package cn.dreampie.security;

import cn.dreampie.common.http.HttpRequest;
import cn.dreampie.common.http.HttpResponse;
import cn.dreampie.common.util.Maper;
import cn.dreampie.common.util.json.Jsoner;
import cn.dreampie.log.Logger;
import cn.dreampie.security.Sessions;
import cn.dreampie.security.credential.Credentials;
import cn.dreampie.security.sign.CookieSigner;
import cn.dreampie.security.sign.Signer;
import java.util.Map;

/* loaded from: input_file:cn/dreampie/security/SessionBuilder.class */
public class SessionBuilder {
    private static final Logger logger = Logger.getLogger(SessionBuilder.class);
    private static final String ANONYMOUS = "anonymous";
    private final Sessions sessions;
    private final Signer signer = new CookieSigner();
    private final SessionCookieDescriptor sessionCookieDescriptor = new SessionCookieDescriptor();
    private final Session emptySession = new Session();

    public SessionBuilder(long j, int i, int i2, AuthenticateService authenticateService) {
        this.sessions = new Sessions(j, i);
        Subject.init(i2, new Credentials(authenticateService, j), authenticateService.getPasswordService());
    }

    public Session in(HttpRequest httpRequest) {
        Session buildSession = buildSession(httpRequest);
        Subject.updateCurrent(buildSession);
        return buildSession;
    }

    public Session out(Session session, HttpResponse httpResponse) {
        Session current = Subject.current();
        String sessionKey = current.getSessionKey();
        Principal principal = current.getPrincipal();
        String username = principal != null ? principal.getUsername() : getAnonymousName(current);
        if (current != session) {
            updateCookie(httpResponse, current);
            String sessionKey2 = session.getSessionKey();
            Principal principal2 = session.getPrincipal();
            this.sessions.update(principal2 != null ? principal2.getUsername() : getAnonymousName(session), sessionKey2, username, sessionKey, current);
        } else {
            this.sessions.update(username, sessionKey, current);
        }
        return current;
    }

    private Session getSession(HttpRequest httpRequest, Session session) {
        String header = httpRequest.getHeader("User-Agent");
        session.set(Maper.of(Sessions.ADDRESS_KEY, httpRequest.getClientAddress(), Sessions.AGENT_KEY, header == null ? "Unknown" : header));
        return session;
    }

    private String getAnonymousName(Session session) {
        return "anonymous@" + session.get(Sessions.ADDRESS_KEY);
    }

    private Session buildSession(HttpRequest httpRequest) {
        String cookieValue = httpRequest.getCookieValue(this.sessionCookieDescriptor.getCookieName());
        if (cookieValue != null) {
            logger.debug("Session cookie was: %s.", new Object[]{cookieValue});
            String cookieValue2 = httpRequest.getCookieValue(this.sessionCookieDescriptor.getCookieSignatureName());
            logger.debug("Session signature was: %s.", new Object[]{cookieValue2});
            if (cookieValue2 == null || !this.signer.verify(cookieValue, cookieValue2)) {
                logger.warn("Invalid session signature. session was: %s. Ignoring session cookie.", new Object[]{cookieValue});
            } else {
                Map copyOf = Maper.copyOf(readCookies(cookieValue));
                String str = (String) copyOf.get(Principal.PRINCIPAL_DEF_KEY);
                if (str == null || "".equals(str.trim())) {
                    logger.warn("Invalid username. session was: %s. Ignoring session cookie.", new Object[]{cookieValue});
                } else {
                    Sessions.SessionDatas sessionDatas = this.sessions.get(str);
                    if (sessionDatas != null) {
                        Sessions.SessionData sessionData = sessionDatas.getSessionData((String) copyOf.get(Session.SESSION_DEF_KEY));
                        if (sessionData != null) {
                            logger.debug("Found session success. username was: %s.", new Object[]{str});
                            return sessionData.getSession();
                        }
                    } else {
                        logger.warn("Invalid user session. session was: %s. Ignoring session cookie.", new Object[]{cookieValue});
                    }
                }
            }
        }
        return getSession(httpRequest, this.emptySession);
    }

    private Map<String, String> readCookies(String str) {
        return (Map) Jsoner.toObject(str, Map.class);
    }

    private void updateCookie(HttpResponse httpResponse, Session session) {
        Map<String, String> cookiesMap = getCookiesMap(session);
        if (cookiesMap.isEmpty()) {
            httpResponse.clearCookie(this.sessionCookieDescriptor.getCookieName());
            httpResponse.clearCookie(this.sessionCookieDescriptor.getCookieSignatureName());
        } else {
            for (Map.Entry<String, String> entry : cookiesMap.entrySet()) {
                httpResponse.addCookie(entry.getKey(), entry.getValue(), (int) (session.getExpires() > 0 ? session.getExpires() / 1000 : session.getExpires()));
            }
        }
    }

    private Map<String, String> getCookiesMap(Session session) {
        Map of = Maper.of(Session.SESSION_DEF_KEY, session.getSessionKey());
        Principal principal = session.getPrincipal();
        if (principal != null) {
            of.put(Principal.PRINCIPAL_DEF_KEY, principal.getUsername());
        } else {
            of.put(Principal.PRINCIPAL_DEF_KEY, getAnonymousName(session));
        }
        String json = Jsoner.toJSON(of);
        String sign = this.signer.sign(json);
        logger.info("Save cookie " + this.sessionCookieDescriptor.getCookieName() + ": " + json + ", " + this.sessionCookieDescriptor.getCookieSignatureName() + ": " + sign);
        return Maper.of(this.sessionCookieDescriptor.getCookieName(), json, this.sessionCookieDescriptor.getCookieSignatureName(), sign);
    }
}
