package org.nanoframework.extension.shiro.web.component.impl;

import com.google.common.base.Charsets;
import com.google.inject.Inject;
import com.google.inject.Singleton;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AccountException;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.nanoframework.commons.util.SerializableUtils;
import org.nanoframework.commons.util.StringUtils;
import org.nanoframework.extension.shiro.util.ShiroSecurityHelper;
import org.nanoframework.extension.shiro.web.component.Status;
import org.nanoframework.web.server.filter.HttpRequestFilter;
import org.nanoframework.web.server.http.status.HttpStatus;
import org.nanoframework.web.server.http.status.ResultMap;
import org.nanoframework.web.server.mvc.Model;
import org.nanoframework.web.server.mvc.View;

@Singleton
/* loaded from: input_file:org/nanoframework/extension/shiro/web/component/impl/SSOComponentImpl.class */
public class SSOComponentImpl extends AbstractSSOComponent {
    protected static final String ERROR_MODEL_NAME = "error";

    @Inject
    protected ShiroSecurityHelper helper;
    private static final String ACCOUNT_EXCEPTION_CLASS_NAME = AccountException.class.getName();
    private static final String UNKNOWN_ACCOUNT_EXCEPTION_CLASS_NAME = UnknownAccountException.class.getName();
    private static final String INCORRECT_CREDENTIALS_EXCEPTION_CLASS_NAME = IncorrectCredentialsException.class.getName();

    @Override // org.nanoframework.extension.shiro.web.component.impl.AbstractSSOComponent, org.nanoframework.extension.shiro.web.component.SSOComponent
    public String getSession(String str) {
        for (int i = 0; i < ERROR_RETRY; i++) {
            try {
                return super.getSession(str);
            } catch (Throwable th) {
                LOGGER.error("getSession Error: {}, retry {}...", new Object[]{th.getMessage(), Integer.valueOf(i + 1)});
            }
        }
        return "";
    }

    @Override // org.nanoframework.extension.shiro.web.component.impl.AbstractSSOComponent, org.nanoframework.extension.shiro.web.component.SSOComponent
    public String registrySession(String str, String str2) {
        for (int i = 0; i < ERROR_RETRY; i++) {
            try {
                return super.registrySession(str, str2);
            } catch (Throwable th) {
                LOGGER.error("getSession Error: {}, retry {}...", new Object[]{th.getMessage(), Integer.valueOf(i + 1)});
            }
        }
        return "";
    }

    @Override // org.nanoframework.extension.shiro.web.component.impl.AbstractSSOComponent, org.nanoframework.extension.shiro.web.component.SSOComponent
    public View bindSession(String str, String str2) {
        for (int i = 0; i < ERROR_RETRY; i++) {
            try {
                return super.bindSession(str, str2);
            } catch (Throwable th) {
                LOGGER.error("getSession Error: {}, retry {}...", new Object[]{th.getMessage(), Integer.valueOf(i + 1)});
            }
        }
        return unAuthenticated(str);
    }

    @Override // org.nanoframework.extension.shiro.web.component.SSOComponent
    public ResultMap syncSessionAttribute(String str, String str2) {
        try {
            Session session = (Session) SerializableUtils.decode(super.getSession(str));
            ((Map) SerializableUtils.decode(str2)).forEach((obj, obj2) -> {
                session.setAttribute(obj, obj2);
            });
            accessSession(session);
            return HttpStatus.OK.to();
        } catch (Throwable th) {
            LOGGER.error("Sync session error: {}", new Object[]{th.getMessage()});
            return ResultMap.create(th.getMessage(), HttpStatus.INTERNAL_SERVER_ERROR);
        }
    }

    @Override // org.nanoframework.extension.shiro.web.component.SSOComponent
    public ResultMap syncSessionMaxInactiveInternal(String str, Integer num) {
        try {
            Session session = (Session) SerializableUtils.decode(super.getSession(str));
            session.setTimeout(num.intValue() * 1000);
            accessSession(session);
            return HttpStatus.OK.to();
        } catch (Throwable th) {
            LOGGER.error("Sync session error: {}", new Object[]{th.getMessage()});
            return ResultMap.create(th.getMessage(), HttpStatus.INTERNAL_SERVER_ERROR);
        }
    }

    @Override // org.nanoframework.extension.shiro.web.component.SSOComponent
    public View loginFailure(String str) {
        Model model = (Model) HttpRequestFilter.HttpContext.get(Model.class);
        String str2 = (String) ((HttpServletRequest) HttpRequestFilter.HttpContext.get(HttpServletRequest.class)).getAttribute("shiroLoginFailure");
        if (ACCOUNT_EXCEPTION_CLASS_NAME.equals(str2)) {
            model.addAttribute(ERROR_MODEL_NAME, "无效的用户名");
        } else if (UNKNOWN_ACCOUNT_EXCEPTION_CLASS_NAME.equals(str2)) {
            model.addAttribute(ERROR_MODEL_NAME, "用户不存在");
        } else if (INCORRECT_CREDENTIALS_EXCEPTION_CLASS_NAME.equals(str2)) {
            model.addAttribute(ERROR_MODEL_NAME, "密码错误");
        } else if (str2 != null) {
            model.addAttribute(ERROR_MODEL_NAME, "未知错误：" + str2);
        }
        return unAuthenticated(str);
    }

    @Override // org.nanoframework.extension.shiro.web.component.SSOComponent
    public Map<String, Object> login(UsernamePasswordToken usernamePasswordToken, String str) {
        if (StringUtils.isBlank(usernamePasswordToken.getUsername()) || ArrayUtils.isEmpty(usernamePasswordToken.getPassword())) {
            return Status.INVALID_USER_PASS.beanToMap();
        }
        Subject subject = SecurityUtils.getSubject();
        try {
            if (subject.isAuthenticated()) {
                return createOKResult(str);
            }
            subject.login(usernamePasswordToken);
            return subject.isAuthenticated() ? createOKResult(str) : Status.INVALID_AUTH.beanToMap();
        } catch (AuthenticationException e) {
            return authenticationException(e);
        } catch (Throwable th) {
            LOGGER.error("处理异常: {}", new Object[]{th.getMessage()});
            return Status.INTERNAL_SERVER_ERROR.beanToMap();
        }
    }

    protected Map<String, Object> authenticationException(AuthenticationException authenticationException) {
        LOGGER.error("权限认证失败: {}", new Object[]{authenticationException.getMessage()});
        if (authenticationException.getMessage().indexOf("did not match the expected credentials") > -1) {
            return Status.PASSWORD_ERROR.beanToMap();
        }
        Map<String, Object> beanToMap = Status.UNAUTH.beanToMap();
        beanToMap.put("message", authenticationException.getMessage());
        return beanToMap;
    }

    @Override // org.nanoframework.extension.shiro.web.component.SSOComponent
    public ResultMap logout() {
        try {
            Subject subject = SecurityUtils.getSubject();
            if (!subject.isAuthenticated() && !subject.isRemembered()) {
                return Status.UNLOGIN;
            }
            subject.logout();
            return Status.OK;
        } catch (Throwable th) {
            LOGGER.error("处理异常: {}", new Object[]{th.getMessage()});
            return Status.INTERNAL_SERVER_ERROR;
        }
    }

    @Override // org.nanoframework.extension.shiro.web.component.SSOComponent
    public Map<String, Object> isLogined(String str) {
        try {
            Subject subject = SecurityUtils.getSubject();
            return (subject.isAuthenticated() || subject.isRemembered()) ? createOKResult(str) : Status.UNLOGIN.beanToMap();
        } catch (Throwable th) {
            LOGGER.error("登陆校验异常: {}", new Object[]{th.getMessage()});
            return Status.INTERNAL_SERVER_ERROR.beanToMap();
        }
    }

    protected Map<String, Object> createOKResult() {
        Map<String, Object> beanToMap = Status.OK.beanToMap();
        beanToMap.put("username", this.helper.getCurrentUsername());
        return beanToMap;
    }

    protected Map<String, Object> createOKResult(String str) {
        Map<String, Object> createOKResult = createOKResult();
        if (StringUtils.isNotBlank(str)) {
            try {
                createOKResult.put("service", URLDecoder.decode(str, Charsets.UTF_8.name()));
            } catch (UnsupportedEncodingException e) {
                LOGGER.error("service url decode error: {}", new Object[]{e.getMessage()});
            }
        }
        return createOKResult;
    }
}
