package cn.ibaijia.jsm.auth;

import cn.ibaijia.jsm.annotation.RestAnn;
import cn.ibaijia.jsm.consts.BaseConstants;
import cn.ibaijia.jsm.context.AppContext;
import cn.ibaijia.jsm.context.JsmConfigurer;
import cn.ibaijia.jsm.context.WebContext;
import cn.ibaijia.jsm.context.session.Session;
import cn.ibaijia.jsm.exception.AuthFailException;
import cn.ibaijia.jsm.exception.NoLoginException;
import cn.ibaijia.jsm.exception.NoPermissionException;
import cn.ibaijia.jsm.utils.DateUtil;
import cn.ibaijia.jsm.utils.EncryptUtil;
import cn.ibaijia.jsm.utils.LogUtil;
import cn.ibaijia.jsm.utils.RequestUtil;
import cn.ibaijia.jsm.utils.StringUtil;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:cn/ibaijia/jsm/auth/WebAuth.class */
public class WebAuth implements Auth {
    private Logger logger = LogUtil.log(WebAuth.class);

    @Override // cn.ibaijia.jsm.auth.Auth
    public String checkAuth(HttpServletRequest httpServletRequest, RestAnn restAnn, boolean z) {
        String str;
        if (AppContext.getSessionType().equals("default")) {
            str = (String) WebContext.getRequest().getSession().getAttribute(Session.SESSION_PREFIX);
            if (str == null) {
                throw new NoLoginException();
            }
        } else {
            String str2 = RequestUtil.get(httpServletRequest, WebContext.JSM_AT);
            String str3 = RequestUtil.get(httpServletRequest, WebContext.JSM_HT);
            this.logger.debug("checkSession, auth type {},at {}, ht {}", new Object[]{restAnn.authType(), str2, str3});
            str = decodeWebToken(str2, str3, httpServletRequest);
            if (StringUtil.isEmpty(str)) {
                if (z) {
                    return str;
                }
                throw new AuthFailException();
            }
        }
        Session session = new Session(str);
        if (session.isExpire()) {
            if (z) {
                return str;
            }
            throw new NoLoginException();
        }
        session.needLive();
        httpServletRequest.setAttribute(BaseConstants.SESSION_ATTR_KEY, session);
        if (z || StringUtil.isEmpty(restAnn.permission()) || JsmConfigurer.getWebJsmSecurityService().hasPermission(restAnn.permission())) {
            return str;
        }
        throw new NoPermissionException();
    }

    private String decodeWebToken(String str, String str2, HttpServletRequest httpServletRequest) {
        String str3 = null;
        try {
            if (!StringUtil.isEmpty(str) && !StringUtil.isEmpty(str2)) {
                String base64Decode = EncryptUtil.base64Decode(str);
                if (base64Decode == null || !base64Decode.contains("_")) {
                    this.logger.error("illegal auth: {}", str);
                    return null;
                }
                String[] split = base64Decode.split("_");
                str3 = split[0];
                String str4 = split[1];
                Long valueOf = Long.valueOf(str4);
                long longValue = DateUtil.currentTime().longValue();
                long abs = Math.abs(longValue - valueOf.longValue());
                if (abs > AppContext.getAtExpireTime()) {
                    this.logger.error("sTime {} - cTime {} = {}", new Object[]{Long.valueOf(longValue), valueOf, Long.valueOf(abs)});
                    return null;
                }
                String base64Encode = EncryptUtil.base64Encode(str3 + "_" + str4);
                if (!base64Encode.equals(str)) {
                    this.logger.error("sAt {} != at {}", new Object[]{base64Encode, str});
                    return null;
                }
                String md5 = EncryptUtil.md5(str3 + "_" + str4);
                if (!md5.equals(str2)) {
                    this.logger.error("sHt {} != ht {}", new Object[]{md5, str2});
                    return null;
                }
            }
            if (AppContext.isDevModel() && StringUtil.isEmpty(str3)) {
                str3 = RequestUtil.get(httpServletRequest, WebContext.JSM_TOKEN);
                if (!StringUtil.isEmpty(str3)) {
                    this.logger.warn("use dev model token:{}", WebContext.JSM_TOKEN);
                }
            }
            httpServletRequest.setAttribute("token", str3);
            return str3;
        } catch (Exception e) {
            this.logger.error("decodeWebToken error!", e);
            return null;
        }
    }
}
