package com.jsmframe.auth;

import com.jsmframe.annotation.RestAnn;
import com.jsmframe.consts.BasePairConsts;
import com.jsmframe.context.ProjectContext;
import com.jsmframe.context.WebContext;
import com.jsmframe.exception.AuthFailException;
import com.jsmframe.exception.NoLoginException;
import com.jsmframe.exception.NoPermissionException;
import com.jsmframe.session.Session;
import com.jsmframe.utils.BlowFishUtil;
import com.jsmframe.utils.DateUtil;
import com.jsmframe.utils.EncryptUtil;
import com.jsmframe.utils.LogUtil;
import com.jsmframe.utils.RequestUtil;
import com.jsmframe.utils.StringUtil;
import com.jsmframe.utils.WebUtil;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:com/jsmframe/auth/AppAuth.class */
public class AppAuth implements Auth {
    private Logger logger = LogUtil.log(AppAuth.class);

    @Override // com.jsmframe.auth.Auth
    public boolean checkAuth(HttpServletRequest httpServletRequest, RestAnn restAnn, boolean z) {
        String str = "";
        if (ProjectContext.isJedisSession()) {
            String str2 = RequestUtil.get(httpServletRequest, WebContext.JSM_AT);
            String str3 = RequestUtil.get(httpServletRequest, WebContext.JSM_HT);
            this.logger.debug("checkSession, auth type {},at {}, ht {}", new Object[]{restAnn.authType(), str2, str3});
            str = decodeAppToken(str2, str3, httpServletRequest);
            if (StringUtil.isEmpty(str)) {
                if (z) {
                    return false;
                }
                throw new AuthFailException();
            }
        }
        Session session = new Session(str);
        if (session.isExpire()) {
            if (z) {
                return true;
            }
            throw new NoLoginException();
        }
        session.live();
        httpServletRequest.setAttribute(BasePairConsts.SESSION_KEY, session);
        if (z || StringUtil.isEmpty(restAnn.permission()) || WebUtil.hasPermissions(restAnn.permission())) {
            return true;
        }
        throw new NoPermissionException();
    }

    private String decodeAppToken(String str, String str2, HttpServletRequest httpServletRequest) {
        String str3 = null;
        try {
            if (!StringUtil.isEmpty(str) && !StringUtil.isEmpty(str2)) {
                String dec = BlowFishUtil.dec(str);
                if (dec == null || !dec.contains(",")) {
                    this.logger.error("illegal at: {}", str);
                    return null;
                }
                String[] split = dec.split(",");
                str3 = split[0];
                String str4 = split[1];
                Long valueOf = Long.valueOf(str4);
                long longValue = DateUtil.currentTime().longValue();
                Long valueOf2 = Long.valueOf(Math.abs(longValue - valueOf.longValue()));
                Long asLong = ProjectContext.getAsLong("at.expire.time");
                if (asLong == null) {
                    asLong = Long.valueOf(DateUtil.MILLIS_PER_MINUTE);
                }
                if (valueOf2.longValue() > asLong.longValue()) {
                    this.logger.error("sTime {} - cTime {} = {}", new Object[]{Long.valueOf(longValue), valueOf, valueOf2});
                    return null;
                }
                String enc = BlowFishUtil.enc(str3 + "," + str4);
                if (!enc.equals(str)) {
                    this.logger.error("sAt {} != at {}", new Object[]{enc, str});
                    return null;
                }
                String md5 = EncryptUtil.md5(str3 + "," + str4);
                if (!md5.equals(str)) {
                    this.logger.error("sHt {} != ht {}", new Object[]{md5, str});
                    return null;
                }
                httpServletRequest.setAttribute("token", str3);
            }
            return str3;
        } catch (Exception e) {
            this.logger.error("decodeAppToken error!", e);
            return null;
        }
    }
}
