package com.jzt.common.security.impl;

import com.jzt.common.security.AuthenticationException;
import com.jzt.common.security.AuthenticationProvider;
import com.jzt.common.security.IdentityValidator;
import com.jzt.common.security.KeepLoginStatusVerifier;
import com.jzt.common.security.Principal;
import com.jzt.common.security.Verifier;
import com.jzt.common.web.CookieUtils;
import com.jzt.common.web.WebContext;
import com.jzt.platform.util.DateUtils;
import com.jzt.platform.util.security.Base64Utils;
import java.io.Serializable;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.util.Date;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:WEB-INF/lib/jzt-common-1.0-SNAPSHOT.jar:com/jzt/common/security/impl/CookieIdentityValidator.class */
public abstract class CookieIdentityValidator implements IdentityValidator {
    private static final Log LOG = LogFactory.getLog(CookieIdentityValidator.class);
    public static final String AUTO_LOGIN_COOKIE_NAME = "auto_login";
    private static final int PRINCIPALCOOKIE_MAX_AGE = 43200;
    private static final int VISITORCOOKIE_MAX_AGE = 2592000;
    private static final String SPLIT = "&";
    private static final String ENCODE = "utf-8";

    @Override // com.jzt.common.security.IdentityValidator
    public abstract void setAuthenticationProvider(AuthenticationProvider authenticationProvider);

    @Override // com.jzt.common.security.IdentityValidator
    public abstract AuthenticationProvider getAuthenticationProvider();

    protected abstract String getPrincipalcookieName();

    protected abstract String getvisitorCookieName();

    protected abstract boolean singleClientLogin();

    protected abstract String getLastLoginTimeCookieName();

    private String getSHAParam(Serializable serializable, Long l) {
        return serializable.toString() + l.toString();
    }

    private Cookie createPrincipalCookie(Principal principal) {
        StringBuffer stringBuffer = new StringBuffer();
        String sHAParam = getSHAParam(principal.getIdentity(), principal.getLastLoginTime());
        stringBuffer.append(principal.getIdentity().toString());
        stringBuffer.append("&" + Base64Utils.urlEncoding(DigestUtils.shaHex(sHAParam)));
        Cookie cookie = new Cookie(getPrincipalcookieName(), stringBuffer.toString());
        cookie.setPath("/");
        return cookie;
    }

    private Cookie createAutoLoginCookie(Verifier verifier, Principal principal) {
        CookieUtils.removeCookie(getvisitorCookieName(), "/");
        if (!(verifier instanceof KeepLoginStatusVerifier)) {
            return null;
        }
        KeepLoginStatusVerifier keepLoginStatusVerifier = (KeepLoginStatusVerifier) verifier;
        if (!keepLoginStatusVerifier.isKeepLoginStatus() || keepLoginStatusVerifier.getKeepLoginMaxTime() == 0) {
            return null;
        }
        Cookie cookie = new Cookie(AUTO_LOGIN_COOKIE_NAME, Base64Utils.urlEncoding(principal.getIdentity().toString() + "&" + principal.getLoginName()));
        cookie.setMaxAge(keepLoginStatusVerifier.getKeepLoginMaxTime());
        cookie.setPath("/");
        return cookie;
    }

    private Cookie createVisitorCookie(String str) {
        try {
            Cookie cookie = new Cookie(getvisitorCookieName(), URLEncoder.encode(str, "utf-8"));
            cookie.setMaxAge(2592000);
            cookie.setPath("/");
            return cookie;
        } catch (UnsupportedEncodingException e) {
            LOG.error(e);
            return null;
        }
    }

    private Cookie createLastLoginTime(Principal principal) {
        if (singleClientLogin()) {
            return null;
        }
        Cookie cookie = new Cookie(getLastLoginTimeCookieName(), principal.getLastLoginTime().toString());
        cookie.setPath("/");
        return cookie;
    }

    @Override // com.jzt.common.security.IdentityValidator
    public boolean isVisited() {
        return currentVisitor() != null;
    }

    @Override // com.jzt.common.security.IdentityValidator
    public boolean isLogined() {
        return currentPrincipal() != null;
    }

    @Override // com.jzt.common.security.IdentityValidator
    public Principal currentPrincipal() {
        Principal requestPrincipal = getRequestPrincipal();
        if (requestPrincipal != null) {
            return requestPrincipal;
        }
        Principal byPrincipalCookie = getByPrincipalCookie();
        if (byPrincipalCookie != null) {
            return byPrincipalCookie;
        }
        Principal byAutoLogin = getByAutoLogin();
        if (byAutoLogin != null) {
            CookieUtils.writeCookie(createPrincipalCookie(byAutoLogin));
            WebContext.currentRequest().setAttribute(getPrincipalcookieName(), byAutoLogin);
        }
        return byAutoLogin;
    }

    private Principal getByPrincipalCookie() {
        Long principalLastLoginTime;
        Cookie cookie = CookieUtils.getCookie(getPrincipalcookieName());
        if (cookie == null) {
            return null;
        }
        String[] split = cookie.getValue().split("&");
        String str = split[0];
        String str2 = split[1];
        Principal principal = getAuthenticationProvider().get(str);
        if (principal == null || (principalLastLoginTime = getPrincipalLastLoginTime(principal)) == null || !Base64Utils.urlEncoding(DigestUtils.shaHex(getSHAParam(principal.getIdentity(), principalLastLoginTime))).equals(str2)) {
            return null;
        }
        if (DateUtils.add(new Date(principalLastLoginTime.longValue()), DateUtils.TimeUnit.SECONDS, PRINCIPALCOOKIE_MAX_AGE).compareTo(new Date()) > 0) {
            return principal;
        }
        return null;
    }

    private Long getPrincipalLastLoginTime(Principal principal) {
        if (singleClientLogin()) {
            return principal.getLastLoginTime();
        }
        Cookie cookie = CookieUtils.getCookie(getLastLoginTimeCookieName());
        if (cookie == null) {
            return null;
        }
        try {
            return Long.valueOf(cookie.getValue());
        } catch (NumberFormatException e) {
            LOG.error("last_login_time cookie format number error.", e);
            return null;
        }
    }

    private Principal getByAutoLogin() {
        String value;
        Cookie cookie = CookieUtils.getCookie(AUTO_LOGIN_COOKIE_NAME);
        if (cookie == null || (value = cookie.getValue()) == null) {
            return null;
        }
        String decodeing = Base64Utils.decodeing(value);
        try {
            Principal principal = getAuthenticationProvider().get(new Long(decodeing.split("&")[0]));
            if (principal == null) {
                return null;
            }
            if (principal.getLoginName().equals(decodeing.split("&")[1])) {
                return principal;
            }
            return null;
        } catch (Exception e) {
            LOG.error(e);
            return null;
        }
    }

    private Principal getRequestPrincipal() {
        HttpServletRequest currentRequest = WebContext.currentRequest();
        if (currentRequest == null) {
            return null;
        }
        return (Principal) currentRequest.getAttribute(getPrincipalcookieName());
    }

    @Override // com.jzt.common.security.IdentityValidator
    public String currentVisitor() {
        Object attribute = WebContext.currentRequest().getAttribute(getvisitorCookieName());
        if (attribute != null) {
            return (String) attribute;
        }
        try {
            Cookie cookie = CookieUtils.getCookie(getvisitorCookieName());
            if (cookie == null) {
                return null;
            }
            return URLDecoder.decode(cookie.getValue(), "utf-8");
        } catch (UnsupportedEncodingException e) {
            LOG.error(e.toString());
            return null;
        }
    }

    @Override // com.jzt.common.security.IdentityValidator
    public void logout() {
        CookieUtils.removeCookie(getPrincipalcookieName(), "/");
        CookieUtils.removeCookie(getLastLoginTimeCookieName(), "/");
        CookieUtils.removeCookie(AUTO_LOGIN_COOKIE_NAME, "/");
        WebContext.currentRequest().setAttribute(getPrincipalcookieName(), (Object) null);
        WebContext.currentRequest().setAttribute(getvisitorCookieName(), (Object) null);
    }

    @Override // com.jzt.common.security.IdentityValidator
    public Principal login(Verifier verifier) throws AuthenticationException {
        Principal authenticate = getAuthenticationProvider().authenticate(verifier);
        if (authenticate == null) {
            throw new AuthenticationException("登录失败");
        }
        writeLoginCookie(authenticate, verifier);
        return authenticate;
    }

    private void writeLoginCookie(Principal principal, Verifier verifier) {
        CookieUtils.writeCookie(createPrincipalCookie(principal));
        CookieUtils.writeCookie(createLastLoginTime(principal));
        CookieUtils.writeCookie(createVisitorCookie(principal.getLoginName()));
        CookieUtils.writeCookie(createAutoLoginCookie(verifier, principal));
        WebContext.currentRequest().setAttribute(getPrincipalcookieName(), principal);
        WebContext.currentRequest().setAttribute(getvisitorCookieName(), principal.getLoginName());
    }
}
