package com.alibaba.nacos.client.security;

import com.alibaba.nacos.api.common.Constants;
import com.alibaba.nacos.common.http.HttpRestResult;
import com.alibaba.nacos.common.http.client.NacosRestTemplate;
import com.alibaba.nacos.common.http.param.Header;
import com.alibaba.nacos.common.http.param.Query;
import com.alibaba.nacos.common.utils.JacksonUtils;
import com.alibaba.nacos.common.utils.StringUtils;
import com.fasterxml.jackson.databind.JsonNode;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Properties;
import java.util.concurrent.TimeUnit;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BOOT-INF/lib/nacos-client-1.3.3.jar:com/alibaba/nacos/client/security/SecurityProxy.class */
public class SecurityProxy {
    private static final Logger SECURITY_LOGGER = LoggerFactory.getLogger((Class<?>) SecurityProxy.class);
    private static final String LOGIN_URL = "/v1/auth/users/login";
    private final NacosRestTemplate nacosRestTemplate;
    private String contextPath;
    private final String username;
    private final String password;
    private String accessToken;
    private long tokenTtl;
    private long lastRefreshTime;
    private long tokenRefreshWindow;

    public SecurityProxy(Properties properties, NacosRestTemplate nacosRestTemplate) {
        this.username = properties.getProperty("username", "");
        this.password = properties.getProperty("password", "");
        this.contextPath = properties.getProperty("contextPath", "/nacos");
        this.contextPath = this.contextPath.startsWith("/") ? this.contextPath : "/" + this.contextPath;
        this.nacosRestTemplate = nacosRestTemplate;
    }

    public boolean login(List<String> list) {
        try {
            if (System.currentTimeMillis() - this.lastRefreshTime < TimeUnit.SECONDS.toMillis(this.tokenTtl - this.tokenRefreshWindow)) {
                return true;
            }
            Iterator<String> it = list.iterator();
            while (it.hasNext()) {
                if (login(it.next())) {
                    this.lastRefreshTime = System.currentTimeMillis();
                    return true;
                }
            }
            return false;
        } catch (Throwable th) {
            return false;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    public boolean login(String str) throws UnsupportedEncodingException {
        if (!StringUtils.isNotBlank(this.username)) {
            return true;
        }
        HashMap hashMap = new HashMap(2);
        HashMap hashMap2 = new HashMap(2);
        hashMap.put("username", this.username);
        hashMap2.put("password", URLEncoder.encode(this.password, "utf-8"));
        String str2 = "http://" + str + this.contextPath + LOGIN_URL;
        if (str.contains("http")) {
            str2 = str + this.contextPath + LOGIN_URL;
        }
        try {
            HttpRestResult postForm = this.nacosRestTemplate.postForm(str2, Header.EMPTY, Query.newInstance().initParams(hashMap), hashMap2, String.class);
            if (!postForm.ok()) {
                SECURITY_LOGGER.error("login failed: {}", JacksonUtils.toJson(postForm));
                return false;
            }
            JsonNode obj = JacksonUtils.toObj((String) postForm.getData());
            if (obj.has(Constants.ACCESS_TOKEN)) {
                this.accessToken = obj.get(Constants.ACCESS_TOKEN).asText();
                this.tokenTtl = obj.get(Constants.TOKEN_TTL).asInt();
                this.tokenRefreshWindow = this.tokenTtl / 10;
            }
            return true;
        } catch (Exception e) {
            SECURITY_LOGGER.error("[SecurityProxy] login http request failed url: {}, params: {}, bodyMap: {}, errorMsg: {}", str2, hashMap, hashMap2, e.getMessage());
            return false;
        }
    }

    public String getAccessToken() {
        return this.accessToken;
    }
}
