package org.apache.linkis.gateway.security;

import com.google.gson.Gson;
import java.nio.charset.StandardCharsets;
import java.util.Locale;
import java.util.Map;
import java.util.Random;
import javax.servlet.http.Cookie;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.net.util.Base64;
import org.apache.linkis.common.utils.RSAUtils$;
import org.apache.linkis.common.utils.Utils$;
import org.apache.linkis.gateway.config.GatewayConfiguration$;
import org.apache.linkis.gateway.http.GatewayContext;
import org.apache.linkis.protocol.usercontrol.RequestLogin;
import org.apache.linkis.protocol.usercontrol.RequestRegister;
import org.apache.linkis.protocol.usercontrol.ResponseLogin;
import org.apache.linkis.protocol.usercontrol.ResponseRegister;
import org.apache.linkis.rpc.Sender;
import org.apache.linkis.rpc.Sender$;
import org.apache.linkis.server.BDPJettyServerHelper$;
import org.apache.linkis.server.Message;
import org.apache.linkis.server.Message$;
import org.apache.linkis.server.conf.ServerConfiguration$;
import org.apache.linkis.server.package$;
import scala.MatchError;
import scala.Predef$;
import scala.Tuple2;
import scala.collection.Iterable$;
import scala.collection.JavaConverters$;
import scala.collection.TraversableLike;
import scala.collection.TraversableOnce;
import scala.collection.mutable.ArrayOps;
import scala.reflect.ClassTag$;
import scala.reflect.ScalaSignature;
import scala.runtime.BoxedUnit;
import scala.runtime.BoxesRunTime;
import scala.runtime.ObjectRef;
import scala.runtime.RichInt$;

/* compiled from: UserRestful.scala */
@ScalaSignature(bytes = "\u0006\u0001\u00055a!\u0002\u000b\u0016\u0003\u0003\u0001\u0003\"B\u0017\u0001\t\u0003q\u0003b\u0002\u0019\u0001\u0005\u0004%I!\r\u0005\u0007q\u0001\u0001\u000b\u0011\u0002\u001a\t\u000fe\u0002!\u0019!C\u0005u!11\t\u0001Q\u0001\nmBq\u0001\u0012\u0001C\u0002\u0013%!\b\u0003\u0004F\u0001\u0001\u0006Ia\u000f\u0005\b\r\u0002\u0011\r\u0011\"\u0003;\u0011\u00199\u0005\u0001)A\u0005w!9\u0001\n\u0001b\u0001\n\u0013Q\u0004BB%\u0001A\u0003%1\bC\u0003K\u0001\u0011%1\nC\u0003e\u0001\u0011\u0005Q\rC\u0003k\u0001\u0011E3\u000eC\u0003t\u0001\u0019EA\u000fC\u0003z\u0001\u0011%!\u0010C\u0003|\u0001\u0011\u0005A\u0010C\u0004\u0002\u0002\u0001!\t%a\u0001\t\u000f\u0005\u001d\u0001\u0001\"\u0003\u0002\n\tQRk]3s!^$\u0017IY:ue\u0006\u001cG/V:feJ+7\u000f\u001e4vY*\u0011acF\u0001\tg\u0016\u001cWO]5us*\u0011\u0001$G\u0001\bO\u0006$Xm^1z\u0015\tQ2$\u0001\u0004mS:\\\u0017n\u001d\u0006\u00039u\ta!\u00199bG\",'\"\u0001\u0010\u0002\u0007=\u0014xm\u0001\u0001\u0014\u0007\u0001\tS\u0005\u0005\u0002#G5\tQ#\u0003\u0002%+\t\u0019\u0012IY:ue\u0006\u001cG/V:feJ+7\u000f\u001e4vYB\u0011aeK\u0007\u0002O)\u0011\u0001&K\u0001\u0006kRLGn\u001d\u0006\u0003Ue\taaY8n[>t\u0017B\u0001\u0017(\u0005\u001daunZ4j]\u001e\fa\u0001P5oSRtD#A\u0018\u0011\u0005\t\u0002\u0011AB:f]\u0012,'/F\u00013!\t\u0019d'D\u00015\u0015\t)\u0014$A\u0002sa\u000eL!a\u000e\u001b\u0003\rM+g\u000eZ3s\u0003\u001d\u0019XM\u001c3fe\u0002\na\u0002T%O\u000b~#U\tT%N\u0013R+%+F\u0001<!\ta\u0014)D\u0001>\u0015\tqt(\u0001\u0003mC:<'\"\u0001!\u0002\t)\fg/Y\u0005\u0003\u0005v\u0012aa\u0015;sS:<\u0017a\u0004'J\u001d\u0016{F)\u0012'J\u001b&#VI\u0015\u0011\u0002\u0019U\u001bVI\u0015(B\u001b\u0016{6\u000b\u0016*\u0002\u001bU\u001bVI\u0015(B\u001b\u0016{6\u000b\u0016*!\u0003)\u0001\u0016iU*X\t~\u001bFKU\u0001\f!\u0006\u001b6k\u0016#`'R\u0013\u0006%\u0001\nQ\u0003N\u001bv\u000bR0F\u001d\u000e\u0013\u0016\f\u0015+`'R\u0013\u0016a\u0005)B'N;FiX#O\u0007JK\u0006\u000bV0T)J\u0003\u0013!E4fiV\u001bXM\u001d(b[\u0016\fe\u000e\u001a)X\tR\u0011A\n\u0018\t\u0005\u001bB\u0013&+D\u0001O\u0015\u0005y\u0015!B:dC2\f\u0017BA)O\u0005\u0019!V\u000f\u001d7feA\u00111K\u0017\b\u0003)b\u0003\"!\u0016(\u000e\u0003YS!aV\u0010\u0002\rq\u0012xn\u001c;?\u0013\tIf*\u0001\u0004Qe\u0016$WMZ\u0005\u0003\u0005nS!!\u0017(\t\u000buc\u0001\u0019\u00010\u0002\u001d\u001d\fG/Z<bs\u000e{g\u000e^3yiB\u0011qLY\u0007\u0002A*\u0011\u0011mF\u0001\u0005QR$\b/\u0003\u0002dA\nqq)\u0019;fo\u0006L8i\u001c8uKb$\u0018!E2mK\u0006\u0014X\t\u001f9je\u0016\u001cun\\6jKR\u0011a-\u001b\t\u0003\u001b\u001eL!\u0001\u001b(\u0003\tUs\u0017\u000e\u001e\u0005\u0006;6\u0001\rAX\u0001\tiJLHj\\4j]R\u0011AN\u001d\t\u0003[Bl\u0011A\u001c\u0006\u0003_f\taa]3sm\u0016\u0014\u0018BA9o\u0005\u001diUm]:bO\u0016DQ!\u0018\bA\u0002y\u000bQ\u0001\\8hS:$2\u0001\\;x\u0011\u00151x\u00021\u0001S\u0003!)8/\u001a:OC6,\u0007\"\u0002=\u0010\u0001\u0004\u0011\u0016\u0001\u00039bgN<xN\u001d3\u0002%\u001d,GOU1oI>l\u0007K]8ysV\u001bXM\u001d\u000b\u0002%\u0006\u0001Ro]3s\u0007>tGO]8m\u0019><\u0017N\u001c\u000b\u0005Yvtx\u0010C\u0003w#\u0001\u0007!\u000bC\u0003y#\u0001\u0007!\u000bC\u0003^#\u0001\u0007a,A\u0006uef\u0014VmZ5ti\u0016\u0014Hc\u00017\u0002\u0006!)QL\u0005a\u0001=\u0006\u0019Ro]3s\u0007>tGO]8m%\u0016<\u0017n\u001d;feR\u0019A.a\u0003\t\u000bu\u001b\u0002\u0019\u00010")
/* loaded from: input_file:org/apache/linkis/gateway/security/UserPwdAbstractUserRestful.class */
public abstract class UserPwdAbstractUserRestful extends AbstractUserRestful {
    private final Sender sender = Sender$.MODULE$.getSender((String) GatewayConfiguration$.MODULE$.USERCONTROL_SPRING_APPLICATION_NAME().getValue());
    private final String LINE_DELIMITER = "</br>";
    private final String USERNAME_STR = "userName";
    private final String PASSWD_STR = "password";
    private final String PASSWD_ENCRYPT_STR = "passwdEncrypt";

    private Sender sender() {
        return this.sender;
    }

    private String LINE_DELIMITER() {
        return this.LINE_DELIMITER;
    }

    private String USERNAME_STR() {
        return this.USERNAME_STR;
    }

    private String PASSWD_STR() {
        return this.PASSWD_STR;
    }

    private String PASSWD_ENCRYPT_STR() {
        return this.PASSWD_ENCRYPT_STR;
    }

    private Tuple2<String, String> getUserNameAndPWD(GatewayContext gatewayContext) {
        Tuple2 tuple2;
        String str;
        String[] strArr = gatewayContext.getRequest().getQueryParams().get(USERNAME_STR());
        String[] strArr2 = gatewayContext.getRequest().getQueryParams().get(PASSWD_STR());
        String[] strArr3 = gatewayContext.getRequest().getQueryParams().get(PASSWD_ENCRYPT_STR());
        if (strArr2 == null || new ArrayOps.ofRef(Predef$.MODULE$.refArrayOps(strArr2)).isEmpty() || StringUtils.isBlank((CharSequence) new ArrayOps.ofRef(Predef$.MODULE$.refArrayOps(strArr2)).head())) {
            strArr2 = strArr3;
        }
        if (strArr != null && new ArrayOps.ofRef(Predef$.MODULE$.refArrayOps(strArr)).nonEmpty() && strArr2 != null && new ArrayOps.ofRef(Predef$.MODULE$.refArrayOps(strArr2)).nonEmpty()) {
            tuple2 = new Tuple2(new ArrayOps.ofRef(Predef$.MODULE$.refArrayOps(strArr)).head(), new ArrayOps.ofRef(Predef$.MODULE$.refArrayOps(strArr2)).head());
        } else if (StringUtils.isNotBlank(gatewayContext.getRequest().getRequestBody())) {
            Map map = (Map) BDPJettyServerHelper$.MODULE$.gson().fromJson(gatewayContext.getRequest().getRequestBody(), Map.class);
            Object orDefault = map.getOrDefault(USERNAME_STR(), null);
            Object orDefault2 = map.getOrDefault(PASSWD_STR(), null);
            if (orDefault2 == null) {
                orDefault2 = map.getOrDefault(PASSWD_ENCRYPT_STR(), null);
            }
            tuple2 = new Tuple2(orDefault, orDefault2);
        } else {
            tuple2 = new Tuple2((Object) null, (Object) null);
        }
        Tuple2 tuple22 = tuple2;
        if (tuple22 == null) {
            throw new MatchError(tuple22);
        }
        Tuple2 tuple23 = new Tuple2(tuple22._1(), tuple22._2());
        Object _1 = tuple23._1();
        Object _2 = tuple23._2();
        if (_1 == null || StringUtils.isBlank(_1.toString())) {
            return new Tuple2<>((Object) null, (Object) null);
        }
        if (_2 == null || StringUtils.isBlank(_2.toString())) {
            return new Tuple2<>(_1.toString(), (Object) null);
        }
        if (BoxesRunTime.unboxToBoolean(GatewayConfiguration$.MODULE$.LOGIN_ENCRYPT_ENABLE().getValue())) {
            logger().info(new StringBuilder(31).append("passwordEncrypt or : ").append(_2).append(" username ").append(_1).toString());
            str = (String) Utils$.MODULE$.tryAndError(() -> {
                this.logger().info(new StringBuilder(50).append("\npasswdEncrypt : ").append(_2).append("\npublicKeyStr : ").append(RSAUtils$.MODULE$.getDefaultPublicKey()).append("\nprivateKeyStr : ").append(RSAUtils$.MODULE$.getDefaultPrivateKey()).toString());
                return new String(RSAUtils$.MODULE$.decrypt(Base64.decodeBase64(((String) _2).getBytes(StandardCharsets.UTF_8))), StandardCharsets.UTF_8);
            }, logger());
        } else {
            str = (String) _2;
        }
        return new Tuple2<>(_1.toString(), str);
    }

    public void clearExpireCookie(GatewayContext gatewayContext) {
        Cookie[] cookieArr = (Cookie[]) new ArrayOps.ofRef(Predef$.MODULE$.refArrayOps((Cookie[]) ((TraversableOnce) ((TraversableLike) JavaConverters$.MODULE$.collectionAsScalaIterableConverter(gatewayContext.getRequest().getCookies().values()).asScala()).flatMap(cookieArr2 -> {
            return new ArrayOps.ofRef($anonfun$clearExpireCookie$1(cookieArr2));
        }, Iterable$.MODULE$.canBuildFrom())).toArray(ClassTag$.MODULE$.apply(Cookie.class)))).filter(cookie -> {
            return BoxesRunTime.boxToBoolean($anonfun$clearExpireCookie$2(cookie));
        });
        String[] strArr = gatewayContext.getRequest().getHeaders().get("Host");
        if (strArr == null || !new ArrayOps.ofRef(Predef$.MODULE$.refArrayOps(strArr)).nonEmpty()) {
            return;
        }
        RichInt$.MODULE$.to$extension0(Predef$.MODULE$.intWrapper(1), ((String) new ArrayOps.ofRef(Predef$.MODULE$.refArrayOps(strArr)).head()).split("\\.").length).foreach$mVc$sp(i -> {
            new ArrayOps.ofRef(Predef$.MODULE$.refArrayOps((Object[]) cookieArr.clone())).foreach(cookie2 -> {
                $anonfun$clearExpireCookie$4(this, strArr, i, gatewayContext, cookie2);
                return BoxedUnit.UNIT;
            });
        });
    }

    @Override // org.apache.linkis.gateway.security.AbstractUserRestful
    public Message tryLogin(GatewayContext gatewayContext) {
        Message login;
        Tuple2<String, String> userNameAndPWD = getUserNameAndPWD(gatewayContext);
        if (userNameAndPWD == null) {
            throw new MatchError(userNameAndPWD);
        }
        Tuple2 tuple2 = new Tuple2((String) userNameAndPWD._1(), (String) userNameAndPWD._2());
        String str = (String) tuple2._1();
        String str2 = (String) tuple2._2();
        if (StringUtils.isBlank(str)) {
            return Message$.MODULE$.error("Username can not be empty(用户名不能为空)！");
        }
        if (StringUtils.isBlank(str2)) {
            return Message$.MODULE$.error("Password can not be blank(密码不能为空)！");
        }
        if (((String) GatewayConfiguration$.MODULE$.ADMIN_USER().getValue()).equals(str) && ((String) GatewayConfiguration$.MODULE$.ADMIN_PASSWORD().getValue()).equals(str2)) {
            GatewaySSOUtils$.MODULE$.setLoginUser(gatewayContext, str);
            return package$.MODULE$.ok("login successful(登录成功)！").data("userName", str).data("isAdmin", BoxesRunTime.boxToBoolean(true));
        }
        Message$.MODULE$.ok();
        if (BoxesRunTime.unboxToBoolean(GatewayConfiguration$.MODULE$.USERCONTROL_SWITCH_ON().getValue())) {
            login = userControlLogin(str, str2, gatewayContext);
        } else {
            String lowerCase = str.toLowerCase(Locale.getDefault());
            login = login(lowerCase, str2);
            clearExpireCookie(gatewayContext);
            if (login.getStatus() == 0) {
                GatewaySSOUtils$.MODULE$.setLoginUser(gatewayContext, lowerCase);
            }
        }
        if (login.getData().containsKey("errmsg")) {
            login.setMessage(new StringBuilder(0).append(login.getMessage()).append(LINE_DELIMITER()).append(login.getData().get("errmsg").toString()).toString());
        } else {
            BoxedUnit boxedUnit = BoxedUnit.UNIT;
        }
        return login;
    }

    public abstract Message login(String str, String str2);

    private String getRandomProxyUser() {
        String str = null;
        String[] PROXY_USER_LIST = GatewayConfiguration$.MODULE$.PROXY_USER_LIST();
        int size = new ArrayOps.ofRef(Predef$.MODULE$.refArrayOps(PROXY_USER_LIST)).size();
        if (size <= 0) {
            logger().warn("Invalid Gateway proxy user list");
        } else {
            str = PROXY_USER_LIST[new Random().nextInt(size)];
        }
        return str;
    }

    public Message userControlLogin(String str, String str2, GatewayContext gatewayContext) {
        ObjectRef create = ObjectRef.create(Message$.MODULE$.ok());
        RequestLogin requestLogin = new RequestLogin();
        requestLogin.setUserName(str.toString()).setPassword(str2.toString());
        Utils$.MODULE$.tryCatch(() -> {
            Object ask = this.sender().ask(requestLogin);
            if (!(ask instanceof ResponseLogin)) {
                throw new MatchError(ask);
            }
            ResponseLogin responseLogin = (ResponseLogin) ask;
            ((Message) create.elem).setStatus(Predef$.MODULE$.Integer2int(responseLogin.getStatus()));
            if (StringUtils.isNotBlank(responseLogin.getErrMsg())) {
                ((Message) create.elem).data("errmsg", responseLogin.getErrMsg());
            } else {
                BoxedUnit boxedUnit = BoxedUnit.UNIT;
            }
            if (!BoxesRunTime.equals(BoxesRunTime.boxToInteger(0), responseLogin.getStatus())) {
                create.elem = Message$.MODULE$.error("Invalid username or password, please check and try again later(用户名或密码无效，请稍后再试)");
                return BoxedUnit.UNIT;
            }
            ((Message) create.elem).setStatus(0);
            ((Message) create.elem).setMessage("Login successful(登录成功)");
            String randomProxyUser = this.getRandomProxyUser();
            if (StringUtils.isNotBlank(randomProxyUser)) {
                GatewaySSOUtils$.MODULE$.setLoginUser(gatewayContext, randomProxyUser);
                return ((Message) create.elem).setMessage("Login successful(登录成功)").data("userName", randomProxyUser).data("isAdmin", BoxesRunTime.boxToBoolean(false));
            }
            create.elem = Message$.MODULE$.error("Invalid proxy user, please contact with administrator(代理用户无效，请联系管理员)");
            return BoxedUnit.UNIT;
        }, th -> {
            this.logger().warn("Login rpc request error, err message ", th);
            ((Message) create.elem).setStatus(1);
            ((Message) create.elem).setMessage("System error, please try again later(系统异常，请稍后再试)");
            return ((Message) create.elem).data("errmsg", th.getMessage());
        });
        return (Message) create.elem;
    }

    @Override // org.apache.linkis.gateway.security.AbstractUserRestful
    public Message tryRegister(GatewayContext gatewayContext) {
        Message$.MODULE$.ok();
        return BoxesRunTime.unboxToBoolean(GatewayConfiguration$.MODULE$.USERCONTROL_SWITCH_ON().getValue()) ? userControlRegister(gatewayContext) : Message$.MODULE$.error("请自行实现注册方法！");
    }

    private Message userControlRegister(GatewayContext gatewayContext) {
        Message ok = Message$.MODULE$.ok();
        Gson gson = new Gson();
        RequestRegister requestRegister = new RequestRegister();
        String requestBody = gatewayContext.getRequest().getRequestBody();
        Utils$.MODULE$.tryCatch(() -> {
            requestRegister.setParams(requestBody);
            Object ask = this.sender().ask(requestRegister);
            if (!(ask instanceof ResponseRegister)) {
                throw new MatchError(ask);
            }
            ResponseRegister responseRegister = (ResponseRegister) ask;
            ok.setStatus(responseRegister.getStatus());
            ok.setMessage(responseRegister.getMessage());
            ok.setData(responseRegister.getData());
            ok.setMethod(responseRegister.getMethod());
            this.logger().info(new StringBuilder(49).append("Register rpc success. requestRegister=").append(gson.toJson(requestRegister)).append(", response=").append(gson.toJson(responseRegister)).toString());
            BoxedUnit boxedUnit = BoxedUnit.UNIT;
        }, th -> {
            $anonfun$userControlRegister$2(this, ok, th);
            return BoxedUnit.UNIT;
        });
        if (ok.getData().containsKey("errmsg")) {
            ok.setMessage(new StringBuilder(0).append(ok.getMessage()).append(LINE_DELIMITER()).append(ok.getData().get("errmsg").toString()).toString());
        } else {
            BoxedUnit boxedUnit = BoxedUnit.UNIT;
        }
        return ok;
    }

    public static final /* synthetic */ Object[] $anonfun$clearExpireCookie$1(Cookie[] cookieArr) {
        return Predef$.MODULE$.refArrayOps(cookieArr);
    }

    public static final /* synthetic */ boolean $anonfun$clearExpireCookie$2(Cookie cookie) {
        return cookie.getName().equals(ServerConfiguration$.MODULE$.LINKIS_SERVER_SESSION_TICKETID_KEY().getValue()) || cookie.getName().equals(ServerConfiguration$.MODULE$.LINKIS_SERVER_SESSION_PROXY_TICKETID_KEY().getValue());
    }

    public static final /* synthetic */ void $anonfun$clearExpireCookie$4(UserPwdAbstractUserRestful userPwdAbstractUserRestful, String[] strArr, int i, GatewayContext gatewayContext, Cookie cookie) {
        cookie.setValue((String) null);
        cookie.setPath("/");
        cookie.setMaxAge(0);
        String cookieDomain = GatewaySSOUtils$.MODULE$.getCookieDomain((String) new ArrayOps.ofRef(Predef$.MODULE$.refArrayOps(strArr)).head(), i);
        cookie.setDomain(cookieDomain);
        gatewayContext.getResponse().addCookie(cookie);
        userPwdAbstractUserRestful.logger().info(new StringBuilder(31).append("success clear user cookie: ").append(userPwdAbstractUserRestful.getUserNameAndPWD(gatewayContext)._1()).append("--").append(ServerConfiguration$.MODULE$.LINKIS_SERVER_SESSION_TICKETID_KEY().getValue()).append("--").append(cookieDomain).toString());
    }

    public static final /* synthetic */ void $anonfun$userControlRegister$2(UserPwdAbstractUserRestful userPwdAbstractUserRestful, Message message, Throwable th) {
        userPwdAbstractUserRestful.logger().warn("Register rpc request error. err message ", th);
        message.setStatus(1);
        message.setMessage("System, please try again later(系统异常，请稍后再试)");
    }
}
