package com.cyber.infrastructure.interceptor;

import com.alibaba.fastjson.JSONObject;
import com.cyber.domain.constant.HttpResultCode;
import com.cyber.domain.entity.AuthingToken;
import com.cyber.infrastructure.toolkit.Responses;
import com.cyber.infrastructure.toolkit.ThreadLocals;
import com.google.common.cache.Cache;
import com.google.common.cache.CacheBuilder;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import java.util.HashSet;
import java.util.concurrent.TimeUnit;
import javax.crypto.spec.SecretKeySpec;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;
import org.springframework.util.CollectionUtils;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.util.WebUtils;

@Component
/* loaded from: input_file:com/cyber/infrastructure/interceptor/AuthingTokenInterceptor.class */
public class AuthingTokenInterceptor implements HandlerInterceptor {
    private static final Logger LOGGER = LoggerFactory.getLogger(AuthingTokenInterceptor.class);
    private static final String BASIC_JWT_TOKEN_PREFIX = "Basic ";
    Cache<String, String> jwtTokenStringCache = CacheBuilder.newBuilder().maximumSize(2).expireAfterWrite(5, TimeUnit.MINUTES).build();
    Cache<String, AuthingToken> jwtTokenCache = CacheBuilder.newBuilder().maximumSize(2).expireAfterWrite(5, TimeUnit.MINUTES).build();

    @Value("${acl.jwt.secret:ABCDEFGHIJKLMNOPQRSTUVMXYZABCDEFGHIJKLMNOPQRSTUVMXYZABCDEFGHIJKLMNOPQRSTUVMXYZABCDEFGHIJKLMNOPQRSTUVMXYZ}")
    private String jwtSecret;

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        if (checkAuthingToken(httpServletRequest, httpServletResponse)) {
            LOGGER.debug("JWTToken Interceptor, check JWTToken Success ... ");
            return true;
        }
        LOGGER.debug("JWTToken Interceptor, check JWTToken Fail ... ");
        return false;
    }

    public boolean checkAuthingToken(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String str = null;
        Cookie cookie = WebUtils.getCookie(httpServletRequest, "x-client-jwt-token");
        if (cookie != null) {
            LOGGER.debug("Get [X_CLIENT_JWT_TOKEN] From HttpServletRequest Cookie ... ");
            str = cookie.getValue();
        }
        if (StringUtils.isEmpty(str)) {
            LOGGER.debug("Get [X_CLIENT_JWT_TOKEN] From HttpServletRequest Header ... ");
            str = httpServletRequest.getHeader("x-client-jwt-token");
        }
        if (StringUtils.isEmpty(str)) {
            LOGGER.info("Get [X_CLIENT_JWT_TOKEN] From HttpServletRequest,But Empty ... ");
            Responses.response(httpServletResponse, HttpResultCode.BAD_AUTH);
            return false;
        }
        if (str.startsWith(BASIC_JWT_TOKEN_PREFIX)) {
            str = str.substring(BASIC_JWT_TOKEN_PREFIX.length());
        }
        String str2 = (String) this.jwtTokenStringCache.getIfPresent("x-client-jwt-token");
        if (StringUtils.isNoneEmpty(new CharSequence[]{str2}) && str2.equals(str)) {
            AuthingToken authingToken = (AuthingToken) this.jwtTokenCache.getIfPresent("x-client-token-user");
            if (authingToken != null) {
                LOGGER.info("Get [X_CLIENT_TOKEN_USER] From Local Cache ... ");
                ThreadLocals.put("x-client-token-user", authingToken);
                return true;
            }
            LOGGER.info("Get [X_CLIENT_TOKEN_USER] From Local Cache, But Empty ... ");
        }
        AuthingToken<JSONObject> claim2Token = claim2Token(str);
        if (claim2Token == null) {
            LOGGER.info("Get [X_CLIENT_TOKEN_USER] From jwtToken String ... ");
            Responses.response(httpServletResponse, HttpResultCode.SERVER_ERROR);
            return false;
        }
        this.jwtTokenStringCache.put("x-client-jwt-token", str);
        this.jwtTokenCache.put("x-client-token-user", claim2Token);
        ThreadLocals.put("x-client-token-user", claim2Token);
        return true;
    }

    private AuthingToken<JSONObject> claim2Token(String str) {
        String str2;
        Claims claims = (Claims) Jwts.parser().setSigningKey(new SecretKeySpec(this.jwtSecret.getBytes(), SignatureAlgorithm.HS512.getJcaName())).parseClaimsJws(str).getBody();
        AuthingToken<JSONObject> authingToken = new AuthingToken<>();
        authingToken.setJwtToken(str);
        try {
            str2 = (String) claims.get("session_id", String.class);
        } catch (Exception e) {
            LOGGER.error("Get Token From Claims, But Exception... ");
        }
        if (StringUtils.isEmpty(str2)) {
            LOGGER.debug("Get [session_id] Token Id From Claims, But Empty... ");
            return null;
        }
        authingToken.setSessionId(str2);
        String str3 = (String) claims.get("session_name", String.class);
        if (StringUtils.isEmpty(str3)) {
            LOGGER.debug("Get [sessionName] From Claims, But Empty... ");
            return null;
        }
        authingToken.setSessionName(str3);
        String str4 = (String) claims.get("device_id", String.class);
        if (StringUtils.isEmpty(str4)) {
            LOGGER.debug("Get [deviceId] From Claims, But Empty... ");
        }
        authingToken.setDeviceId(str4);
        String str5 = (String) claims.get("token", String.class);
        if (StringUtils.isEmpty(str5)) {
            LOGGER.debug("Get [token] From Claims, But Empty... ");
        }
        authingToken.setToken(str5);
        HashSet hashSet = (HashSet) claims.get("roles", HashSet.class);
        if (CollectionUtils.isEmpty(hashSet)) {
            LOGGER.debug("Get [roles] From Claims, But Empty... ");
        }
        authingToken.setRoles(hashSet);
        JSONObject jSONObject = (JSONObject) claims.get("user", JSONObject.class);
        if (jSONObject == null) {
            LOGGER.debug("Get [user] From Claims, But Empty... ");
        }
        authingToken.setUser(jSONObject);
        return authingToken;
    }

    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, Exception exc) throws Exception {
        ThreadLocals.reset();
    }
}
