package net.e6tech.elements.web.federation;

import java.lang.reflect.Method;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import javax.crypto.SecretKey;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.NotAuthorizedException;
import net.e6tech.elements.common.util.SystemException;
import net.e6tech.elements.network.restful.RestfulProxy;
import net.e6tech.elements.security.Hex;
import net.e6tech.elements.security.SymmetricCipher;
import net.e6tech.elements.web.cxf.Observer;

/* loaded from: input_file:net/e6tech/elements/web/federation/AuthObserver.class */
public class AuthObserver extends Observer {
    protected static SymmetricCipher cipher = SymmetricCipher.getInstance("AES");
    private String sharedKey;
    private SecretKey secretKey;
    private long expiration = 60000;

    public String getSharedKey() {
        return this.sharedKey;
    }

    public void setSharedKey(String str) {
        this.sharedKey = str;
        if (str != null) {
            this.secretKey = cipher.getKeySpec(Hex.toBytes(str));
        }
    }

    public long getExpiration() {
        return this.expiration;
    }

    public void setExpiration(long j) {
        this.expiration = j;
    }

    public void authorize(RestfulProxy restfulProxy) {
        try {
            String encrypt = encrypt();
            if (encrypt == null) {
                return;
            }
            restfulProxy.setRequestProperty("Authorization", "SharedKey " + encrypt);
        } catch (GeneralSecurityException e) {
            throw new SystemException(e);
        }
    }

    private String encrypt() throws GeneralSecurityException {
        if (this.secretKey == null) {
            return null;
        }
        return cipher.encrypt(this.secretKey, Long.toString(System.currentTimeMillis()).getBytes(StandardCharsets.UTF_8), (String) null);
    }

    private long decrypt(String str) throws GeneralSecurityException {
        return this.secretKey == null ? System.currentTimeMillis() : Long.parseLong(new String(cipher.decrypt(this.secretKey, str, (String) null), StandardCharsets.UTF_8));
    }

    @Override // net.e6tech.elements.web.cxf.Observer
    public void beforeInvocation(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, Method method, Object[] objArr) {
        String header = httpServletRequest.getHeader("Authorization");
        if (this.sharedKey != null) {
            if (header == null) {
                throw new NotAuthorizedException("Missing Authorization header", new Object[0]);
            }
            if (!header.startsWith("SharedKey")) {
                throw new NotAuthorizedException("Missing SharedKey", new Object[0]);
            }
            try {
                if (System.currentTimeMillis() - decrypt(header.substring("SharedKey".length()).trim()) > this.expiration) {
                    throw new NotAuthorizedException("Shared token expired", new Object[0]);
                }
            } catch (GeneralSecurityException e) {
                throw new SystemException(e);
            }
        }
    }
}
