package cn.dev33.satoken.sso;

import cn.dev33.satoken.SaManager;
import cn.dev33.satoken.config.SaSsoConfig;
import cn.dev33.satoken.context.SaHolder;
import cn.dev33.satoken.context.model.SaRequest;
import cn.dev33.satoken.context.model.SaResponse;
import cn.dev33.satoken.exception.SaTokenException;
import cn.dev33.satoken.sso.SaSsoConsts;
import cn.dev33.satoken.stp.StpLogic;
import cn.dev33.satoken.util.SaFoxUtil;
import cn.dev33.satoken.util.SaResult;

/* loaded from: input_file:cn/dev33/satoken/sso/SaSsoHandle.class */
public class SaSsoHandle {
    public static Object serverRequest() {
        SaRequest request = SaHolder.getRequest();
        SaSsoConfig sso = SaManager.getConfig().getSso();
        return request.isPath(SaSsoConsts.Api.ssoAuth) ? ssoAuth() : request.isPath(SaSsoConsts.Api.ssoDoLogin) ? ssoDoLogin() : (request.isPath(SaSsoConsts.Api.ssoCheckTicket) && sso.isHttp.booleanValue()) ? ssoCheckTicket() : (request.isPath(SaSsoConsts.Api.ssoLogout) && sso.isSlo.booleanValue() && !request.hasParam(SaSsoConsts.ParamName.loginId)) ? ssoServerLogoutType1() : (request.isPath(SaSsoConsts.Api.ssoLogout) && sso.isHttp.booleanValue() && sso.isSlo.booleanValue() && request.hasParam(SaSsoConsts.ParamName.loginId)) ? ssoServerLogout() : SaSsoConsts.NOT_HANDLE;
    }

    public static Object ssoAuth() {
        SaRequest request = SaHolder.getRequest();
        SaResponse response = SaHolder.getResponse();
        SaSsoConfig sso = SaManager.getConfig().getSso();
        StpLogic stpLogic = SaSsoUtil.saSsoTemplate.stpLogic;
        if (!stpLogic.isLogin()) {
            return sso.notLoginView.get();
        }
        if (!request.getParam(SaSsoConsts.ParamName.mode, "").equals(SaSsoConsts.MODE_SIMPLE)) {
            return response.redirect(SaSsoUtil.buildRedirectUrl(stpLogic.getLoginId(), request.getParam(SaSsoConsts.ParamName.redirect)));
        }
        String param = request.getParam(SaSsoConsts.ParamName.redirect);
        SaSsoUtil.checkRedirectUrl(param);
        return response.redirect(param);
    }

    public static Object ssoDoLogin() {
        SaRequest request = SaHolder.getRequest();
        return SaManager.getConfig().getSso().doLoginHandle.apply(request.getParam(SaSsoConsts.ParamName.name), request.getParam(SaSsoConsts.ParamName.pwd));
    }

    public static Object ssoCheckTicket() {
        SaRequest request = SaHolder.getRequest();
        String param = request.getParam(SaSsoConsts.ParamName.ticket);
        String param2 = request.getParam(SaSsoConsts.ParamName.ssoLogoutCall);
        Object checkTicket = SaSsoUtil.checkTicket(param);
        SaSsoUtil.registerSloCallbackUrl(checkTicket, param2);
        return checkTicket;
    }

    public static Object ssoServerLogoutType1() {
        SaRequest request = SaHolder.getRequest();
        SaResponse response = SaHolder.getResponse();
        SaSsoUtil.saSsoTemplate.stpLogic.logout();
        return ssoLogoutBack(request, response);
    }

    public static Object ssoServerLogout() {
        SaRequest request = SaHolder.getRequest();
        SaSsoConfig sso = SaManager.getConfig().getSso();
        StpLogic stpLogic = SaSsoUtil.saSsoTemplate.stpLogic;
        String param = request.getParam(SaSsoConsts.ParamName.loginId);
        SaSsoUtil.checkSecretkey(request.getParam(SaSsoConsts.ParamName.secretkey));
        SaSsoUtil.forEachSloUrl(param, str -> {
            sso.sendHttp.apply(str);
        });
        stpLogic.logout(param);
        return SaSsoConsts.OK;
    }

    public static Object clientRequest() {
        SaRequest request = SaHolder.getRequest();
        SaSsoConfig sso = SaManager.getConfig().getSso();
        return request.isPath(SaSsoConsts.Api.ssoLogin) ? ssoLogin() : (request.isPath(SaSsoConsts.Api.ssoLogout) && sso.isSlo.booleanValue() && !sso.isHttp.booleanValue()) ? ssoLogoutType2() : (request.isPath(SaSsoConsts.Api.ssoLogout) && sso.isSlo.booleanValue() && sso.isHttp.booleanValue()) ? ssoLogoutType3() : (request.isPath(SaSsoConsts.Api.ssoLogoutCall) && sso.isSlo.booleanValue() && sso.isHttp.booleanValue()) ? ssoLogoutCall() : SaSsoConsts.NOT_HANDLE;
    }

    public static Object ssoLogin() {
        SaRequest request = SaHolder.getRequest();
        SaResponse response = SaHolder.getResponse();
        SaSsoConfig sso = SaManager.getConfig().getSso();
        StpLogic stpLogic = SaSsoUtil.saSsoTemplate.stpLogic;
        String param = request.getParam(SaSsoConsts.ParamName.back, "/");
        String param2 = request.getParam(SaSsoConsts.ParamName.ticket);
        if (stpLogic.isLogin()) {
            return response.redirect(param);
        }
        if (param2 == null) {
            return response.redirect(SaSsoUtil.buildServerAuthUrl(SaHolder.getRequest().getUrl(), param));
        }
        Object checkTicket = checkTicket(param2, SaSsoConsts.Api.ssoLogin);
        if (sso.ticketResultHandle != null) {
            return sso.ticketResultHandle.apply(checkTicket, param);
        }
        if (checkTicket == null) {
            throw new SaTokenException("无效ticket：" + param2);
        }
        stpLogic.login(checkTicket);
        return response.redirect(param);
    }

    public static Object ssoLogoutType2() {
        SaRequest request = SaHolder.getRequest();
        SaResponse response = SaHolder.getResponse();
        SaSsoUtil.saSsoTemplate.stpLogic.logout();
        return ssoLogoutBack(request, response);
    }

    public static Object ssoLogoutType3() {
        SaRequest request = SaHolder.getRequest();
        SaResponse response = SaHolder.getResponse();
        SaSsoConfig sso = SaManager.getConfig().getSso();
        StpLogic stpLogic = SaSsoUtil.saSsoTemplate.stpLogic;
        if (stpLogic.isLogin()) {
            return !SaSsoConsts.OK.equals(String.valueOf(sso.sendHttp.apply(SaSsoUtil.buildSloUrl(stpLogic.getLoginId())))) ? SaResult.error("单点注销失败") : ssoLogoutBack(request, response);
        }
        return SaResult.ok();
    }

    public static Object ssoLogoutCall() {
        SaRequest request = SaHolder.getRequest();
        StpLogic stpLogic = SaSsoUtil.saSsoTemplate.stpLogic;
        String param = request.getParam(SaSsoConsts.ParamName.loginId);
        SaSsoUtil.checkSecretkey(request.getParam(SaSsoConsts.ParamName.secretkey));
        stpLogic.logoutByTokenValue(stpLogic.getTokenValueByLoginId(param));
        return SaSsoConsts.OK;
    }

    public static Object ssoLogoutBack(SaRequest saRequest, SaResponse saResponse) {
        String param = saRequest.getParam(SaSsoConsts.ParamName.back);
        return SaFoxUtil.isNotEmpty(param) ? param.equals(SaSsoConsts.SELF) ? "<script>if(document.referrer != location.href){ location.replace(document.referrer || '/'); }</script>" : saResponse.redirect(param) : SaResult.ok("单点注销成功");
    }

    public static Object checkTicket(String str, String str2) {
        SaSsoConfig sso = SaManager.getConfig().getSso();
        if (!sso.isHttp.booleanValue()) {
            return SaSsoUtil.checkTicket(str);
        }
        String str3 = null;
        if (sso.isSlo.booleanValue()) {
            str3 = SaHolder.getRequest().getUrl().replace(str2, SaSsoConsts.Api.ssoLogoutCall);
        }
        Object apply = sso.sendHttp.apply(SaSsoUtil.buildCheckTicketUrl(str, str3));
        if (SaFoxUtil.isEmpty(apply)) {
            return null;
        }
        return apply;
    }
}
