package net.ideahut.springboot.admin;

import java.net.InetAddress;
import java.util.UUID;
import net.ideahut.springboot.admin.AdminProperties;
import net.ideahut.springboot.mapper.DataMapper;
import net.ideahut.springboot.mapper.DataMapperImpl;
import net.ideahut.springboot.object.MapStringObject;
import net.ideahut.springboot.object.Result;
import net.ideahut.springboot.security.ReactiveSecurityAuthorization;
import net.ideahut.springboot.security.SecurityCredential;
import net.ideahut.springboot.security.SecurityUser;
import net.ideahut.springboot.util.ReactiveUtil;
import net.ideahut.springboot.util.StringUtil;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.util.Assert;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;

/* loaded from: input_file:net/ideahut/springboot/admin/ReactiveAdminSecurity.class */
public class ReactiveAdminSecurity implements ReactiveSecurityAuthorization, InitializingBean {
    private SecurityCredential credential;
    private AdminProperties properties;
    private DataMapper dataMapper;
    private String headerKey;
    private Boolean enableRemoteHost;
    private Boolean enableUserAgent;

    public ReactiveAdminSecurity setCredential(SecurityCredential securityCredential) {
        this.credential = securityCredential;
        return this;
    }

    public ReactiveAdminSecurity setProperties(AdminProperties adminProperties) {
        this.properties = adminProperties;
        return this;
    }

    public ReactiveAdminSecurity setDataMapper(DataMapper dataMapper) {
        this.dataMapper = dataMapper;
        return this;
    }

    public ReactiveAdminSecurity setHeaderKey(String str) {
        this.headerKey = str;
        return this;
    }

    public String getHeaderKey() {
        return this.headerKey;
    }

    public ReactiveAdminSecurity setEnableRemoteHost(Boolean bool) {
        this.enableRemoteHost = bool;
        return this;
    }

    public ReactiveAdminSecurity setEnableUserAgent(Boolean bool) {
        this.enableUserAgent = bool;
        return this;
    }

    public void afterPropertiesSet() throws Exception {
        Assert.notNull(this.credential, "credential is required");
        Assert.notNull(this.properties, "properties is required");
        this.headerKey = this.headerKey != null ? this.headerKey.trim() : "";
        if (this.headerKey.isEmpty()) {
            this.headerKey = "Authorization";
        }
        if (this.dataMapper == null) {
            this.dataMapper = new DataMapperImpl();
        }
        if (this.enableRemoteHost == null) {
            this.enableRemoteHost = Boolean.FALSE;
        }
        if (this.enableUserAgent == null) {
            this.enableUserAgent = Boolean.FALSE;
        }
    }

    @Override // net.ideahut.springboot.security.ReactiveSecurityAuthorization
    public Mono<Void> isRequestAuthorized(ServerWebExchange serverWebExchange) {
        ServerHttpRequest request = serverWebExchange.getRequest();
        String requestPath = this.properties.getResource().getRequestPath();
        String value = request.getPath().pathWithinApplication().value();
        if (value.startsWith(requestPath)) {
            return null;
        }
        AdminProperties.Api api = this.properties.getApi();
        if (((Boolean) StringUtil.valueOf(Boolean.TYPE, ReactiveUtil.getHeader(request, api.getInfoHeader()), false)).booleanValue()) {
            return info(serverWebExchange);
        }
        if (value.startsWith(api.getRequestPath() + api.getLoginPath()) && HttpMethod.POST.equals(request.getMethod())) {
            return login(serverWebExchange);
        }
        String first = request.getHeaders().getFirst(this.headerKey);
        String str = first != null ? first : "";
        if (str.isEmpty()) {
            return notAuthorized(serverWebExchange);
        }
        MapStringObject mapStringObject = new MapStringObject();
        mapStringObject.put("authorization", str);
        mapStringObject.put("host", ReactiveUtil.getRemoteHost(request));
        mapStringObject.put("agent", ReactiveUtil.getUserAgent(request));
        if (!this.credential.isValidCredential(mapStringObject)) {
            return notAuthorized(serverWebExchange);
        }
        SecurityUser securityUser = this.credential.getSecurityUser(mapStringObject);
        if (Boolean.TRUE.equals(this.enableRemoteHost) && !((String) securityUser.getAttribute(String.class, SecurityUser.Attribute.HOST, "")).equals(ReactiveUtil.getRemoteHost(request))) {
            return notAuthorized(serverWebExchange);
        }
        if (Boolean.TRUE.equals(this.enableUserAgent) && !((String) securityUser.getAttribute(String.class, SecurityUser.Attribute.AGENT, "")).equals(ReactiveUtil.getUserAgent(request))) {
            return notAuthorized(serverWebExchange);
        }
        if (value.startsWith(api.getRequestPath() + api.getLogoutPath())) {
            return logout(mapStringObject);
        }
        return null;
    }

    private Mono<Void> info(ServerWebExchange serverWebExchange) {
        ServerHttpRequest request = serverWebExchange.getRequest();
        MapStringObject mapStringObject = new MapStringObject();
        mapStringObject.put("ContextPath", request.getPath().contextPath().value());
        mapStringObject.put("Method", request.getMethod().name());
        mapStringObject.put("QueryParams", request.getQueryParams());
        InetAddress address = request.getRemoteAddress().getAddress();
        mapStringObject.put("RemoteAddr", address.getHostAddress());
        mapStringObject.put("RemoteHost", address.getHostName());
        mapStringObject.put("RemotePort", Integer.valueOf(request.getRemoteAddress().getPort()));
        mapStringObject.put("RequestId", request.getId());
        mapStringObject.put("RequestURI", request.getURI());
        mapStringObject.put("ServletPath", request.getPath().pathWithinApplication().value());
        mapStringObject.put("Headers", request.getHeaders());
        mapStringObject.put("Parameters", request.getQueryParams());
        mapStringObject.put("Cookies", request.getCookies());
        return sendResult(serverWebExchange, Result.success(mapStringObject));
    }

    private Mono<Void> login(ServerWebExchange serverWebExchange) {
        ServerHttpRequest request = serverWebExchange.getRequest();
        String str = (String) request.getQueryParams().getFirst("username");
        if (str == null || str.isEmpty()) {
            return sendResult(serverWebExchange, Result.error("LOGIN-01", "username is required"));
        }
        String str2 = (String) request.getQueryParams().getFirst("password");
        if (str2 == null || str2.isEmpty()) {
            return sendResult(serverWebExchange, Result.error("LOGIN-02", "password is required"));
        }
        String uuid = UUID.randomUUID().toString();
        MapStringObject mapStringObject = new MapStringObject();
        mapStringObject.put("username", str);
        mapStringObject.put("password", str2);
        mapStringObject.put("authorization", uuid);
        mapStringObject.put("host", ReactiveUtil.getRemoteHost(request));
        mapStringObject.put("agent", ReactiveUtil.getUserAgent(request));
        return !this.credential.registerUser(mapStringObject) ? sendResult(serverWebExchange, Result.error("LOGIN-03", "Invalid user")) : sendResult(serverWebExchange, Result.success(uuid));
    }

    private Mono<Void> logout(MapStringObject mapStringObject) {
        this.credential.invalidate(mapStringObject);
        return Mono.empty();
    }

    private Mono<Void> notAuthorized(ServerWebExchange serverWebExchange) {
        serverWebExchange.getResponse().setStatusCode(HttpStatus.UNAUTHORIZED);
        return Mono.empty();
    }

    private Mono<Void> sendResult(ServerWebExchange serverWebExchange, Result result) {
        return ReactiveUtil.sendToClient(this.dataMapper, serverWebExchange, result);
    }
}
