInfo) {
        this(tokenInfo, new DefaultTokenOperateResolver(), new MemoryTokenDAO());
    }

    public TokenWebSessionManager(TokenOperateResolver tokenOperateResolver, TokenDAO tokenDAO) {
        this(new TokenInfo(), tokenOperateResolver, tokenDAO);
    }

    public TokenWebSessionManager(TokenInfo tokenInfo, TokenOperateResolver tokenOperateResolver, TokenDAO tokenDAO) {
        super(false);
        if (tokenInfo == null) {
            throw new IllegalArgumentException("Parameter tokenInfo cannot be empty.");
        }
        if (tokenOperateResolver == null) {
            throw new IllegalArgumentException("Parameter tokenOperateResolver cannot be empty.");
        }
        if (tokenDAO == null) {
            throw new IllegalArgumentException("Parameter tokenDAO cannot be empty.");
        }
        this.tokenInfo = tokenInfo;
        this.tokenOperateResolver = tokenOperateResolver;
        this.tokenDAO = tokenDAO;
        this.tokenRetriesTimes = 3;
        super.setGlobalTimeout(tokenInfo.getAccessTokenTimeout());
        super.setGlobalTimeoutChronoUnit(tokenInfo.getAccessTokenTimeoutUnit());
    }

    public SimpleAccessToken createAccessToken(PrincipalInfo principalInfo, Session session) {
        SimpleAccessToken doCreateAccessToken = doCreateAccessToken(principalInfo, this.tokenInfo, session.getId());
        onCreateAccessToken(principalInfo, doCreateAccessToken);
        return doCreateAccessToken;
    }

    public SimpleRefreshToken createRefreshToken(ValidatedInfo validatedInfo, SimpleAccessToken simpleAccessToken) {
        SimpleRefreshToken doCreateRefreshToken = doCreateRefreshToken(validatedInfo, this.tokenInfo, simpleAccessToken.getAccessToken());
        onCreateRefreshToken(simpleAccessToken, doCreateRefreshToken);
        return doCreateRefreshToken;
    }

    public SimpleRefreshToken getRefreshToken(String str) throws TokenException {
        SimpleRefreshToken readByRefreshToken = this.tokenDAO.readByRefreshToken(str);
        if (readByRefreshToken == null) {
            String format = MessageFormat.format("SimpleRefreshToken cannot be retrieved with refreshToken[{0}].", str);
            LOGGER.error(format);
            throw new InvalidTokenException(format);
        }
        if (this.tokenOperateResolver.isValid(readByRefreshToken)) {
            return readByRefreshToken;
        }
        removeExpiredRefreshToken(readByRefreshToken);
        String format2 = MessageFormat.format("refreshToken with id [{0}] has expired.", str);
        LOGGER.error(format2);
        throw new ExpiredTokenException(format2);
    }

    public SimpleAccessRefreshToken refreshAccessToken(SimpleRefreshToken simpleRefreshToken, PrincipalInfo principalInfo, Session session) {
        SimpleAccessToken doCreateAccessToken = doCreateAccessToken(principalInfo, this.tokenInfo, session.getId());
        removeInvalidAccessToken(simpleRefreshToken.getAccessToken());
        simpleRefreshToken.setAccessToken(doCreateAccessToken.getAccessToken());
        this.tokenDAO.updateAccessToken(doCreateAccessToken);
        this.tokenDAO.updateRefreshToken(simpleRefreshToken);
        session.setAttribute(TokenSessionContext.SIMPLE_ACCESS_TOKEN_KEY, doCreateAccessToken);
        session.setAttribute(TokenSessionContext.SIMPLE_REFRESH_TOKEN_KEY, simpleRefreshToken);
        return new SimpleAccessRefreshToken(doCreateAccessToken, simpleRefreshToken);
    }

    public void stopToken(ExposedTokenAccess exposedTokenAccess) {
        SimpleAccessToken accessToken = exposedTokenAccess.getAccessToken();
        SimpleRefreshToken refreshToken = exposedTokenAccess.getRefreshToken();
        if (accessToken != null) {
            removeExpiredAccessToken(accessToken);
        }
        if (refreshToken != null) {
            removeExpiredRefreshToken(refreshToken);
        }
    }

    @Override // cn.zifangsky.easylimit.session.impl.support.CookieWebSessionManager, cn.zifangsky.easylimit.session.impl.AbstractWebSessionManager
    protected void doStopped(Session session) {
        removeExpiredAccessToken(session);
    }

    @Override // cn.zifangsky.easylimit.session.impl.support.CookieWebSessionManager, cn.zifangsky.easylimit.session.impl.AbstractWebSessionManager
    protected void doExpired(Session session) {
        removeExpiredAccessToken(session);
    }

    @Override // cn.zifangsky.easylimit.session.impl.support.CookieWebSessionManager, cn.zifangsky.easylimit.session.impl.AbstractWebSessionManager
    public Serializable getSessionId(ServletRequest servletRequest, ServletResponse servletResponse) throws TokenException {
        String accessTokenFromRequest;
        if (servletRequest == null || !(servletRequest instanceof HttpServletRequest)) {
            return null;
        }
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        Serializable serializable = null;
        if (isEnableSessionIdCookie()) {
            serializable = getCookieSessionId(httpServletRequest);
        }
        if (serializable == null && (accessTokenFromRequest = getAccessTokenFromRequest(httpServletRequest)) != null) {
            SimpleAccessToken readByAccessToken = this.tokenDAO.readByAccessToken(accessTokenFromRequest);
            if (readByAccessToken == null) {
                String format = MessageFormat.format("SimpleAccessToken cannot be retrieved with accessToken[{0}].", accessTokenFromRequest);
                LOGGER.error(format);
                throw new InvalidTokenException(format);
            }
            if (!this.tokenOperateResolver.isValid(readByAccessToken)) {
                removeExpiredAccessToken(readByAccessToken);
                String format2 = MessageFormat.format("accessToken with id [{0}] has expired.", accessTokenFromRequest);
                LOGGER.error(format2);
                throw new ExpiredTokenException(format2);
            }
            serializable = readByAccessToken.getSessionId();
        }
        return serializable;
    }

    protected SimpleAccessToken doCreateAccessToken(PrincipalInfo principalInfo, TokenInfo tokenInfo, Serializable serializable) {
        if (this.tokenRetriesTimes <= 0) {
            throw new IllegalArgumentException("Parameter tokenRetriesTimes cannot be less than or equal to zero.");
        }
        for (int i = 0; i < this.tokenRetriesTimes; i++) {
            SimpleAccessToken createAccessToken = this.tokenOperateResolver.createAccessToken(principalInfo, tokenInfo, serializable);
            if (createAccessToken != null && createAccessToken.getAccessToken() != null && this.tokenDAO.readByAccessToken(createAccessToken.getAccessToken()) == null) {
                return createAccessToken;
            }
        }
        throw new TokenException(MessageFormat.format("The available access_token cannot be created within {0} times.", Integer.valueOf(this.tokenRetriesTimes)));
    }

    protected SimpleRefreshToken doCreateRefreshToken(ValidatedInfo validatedInfo, TokenInfo tokenInfo, String str) {
        if (this.tokenRetriesTimes <= 0) {
            throw new IllegalArgumentException("Parameter tokenRetriesTimes cannot be less than or equal to zero.");
        }
        for (int i = 0; i < this.tokenRetriesTimes; i++) {
            SimpleRefreshToken createRefreshToken = this.tokenOperateResolver.createRefreshToken(validatedInfo, tokenInfo, str);
            if (createRefreshToken != null && createRefreshToken.getRefreshToken() != null && this.tokenDAO.readByRefreshToken(createRefreshToken.getRefreshToken()) == null) {
                return createRefreshToken;
            }
        }
        throw new TokenException(MessageFormat.format("The available refresh_token cannot be created within {0} times.", Integer.valueOf(this.tokenRetriesTimes)));
    }

    protected String getAccessTokenFromRequest(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter(this.tokenInfo.getAccessTokenParamName());
        if (parameter == null) {
            parameter = httpServletRequest.getHeader(this.tokenInfo.getAccessTokenParamName());
            if (parameter == null) {
                String header = httpServletRequest.getHeader("Authorization");
                if (StringUtils.isNoneBlank(new CharSequence[]{header})) {
                    parameter = header;
                }
            }
        }
        if (parameter == null) {
            LOGGER.debug("Cannot get access_token from request.");
        }
        return parameter;
    }

    protected void onCreateAccessToken(PrincipalInfo principalInfo, SimpleAccessToken simpleAccessToken) {
        this.tokenDAO.deleteOldAccessToken(principalInfo.getAccount());
        this.tokenDAO.updateAccessToken(simpleAccessToken);
    }

    protected void onCreateRefreshToken(SimpleAccessToken simpleAccessToken, SimpleRefreshToken simpleRefreshToken) {
        this.tokenDAO.deleteOldRefreshToken(simpleAccessToken.getAccessToken());
        this.tokenDAO.updateRefreshToken(simpleRefreshToken);
    }

    protected void removeExpiredAccessToken(Session session) {
        SimpleAccessToken simpleAccessToken = (SimpleAccessToken) session.getAttribute(TokenSessionContext.SIMPLE_ACCESS_TOKEN_KEY);
        if (simpleAccessToken != null) {
            removeExpiredAccessToken(simpleAccessToken);
        }
    }

    protected void removeExpiredAccessToken(SimpleAccessToken simpleAccessToken) {
        removeInvalidAccessToken(simpleAccessToken.getAccessToken());
    }

    protected void removeInvalidAccessToken(String str) {
        LOGGER.info(MessageFormat.format("Access Token [{0}] has invalid.", str));
        this.tokenDAO.deleteAccessToken(str);
    }

    protected void removeExpiredRefreshToken(SimpleRefreshToken simpleRefreshToken) {
        LOGGER.info(MessageFormat.format("Refresh Token [{0}] has invalid.", simpleRefreshToken.getRefreshToken()));
        this.tokenDAO.deleteRefreshToken(simpleRefreshToken.getRefreshToken());
    }

    @Override // cn.zifangsky.easylimit.session.impl.AbstractSessionManager
    @Deprecated
    public void setGlobalTimeout(Long l) {
    }

    @Override // cn.zifangsky.easylimit.session.impl.AbstractSessionManager
    @Deprecated
    public void setGlobalTimeoutChronoUnit(ChronoUnit chronoUnit) {
    }

    public TokenOperateResolver getTokenOperateResolver() {
        return this.tokenOperateResolver;
    }

    public void setTokenOperateResolver(TokenOperateResolver tokenOperateResolver) {
        this.tokenOperateResolver = tokenOperateResolver;
    }

    public TokenDAO getTokenDAO() {
        return this.tokenDAO;
    }

    public void setTokenDAO(TokenDAO tokenDAO) {
        this.tokenDAO = tokenDAO;
    }

    public int getTokenRetriesTimes() {
        return this.tokenRetriesTimes;
    }

    public void setTokenRetriesTimes(int i) {
        this.tokenRetriesTimes = i;
    }

    public TokenInfo getTokenInfo() {
        return this.tokenInfo;
    }

    public void setTokenInfo(TokenInfo tokenInfo) {
        this.tokenInfo = tokenInfo;
    }
}
