package org.apache.linkis.gateway.security.token;

import javax.servlet.http.Cookie;
import org.apache.commons.lang3.StringUtils;
import org.apache.linkis.common.utils.Logging;
import org.apache.linkis.common.utils.Utils$;
import org.apache.linkis.gateway.authentication.service.TokenService;
import org.apache.linkis.gateway.config.GatewayConfiguration$;
import org.apache.linkis.gateway.http.GatewayContext;
import org.apache.linkis.gateway.security.GatewaySSOUtils$;
import org.apache.linkis.gateway.security.SecurityFilter$;
import org.apache.linkis.server.Message;
import org.apache.linkis.server.Message$;
import org.slf4j.Logger;
import scala.Function0;
import scala.Predef$;
import scala.collection.mutable.ArrayOps;
import scala.runtime.BoxesRunTime;
import scala.runtime.ObjectRef;

/* compiled from: TokenAuthentication.scala */
/* loaded from: input_file:org/apache/linkis/gateway/security/token/TokenAuthentication$.class */
public final class TokenAuthentication$ implements Logging {
    public static TokenAuthentication$ MODULE$;
    private TokenService tokenService;
    private Logger logger;
    private volatile boolean bitmap$0;

    static {
        new TokenAuthentication$();
    }

    public void trace(Function0<String> function0) {
        Logging.trace$(this, function0);
    }

    public void debug(Function0<String> function0) {
        Logging.debug$(this, function0);
    }

    public void info(Function0<String> function0) {
        Logging.info$(this, function0);
    }

    public void info(Function0<String> function0, Throwable th) {
        Logging.info$(this, function0, th);
    }

    public void warn(Function0<String> function0) {
        Logging.warn$(this, function0);
    }

    public void warn(Function0<String> function0, Throwable th) {
        Logging.warn$(this, function0, th);
    }

    public void error(Function0<String> function0, Throwable th) {
        Logging.error$(this, function0, th);
    }

    public void error(Function0<String> function0) {
        Logging.error$(this, function0);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v0 */
    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r0v8, types: [org.apache.linkis.gateway.security.token.TokenAuthentication$] */
    private Logger logger$lzycompute() {
        ?? r0 = this;
        synchronized (r0) {
            if (!this.bitmap$0) {
                this.logger = Logging.logger$(this);
                r0 = this;
                r0.bitmap$0 = true;
            }
        }
        return this.logger;
    }

    public Logger logger() {
        return !this.bitmap$0 ? logger$lzycompute() : this.logger;
    }

    private TokenService tokenService() {
        return this.tokenService;
    }

    private void tokenService_$eq(TokenService tokenService) {
        this.tokenService = tokenService;
    }

    public void setTokenService(TokenService tokenService) {
        tokenService_$eq(tokenService);
    }

    public boolean isTokenRequest(GatewayContext gatewayContext) {
        return (gatewayContext.getRequest().getHeaders().containsKey(GatewayConfiguration$.MODULE$.TOKEN_KEY()) && gatewayContext.getRequest().getHeaders().containsKey(GatewayConfiguration$.MODULE$.TOKEN_USER_KEY())) || (gatewayContext.getRequest().getCookies().containsKey(GatewayConfiguration$.MODULE$.TOKEN_KEY()) && gatewayContext.getRequest().getCookies().containsKey(GatewayConfiguration$.MODULE$.TOKEN_USER_KEY()));
    }

    public boolean tokenAuth(GatewayContext gatewayContext, boolean z) {
        if (!BoxesRunTime.unboxToBoolean(GatewayConfiguration$.MODULE$.ENABLE_TOKEN_AUTHENTICATION().getValue())) {
            SecurityFilter$.MODULE$.filterResponse(gatewayContext, Message$.MODULE$.noLogin("Gateway未启用token认证，请采用其他认证方式!").$less$less(gatewayContext.getRequest().getRequestURI()));
            return false;
        }
        ObjectRef create = ObjectRef.create(gatewayContext.getRequest().getHeaders().get(GatewayConfiguration$.MODULE$.TOKEN_KEY())[0]);
        ObjectRef create2 = ObjectRef.create(gatewayContext.getRequest().getHeaders().get(GatewayConfiguration$.MODULE$.TOKEN_USER_KEY())[0]);
        ObjectRef create3 = ObjectRef.create(gatewayContext.getRequest().getRequestRealIpAddr());
        if (StringUtils.isBlank((String) create.elem) || StringUtils.isBlank((String) create2.elem)) {
            create.elem = gatewayContext.getRequest().getCookies().get(GatewayConfiguration$.MODULE$.TOKEN_KEY())[0].getValue();
            create2.elem = gatewayContext.getRequest().getCookies().get(GatewayConfiguration$.MODULE$.TOKEN_USER_KEY())[0].getValue();
            if (StringUtils.isBlank((String) create.elem) || StringUtils.isBlank((String) create2.elem)) {
                SecurityFilter$.MODULE$.filterResponse(gatewayContext, Message$.MODULE$.noLogin(new StringBuilder(36).append("请在Header或Cookie中同时指定").append(GatewayConfiguration$.MODULE$.TOKEN_KEY()).append(" 和 ").append(GatewayConfiguration$.MODULE$.TOKEN_USER_KEY()).append("，以便完成token认证！").toString()).$less$less(gatewayContext.getRequest().getRequestURI()));
                return false;
            }
        }
        boolean z2 = false;
        String[] strArr = gatewayContext.getRequest().getHeaders().get(GatewayConfiguration$.MODULE$.TOKEN_ALIVE_KEY());
        String str = "";
        if (strArr == null || new ArrayOps.ofRef(Predef$.MODULE$.refArrayOps(strArr)).isEmpty()) {
            Cookie[] cookieArr = gatewayContext.getRequest().getCookies().get(GatewayConfiguration$.MODULE$.TOKEN_ALIVE_KEY());
            if (cookieArr != null && !new ArrayOps.ofRef(Predef$.MODULE$.refArrayOps(cookieArr)).isEmpty()) {
                str = cookieArr[0].getValue();
            }
        } else {
            str = gatewayContext.getRequest().getHeaders().get(GatewayConfiguration$.MODULE$.TOKEN_ALIVE_KEY())[0];
        }
        if (StringUtils.isNotBlank(str) && str.toLowerCase().equals(GatewayConfiguration$.MODULE$.TOKEN_ALIVE_TRUE())) {
            z2 = true;
        }
        ObjectRef create4 = ObjectRef.create(Message$.MODULE$.noLogin(new StringBuilder(28).append("未授权的token").append((String) create.elem).append("，无法将请求绑定给tokenUser").append((String) create2.elem).append("!").toString()).$less$less(gatewayContext.getRequest().getRequestURI()));
        if (!BoxesRunTime.unboxToBoolean(Utils$.MODULE$.tryCatch(() -> {
            return MODULE$.tokenService().doAuth((String) create.elem, (String) create2.elem, (String) create3.elem);
        }, th -> {
            return BoxesRunTime.boxToBoolean($anonfun$tokenAuth$2(create4, create, create2, gatewayContext, th));
        }))) {
            SecurityFilter$.MODULE$.filterResponse(gatewayContext, (Message) create4.elem);
            return false;
        }
        logger().info(new StringBuilder(58).append("Token authentication succeed, uri: ").append(gatewayContext.getRequest().getRequestURI()).append(", token: ").append((String) create.elem).append(", tokenUser: ").append((String) create2.elem).append(".").toString());
        if (z) {
            logger().info(new StringBuilder(58).append("Token authentication succeed, uri: ").append(gatewayContext.getRequest().getRequestURI()).append(", token: ").append((String) create.elem).append(", tokenUser: ").append((String) create2.elem).append(".").toString());
            GatewaySSOUtils$.MODULE$.setLoginUser(gatewayContext, (String) create2.elem);
            SecurityFilter$.MODULE$.filterResponse(gatewayContext, Message$.MODULE$.ok("login successful(登录成功)！").data("userName", (String) create2.elem).data("isAdmin", BoxesRunTime.boxToBoolean(false)));
            return false;
        }
        if (!BoxesRunTime.unboxToBoolean(GatewayConfiguration$.MODULE$.ENABLE_TOEKN_AUTHENTICATION_ALIVE().getValue()) && !z2) {
            GatewaySSOUtils$.MODULE$.setLoginUser(gatewayContext.getRequest(), (String) create2.elem, false);
            return true;
        }
        if (logger().isDebugEnabled()) {
            logger().debug(new StringBuilder(52).append("Token auth of user : ").append((String) create2.elem).append(" has param : tokenAlive : true.").toString());
        }
        GatewaySSOUtils$.MODULE$.setLoginUser(gatewayContext.getRequest(), (String) create2.elem, true);
        return true;
    }

    public boolean tokenAuth$default$2() {
        return false;
    }

    public static final /* synthetic */ boolean $anonfun$tokenAuth$2(ObjectRef objectRef, ObjectRef objectRef2, ObjectRef objectRef3, GatewayContext gatewayContext, Throwable th) {
        objectRef.elem = Message$.MODULE$.noLogin(new StringBuilder(58).append("Token Authentication Failed, token: ").append((String) objectRef2.elem).append("，tokenUser: ").append((String) objectRef3.elem).append(", reason: ").append(th.getMessage()).toString()).$less$less(gatewayContext.getRequest().getRequestURI());
        return false;
    }

    private TokenAuthentication$() {
        MODULE$ = this;
        Logging.$init$(this);
    }
}
