package io.mangoo.routing.handlers;

import com.google.common.base.Charsets;
import com.google.inject.Inject;
import io.mangoo.configuration.Config;
import io.mangoo.core.Application;
import io.mangoo.crypto.Crypto;
import io.mangoo.enums.ClaimKey;
import io.mangoo.enums.Required;
import io.mangoo.helpers.RequestHelper;
import io.mangoo.routing.Attachment;
import io.mangoo.routing.bindings.Authentication;
import io.mangoo.routing.bindings.Flash;
import io.mangoo.routing.bindings.Form;
import io.mangoo.routing.bindings.Session;
import io.mangoo.utils.ByteUtils;
import io.mangoo.utils.CodecUtils;
import io.mangoo.utils.CryptoUtils;
import io.mangoo.utils.DateUtils;
import io.undertow.server.HttpHandler;
import io.undertow.server.HttpServerExchange;
import io.undertow.server.handlers.Cookie;
import java.time.LocalDateTime;
import java.util.HashMap;
import java.util.Map;
import java.util.Objects;
import org.apache.commons.lang3.StringUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.jose4j.jwa.AlgorithmConstraints;
import org.jose4j.jwt.JwtClaims;
import org.jose4j.jwt.MalformedClaimException;
import org.jose4j.jwt.consumer.InvalidJwtException;
import org.jose4j.jwt.consumer.JwtConsumerBuilder;
import org.jose4j.keys.HmacKey;

/* loaded from: input_file:io/mangoo/routing/handlers/InboundCookiesHandler.class */
public class InboundCookiesHandler implements HttpHandler {
    private static final Logger LOG = LogManager.getLogger(InboundCookiesHandler.class);
    private Attachment attachment;
    private Config config;
    private Form form;

    @Inject
    public InboundCookiesHandler(Config config) {
        this.config = (Config) Objects.requireNonNull(config, Required.CONFIG.toString());
    }

    public void handleRequest(HttpServerExchange httpServerExchange) throws Exception {
        this.attachment = (Attachment) httpServerExchange.getAttachment(RequestHelper.ATTACHMENT_KEY);
        this.attachment.setSession(getSessionCookie(httpServerExchange));
        this.attachment.setAuthentication(getAuthenticationCookie(httpServerExchange));
        this.attachment.setFlash(getFlashCookie(httpServerExchange));
        this.attachment.setForm(this.form);
        httpServerExchange.putAttachment(RequestHelper.ATTACHMENT_KEY, this.attachment);
        nextHandler(httpServerExchange);
    }

    protected Session getSessionCookie(HttpServerExchange httpServerExchange) {
        Session session = null;
        String cookieValue = getCookieValue(httpServerExchange, this.config.getSessionCookieName());
        if (StringUtils.isNotBlank(cookieValue)) {
            String decrypt = ((Crypto) Application.getInstance(Crypto.class)).decrypt(cookieValue, this.config.getSessionCookieEncryptionKey());
            if (StringUtils.isNotBlank(decrypt)) {
                try {
                    JwtClaims processToClaims = new JwtConsumerBuilder().setVerificationKey(new HmacKey(this.config.getSessionCookieSignKey().getBytes(Charsets.UTF_8))).setJwsAlgorithmConstraints(new AlgorithmConstraints(AlgorithmConstraints.ConstraintType.WHITELIST, new String[]{"HS512"})).build().processToClaims(decrypt);
                    if ("-1".equals((String) processToClaims.getClaimValue(ClaimKey.EXPIRES.toString(), String.class))) {
                        session = Session.create().withContent(ByteUtils.copyMap((Map) processToClaims.getClaimValue(ClaimKey.DATA.toString(), Map.class))).withAuthenticity((String) processToClaims.getClaimValue(ClaimKey.AUTHENTICITY.toString(), String.class));
                    } else if (LocalDateTime.parse((CharSequence) processToClaims.getClaimValue(ClaimKey.EXPIRES.toString(), String.class), DateUtils.formatter).isAfter(LocalDateTime.now())) {
                        session = Session.create().withContent(ByteUtils.copyMap((Map) processToClaims.getClaimValue(ClaimKey.DATA.toString(), Map.class))).withAuthenticity((String) processToClaims.getClaimValue(ClaimKey.AUTHENTICITY.toString(), String.class)).withExpires(LocalDateTime.parse((CharSequence) processToClaims.getClaimValue(ClaimKey.EXPIRES.toString(), String.class), DateUtils.formatter));
                    } else {
                        session = Session.create().withContent(new HashMap()).withAuthenticity(CryptoUtils.randomString(32));
                        if (this.config.getSessionCookieExpires() > 0) {
                            session.withExpires(LocalDateTime.now().plusSeconds(this.config.getSessionCookieExpires()));
                        }
                    }
                } catch (InvalidJwtException | MalformedClaimException e) {
                    LOG.error("Failed to parse session cookie", e);
                }
            }
        } else {
            session = Session.create().withContent(new HashMap()).withAuthenticity(CryptoUtils.randomString(32));
            if (this.config.getSessionCookieExpires() > 0) {
                session.withExpires(LocalDateTime.now().plusSeconds(this.config.getSessionCookieExpires()));
            }
        }
        return session;
    }

    protected Authentication getAuthenticationCookie(HttpServerExchange httpServerExchange) {
        Authentication authentication = null;
        String cookieValue = getCookieValue(httpServerExchange, this.config.getAuthenticationCookieName());
        if (StringUtils.isNotBlank(cookieValue)) {
            try {
                JwtClaims processToClaims = new JwtConsumerBuilder().setRequireSubject().setVerificationKey(new HmacKey(this.config.getAuthenticationCookieSignKey().getBytes(Charsets.UTF_8))).setJwsAlgorithmConstraints(new AlgorithmConstraints(AlgorithmConstraints.ConstraintType.WHITELIST, new String[]{"HS512"})).build().processToClaims(((Crypto) Application.getInstance(Crypto.class)).decrypt(cookieValue, this.config.getAuthenticationCookieEncryptionKey()));
                LocalDateTime parse = LocalDateTime.parse((CharSequence) processToClaims.getClaimValue(ClaimKey.EXPIRES.toString(), String.class), DateUtils.formatter);
                authentication = parse.isAfter(LocalDateTime.now()) ? Authentication.create().withExpires(parse).withIdentifier(processToClaims.getSubject()).twoFactorAuthentication(((Boolean) processToClaims.getClaimValue(ClaimKey.TWO_FACTOR.toString(), Boolean.class)).booleanValue()) : Authentication.create().withExpires(LocalDateTime.now().plusSeconds(this.config.getAuthenticationCookieExpires())).withIdentifier(null);
            } catch (InvalidJwtException | MalformedClaimException e) {
                LOG.error("Failed to parse authentication cookie", e);
            }
        } else {
            authentication = Authentication.create().withExpires(LocalDateTime.now().plusSeconds(this.config.getAuthenticationCookieExpires())).withIdentifier(null);
        }
        return authentication;
    }

    protected Flash getFlashCookie(HttpServerExchange httpServerExchange) {
        Flash flash = null;
        String cookieValue = getCookieValue(httpServerExchange, this.config.getFlashCookieName());
        if (StringUtils.isNotBlank(cookieValue)) {
            try {
                JwtClaims processToClaims = new JwtConsumerBuilder().setVerificationKey(new HmacKey(this.config.getFlashCookieSignKey().getBytes(Charsets.UTF_8))).setJwsAlgorithmConstraints(new AlgorithmConstraints(AlgorithmConstraints.ConstraintType.WHITELIST, new String[]{"HS512"})).build().processToClaims(((Crypto) Application.getInstance(Crypto.class)).decrypt(cookieValue, this.config.getFlashCookieEncryptionKey()));
                if (LocalDateTime.parse((CharSequence) processToClaims.getClaimValue(ClaimKey.EXPIRES.toString(), String.class), DateUtils.formatter).isAfter(LocalDateTime.now())) {
                    if (processToClaims.hasClaim(ClaimKey.FORM.toString())) {
                        this.form = (Form) CodecUtils.deserializeFromBase64((String) processToClaims.getClaimValue(ClaimKey.FORM.toString(), String.class));
                    }
                    flash = new Flash(ByteUtils.copyMap((Map) processToClaims.getClaimValue(ClaimKey.DATA.toString(), Map.class)));
                    flash.setDiscard(true);
                }
            } catch (InvalidJwtException | MalformedClaimException e) {
                LOG.error("Failed to parse flash cookie", e);
            }
        }
        return flash == null ? new Flash() : flash;
    }

    protected void nextHandler(HttpServerExchange httpServerExchange) throws Exception {
        ((FormHandler) Application.getInstance(FormHandler.class)).handleRequest(httpServerExchange);
    }

    private String getCookieValue(HttpServerExchange httpServerExchange, String str) {
        Cookie cookie;
        String str2 = null;
        if (httpServerExchange.getRequestCookies() != null && (cookie = (Cookie) httpServerExchange.getRequestCookies().get(str)) != null) {
            str2 = cookie.getValue();
        }
        return str2;
    }
}
