package net.ymate.module.sso.support;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import java.util.HashMap;
import java.util.Map;
import net.ymate.framework.commons.HttpClientHelper;
import net.ymate.framework.commons.IHttpResponse;
import net.ymate.framework.commons.ParamUtils;
import net.ymate.framework.webmvc.IUserSessionHandler;
import net.ymate.framework.webmvc.support.UserSessionBean;
import net.ymate.module.sso.ISSOToken;
import net.ymate.module.sso.ISSOTokenAdapter;
import net.ymate.module.sso.ISSOTokenAttributeAdapter;
import net.ymate.module.sso.ISSOTokenStorageAdapter;
import net.ymate.module.sso.SSO;
import net.ymate.platform.core.beans.intercept.InterceptContext;
import net.ymate.platform.core.lang.BlurObject;
import net.ymate.platform.core.util.RuntimeUtils;
import net.ymate.platform.webmvc.context.WebContext;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.http.Header;
import org.apache.http.message.BasicHeader;

/* loaded from: input_file:net/ymate/module/sso/support/SSOUserSessionHandler.class */
public class SSOUserSessionHandler implements IUserSessionHandler {
    private static final Log _LOG = LogFactory.getLog(SSOUserSessionHandler.class);

    public UserSessionBean handle(InterceptContext interceptContext) throws Exception {
        ISSOTokenAdapter tokenAdapter = SSO.get().getModuleCfg().getTokenAdapter();
        ISSOToken token = tokenAdapter.getToken();
        if (token == null || !token.verified()) {
            tokenAdapter.cleanToken();
            return null;
        }
        if (!token.validationRequired()) {
            return null;
        }
        if (__doValidateToken(token)) {
            return token.updateLastValidateTime().bindUserSessionBean();
        }
        tokenAdapter.cleanToken();
        return null;
    }

    /* JADX WARN: Multi-variable type inference failed */
    private boolean __doValidateToken(ISSOToken iSSOToken) {
        try {
            if (!SSO.get().getModuleCfg().isClientMode()) {
                ISSOTokenStorageAdapter tokenStorageAdapter = SSO.get().getModuleCfg().getTokenStorageAdapter();
                ISSOToken load = tokenStorageAdapter.load(iSSOToken.getUid(), iSSOToken.getId());
                if (load == null) {
                    return false;
                }
                boolean z = SSO.get().getModuleCfg().isIpCheckEnabled() && !StringUtils.equals(iSSOToken.getRemoteAddr(), load.getRemoteAddr());
                if (load.timeout() || !load.verified() || z) {
                    tokenStorageAdapter.remove(load.getUid(), load.getId());
                    return false;
                }
                ISSOTokenAttributeAdapter tokenAttributeAdapter = SSO.get().getModuleCfg().getTokenAttributeAdapter();
                if (tokenAttributeAdapter == null) {
                    return true;
                }
                tokenAttributeAdapter.loadAttributes(iSSOToken);
                return true;
            }
            HashMap hashMap = new HashMap();
            hashMap.put("token_id", iSSOToken.getId());
            hashMap.put("uid", iSSOToken.getUid());
            hashMap.put("remote_addr", iSSOToken.getRemoteAddr());
            hashMap.put("sign", ParamUtils.createSignature(hashMap, false, new String[]{SSO.get().getModuleCfg().getServiceAuthKey()}));
            IHttpResponse post = HttpClientHelper.create().post(SSO.get().getModuleCfg().getServiceBaseUrl().concat("sso/authorize"), hashMap, new Header[]{new BasicHeader("User-Agent", WebContext.getRequest().getHeader("User-Agent"))});
            if (post != null && post.getStatusCode() == 200) {
                JSONObject parseObject = JSON.parseObject(post.getContent());
                if (parseObject.getIntValue("ret") == 0) {
                    SSO.get().getModuleCfg().getTokenAdapter().setToken(iSSOToken);
                    JSONObject jSONObject = parseObject.getJSONObject("data");
                    if (jSONObject == null || jSONObject.isEmpty()) {
                        return true;
                    }
                    for (Map.Entry entry : jSONObject.entrySet()) {
                        iSSOToken.getAttributes().put(entry.getKey(), BlurObject.bind(entry.getValue()).toStringValue());
                    }
                    return true;
                }
            }
            return false;
        } catch (Exception e) {
            _LOG.warn("An exception occurred while validate token '" + iSSOToken.getId() + "' for user '" + iSSOToken.getUid() + "'", RuntimeUtils.unwrapThrow(e));
            return false;
        }
    }

    public boolean verification(UserSessionBean userSessionBean) {
        ISSOToken iSSOToken = (ISSOToken) userSessionBean.getAttribute(ISSOToken.class.getName());
        if (iSSOToken != null && (iSSOToken.timeout() || !iSSOToken.verified() || !__doValidateToken(iSSOToken))) {
            iSSOToken = null;
        }
        if (iSSOToken != null) {
            return true;
        }
        SSO.get().getModuleCfg().getTokenAdapter().cleanToken();
        return false;
    }
}
