package com.baomidou.kisso.service;

import com.baomidou.kisso.SSOCache;
import com.baomidou.kisso.SSOConfig;
import com.baomidou.kisso.SSOPlugin;
import com.baomidou.kisso.common.Browser;
import com.baomidou.kisso.common.CookieHelper;
import com.baomidou.kisso.common.IpHelper;
import com.baomidou.kisso.common.SSOConstants;
import com.baomidou.kisso.common.util.StringPool;
import com.baomidou.kisso.enums.TokenFlag;
import com.baomidou.kisso.exception.KissoException;
import com.baomidou.kisso.security.token.SSOToken;
import com.baomidou.kisso.security.token.Token;
import java.util.List;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/baomidou/kisso/service/KissoServiceSupport.class */
public class KissoServiceSupport {
    protected Logger logger = LoggerFactory.getLogger(getClass());
    protected SSOConfig config;

    public <T extends SSOToken> T attrSSOToken(HttpServletRequest httpServletRequest) {
        return (T) httpServletRequest.getAttribute(SSOConstants.SSO_TOKEN_ATTR);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SSOToken cacheSSOToken(HttpServletRequest httpServletRequest, SSOCache sSOCache) {
        if (sSOCache != null) {
            SSOToken sSOTokenFromCookie = getSSOTokenFromCookie(httpServletRequest);
            if (sSOTokenFromCookie == null) {
                return null;
            }
            SSOToken sSOToken = sSOCache.get(sSOTokenFromCookie.toCacheKey(), this.config.getCacheExpires());
            if (sSOToken == null) {
                this.logger.debug("cacheSSOToken SSOToken is null.");
                return null;
            }
            if (sSOToken.getFlag() != TokenFlag.CACHE_SHUT) {
                if (sSOTokenFromCookie.getTime() / SSOConstants.JWT_TIMESTAMP_CUT.longValue() == sSOToken.getTime() / SSOConstants.JWT_TIMESTAMP_CUT.longValue()) {
                    return sSOToken;
                }
                this.logger.debug("Login time is not consistent or kicked out.");
                httpServletRequest.setAttribute(SSOConstants.SSO_KICK_FLAG, SSOConstants.SSO_KICK_USER);
                return null;
            }
        }
        return getSSOToken(httpServletRequest, this.config.getCookieName());
    }

    protected SSOToken getSSOToken(HttpServletRequest httpServletRequest, String str) {
        String header = httpServletRequest.getHeader(this.config.getAccessTokenName());
        if (null != header && !StringPool.EMPTY.equals(header)) {
            return SSOToken.parser(header, true);
        }
        Cookie findCookieByName = CookieHelper.findCookieByName(httpServletRequest, str);
        if (null != findCookieByName) {
            return SSOToken.parser(findCookieByName.getValue(), false);
        }
        this.logger.debug("Unauthorized login request, ip=" + IpHelper.getIpAddr(httpServletRequest));
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SSOToken checkIpBrowser(HttpServletRequest httpServletRequest, SSOToken sSOToken) {
        if (null == sSOToken) {
            return null;
        }
        if (this.config.isCookieBrowser() && !Browser.isLegalUserAgent(httpServletRequest, sSOToken.getUserAgent())) {
            this.logger.info("The request browser is inconsistent.");
            return null;
        }
        if (this.config.isCookieCheckip()) {
            String ipAddr = IpHelper.getIpAddr(httpServletRequest);
            if (sSOToken != null && ipAddr != null && !ipAddr.equals(sSOToken.getIp())) {
                this.logger.info(String.format("ip inconsistent! return SSOToken null, SSOToken userIp:%s, reqIp:%s", sSOToken.getIp(), ipAddr));
                return null;
            }
        }
        return sSOToken;
    }

    public SSOToken getSSOTokenFromCookie(HttpServletRequest httpServletRequest) {
        SSOToken attrSSOToken = attrSSOToken(httpServletRequest);
        if (attrSSOToken == null) {
            attrSSOToken = getSSOToken(httpServletRequest, this.config.getCookieName());
        }
        return attrSSOToken;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Cookie generateCookie(HttpServletRequest httpServletRequest, Token token) {
        try {
            Cookie cookie = new Cookie(this.config.getCookieName(), token.getToken());
            cookie.setPath(this.config.getCookiePath());
            cookie.setSecure(this.config.isCookieSecure());
            String cookieDomain = this.config.getCookieDomain();
            if (null != cookieDomain) {
                cookie.setDomain(cookieDomain);
                if (StringPool.EMPTY.equals(cookieDomain) || cookieDomain.contains("localhost")) {
                    this.logger.warn("if you can't login, please enter normal domain. instead:" + cookieDomain);
                }
            }
            int cookieMaxage = this.config.getCookieMaxage();
            Integer num = (Integer) httpServletRequest.getAttribute(SSOConstants.SSO_COOKIE_MAXAGE);
            if (num != null) {
                cookieMaxage = num.intValue();
            }
            if (cookieMaxage >= 0) {
                cookie.setMaxAge(cookieMaxage);
            }
            return cookie;
        } catch (Exception e) {
            throw new KissoException("Generate sso cookie exception ", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SSOCache sSOCache) {
        SSOToken sSOTokenFromCookie;
        if (sSOCache != null && !SSOConstants.SSO_KICK_USER.equals(httpServletRequest.getAttribute(SSOConstants.SSO_KICK_FLAG)) && (sSOTokenFromCookie = getSSOTokenFromCookie(httpServletRequest)) != null && !sSOCache.delete(sSOTokenFromCookie.toCacheKey())) {
            sSOCache.delete(sSOTokenFromCookie.toCacheKey());
        }
        List<SSOPlugin> pluginList = this.config.getPluginList();
        if (pluginList != null) {
            for (SSOPlugin sSOPlugin : pluginList) {
                if (!sSOPlugin.logout(httpServletRequest, httpServletResponse)) {
                    sSOPlugin.logout(httpServletRequest, httpServletResponse);
                }
            }
        }
        return CookieHelper.clearCookieByName(httpServletRequest, httpServletResponse, this.config.getCookieName(), this.config.getCookieDomain(), this.config.getCookiePath());
    }
}
