package cn.aotcloud.security.oncetoken.support.simple;

import cn.aotcloud.security.oncetoken.RequestToken;
import cn.aotcloud.security.oncetoken.RequestTokenParser;
import cn.aotcloud.security.oncetoken.RequestTokenUtil;
import cn.aotcloud.utils.HttpServletUtil;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.text.StringEscapeUtils;
import org.springframework.util.NumberUtils;

/* loaded from: input_file:cn/aotcloud/security/oncetoken/support/simple/HeaderRequestTokenParser.class */
public class HeaderRequestTokenParser implements RequestTokenParser {
    private static final String TOKEN_HEADER_NAME = "X-Request-Token";
    private static final String TIME_HEADER_NAME = "X-Request-Time";
    private static final String SIGN_HEADER_NAME = "X-Request-Sign";

    @Override // cn.aotcloud.security.oncetoken.RequestTokenParser
    public RequestToken parse(HttpServletRequest httpServletRequest) {
        RequestToken requestTokenV1 = getRequestTokenV1(httpServletRequest);
        if (RequestTokenUtil.isValidRequestToken(requestTokenV1)) {
            return requestTokenV1;
        }
        return null;
    }

    protected RequestToken getRequestTokenV1(HttpServletRequest httpServletRequest) {
        RequestToken requestToken = new RequestToken();
        String header = HttpServletUtil.getHeader(httpServletRequest, "X-Request-Time");
        if (StringUtils.isNotBlank(header)) {
            requestToken.setCreateTime((Long) NumberUtils.parseNumber(header, Long.class));
        }
        requestToken.setSign(StringEscapeUtils.escapeHtml4(HttpServletUtil.getHeader(httpServletRequest, "X-Request-Sign")));
        requestToken.setToken(StringEscapeUtils.escapeHtml4(HttpServletUtil.getHeader(httpServletRequest, "X-Request-Token")));
        return requestToken;
    }
}
