package cn.herodotus.engine.rest.protect.crypto.processor;

import cn.herodotus.engine.assistant.definition.domain.oauth2.SecretKey;
import cn.herodotus.engine.cache.core.exception.StampHasExpiredException;
import cn.herodotus.engine.cache.jetcache.stamp.AbstractStampManager;
import cn.herodotus.engine.rest.core.definition.crypto.AsymmetricCryptoProcessor;
import cn.herodotus.engine.rest.core.definition.crypto.SymmetricCryptoProcessor;
import cn.herodotus.engine.rest.core.exception.SessionInvalidException;
import java.time.Duration;
import org.apache.commons.lang3.ObjectUtils;
import org.apache.commons.lang3.StringUtils;
import org.dromara.hutool.core.data.id.IdUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:cn/herodotus/engine/rest/protect/crypto/processor/HttpCryptoProcessor.class */
public class HttpCryptoProcessor extends AbstractStampManager<String, SecretKey> {
    private static final Logger log = LoggerFactory.getLogger(HttpCryptoProcessor.class);
    private final AsymmetricCryptoProcessor asymmetricCryptoProcessor;
    private final SymmetricCryptoProcessor symmetricCryptoProcessor;

    public HttpCryptoProcessor(AsymmetricCryptoProcessor asymmetricCryptoProcessor, SymmetricCryptoProcessor symmetricCryptoProcessor) {
        super("cache:token:secure_key:");
        this.asymmetricCryptoProcessor = asymmetricCryptoProcessor;
        this.symmetricCryptoProcessor = symmetricCryptoProcessor;
    }

    public String encrypt(String str, String str2) throws SessionInvalidException {
        try {
            String encrypt = this.symmetricCryptoProcessor.encrypt(str2, getSecretKey(str).getSymmetricKey());
            log.debug("[Herodotus] |- Encrypt content from [{}] to [{}].", str2, encrypt);
            return encrypt;
        } catch (StampHasExpiredException e) {
            log.warn("[Herodotus] |- Session has expired, need recreate.");
            throw new SessionInvalidException();
        } catch (Exception e2) {
            log.warn("[Herodotus] |- Symmetric can not Encrypt content [{}], Skip!", str2);
            return str2;
        }
    }

    public String decrypt(String str, String str2) throws SessionInvalidException {
        try {
            String decrypt = this.symmetricCryptoProcessor.decrypt(str2, getSecretKey(str).getSymmetricKey());
            log.debug("[Herodotus] |- Decrypt content from [{}] to [{}].", str2, decrypt);
            return decrypt;
        } catch (StampHasExpiredException e) {
            log.warn("[Herodotus] |- Session has expired, need recreate.");
            throw new SessionInvalidException();
        } catch (Exception e2) {
            log.warn("[Herodotus] |- Symmetric can not Decrypt content [{}], Skip!", str2);
            return str2;
        }
    }

    public SecretKey createSecretKey(String str, Duration duration) {
        if (StringUtils.isBlank(str)) {
            str = IdUtil.fastUUID();
        }
        return (SecretKey) create(str, getExpire(duration));
    }

    public SecretKey nextStamp(String str) {
        SecretKey createSecretKey = this.asymmetricCryptoProcessor.createSecretKey();
        createSecretKey.setSymmetricKey(this.symmetricCryptoProcessor.createKey());
        createSecretKey.setIdentity(str);
        createSecretKey.setState(IdUtil.fastUUID());
        log.debug("[Herodotus] |- Generate secret key, value is : [{}]", createSecretKey);
        return createSecretKey;
    }

    private boolean isSessionValid(String str) {
        return containKey(str);
    }

    private SecretKey getSecretKey(String str) throws StampHasExpiredException {
        if (isSessionValid(str)) {
            SecretKey secretKey = (SecretKey) get(str);
            if (ObjectUtils.isNotEmpty(secretKey)) {
                log.trace("[Herodotus] |- Decrypt Or Encrypt content use param identity [{}], cached identity is [{}].", str, secretKey.getIdentity());
                return secretKey;
            }
        }
        throw new StampHasExpiredException("SecretKey key is expired!");
    }

    private Duration getExpire(Duration duration) {
        return (ObjectUtils.isEmpty(duration) || duration.isZero()) ? Duration.ofHours(2L) : duration;
    }

    private String decryptFrontendPublicKey(String str, String str2) {
        String decrypt = this.asymmetricCryptoProcessor.decrypt(str, str2);
        log.debug("[Herodotus] |- Decrypt frontend public key, value is : [{}]", decrypt);
        return decrypt;
    }

    private String encryptBackendKey(String str, String str2) {
        String encrypt = this.asymmetricCryptoProcessor.encrypt(str, str2);
        log.debug("[Herodotus] |- Encrypt symmetric key use frontend public key, value is : [{}]", encrypt);
        return encrypt;
    }

    public String exchange(String str, String str2) throws SessionInvalidException {
        SecretKey secretKey = getSecretKey(str);
        return encryptBackendKey(secretKey.getSymmetricKey(), decryptFrontendPublicKey(str2, secretKey.getPrivateKey()));
    }

    public void afterPropertiesSet() throws Exception {
    }
}
